-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathexploitTrace.strace
130 lines (130 loc) · 9.01 KB
/
exploitTrace.strace
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
458 execve("./prset03", ["./prset03", "verify", "Makefile", "H\203\354pH1\311H\211\312H\211T$(H\272/bin//shH\211T$ H\215"...], [/* 16 vars */]) = 0
458 brk(0) = 0x603000
458 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
458 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7ff6000
458 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
458 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
458 fstat(3, {st_mode=S_IFREG|0644, st_size=53561, ...}) = 0
458 mmap(NULL, 53561, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7ffff7fe8000
458 close(3) = 0
458 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
458 open("/lib/x86_64-linux-gnu/libssl.so.1.0.0", O_RDONLY|O_CLOEXEC) = 3
458 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P.\1\0\0\0\0\0"..., 832) = 832
458 fstat(3, {st_mode=S_IFREG|0644, st_size=383112, ...}) = 0
458 mmap(NULL, 2478416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ffff7b7c000
458 mprotect(0x7ffff7bd0000, 2097152, PROT_NONE) = 0
458 mmap(0x7ffff7dd0000, 40960, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x54000) = 0x7ffff7dd0000
458 close(3) = 0
458 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
458 open("/lib/x86_64-linux-gnu/libcrypto.so.1.0.0", O_RDONLY|O_CLOEXEC) = 3
458 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\356\5\0\0\0\0\0"..., 832) = 832
458 fstat(3, {st_mode=S_IFREG|0644, st_size=1926432, ...}) = 0
458 mmap(NULL, 4036760, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ffff77a2000
458 mprotect(0x7ffff7953000, 2093056, PROT_NONE) = 0
458 mmap(0x7ffff7b52000, 155648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b0000) = 0x7ffff7b52000
458 mmap(0x7ffff7b78000, 14488, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7ffff7b78000
458 close(3) = 0
458 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
458 open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
458 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\37\2\0\0\0\0\0"..., 832) = 832
458 fstat(3, {st_mode=S_IFREG|0755, st_size=1840928, ...}) = 0
458 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7fe7000
458 mmap(NULL, 3949248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ffff73dd000
458 mprotect(0x7ffff7598000, 2093056, PROT_NONE) = 0
458 mmap(0x7ffff7797000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ba000) = 0x7ffff7797000
458 mmap(0x7ffff779d000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7ffff779d000
458 close(3) = 0
458 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
458 open("/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
458 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\16\0\0\0\0\0\0"..., 832) = 832
458 fstat(3, {st_mode=S_IFREG|0644, st_size=14664, ...}) = 0
458 mmap(NULL, 2109744, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ffff71d9000
458 mprotect(0x7ffff71dc000, 2093056, PROT_NONE) = 0
458 mmap(0x7ffff73db000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7ffff73db000
458 close(3) = 0
458 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7fe6000
458 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7fe4000
458 arch_prctl(ARCH_SET_FS, 0x7ffff7fe4740) = 0
458 mprotect(0x7ffff7797000, 16384, PROT_READ) = 0
458 mprotect(0x7ffff73db000, 4096, PROT_READ) = 0
458 mprotect(0x7ffff7b52000, 110592, PROT_READ) = 0
458 mprotect(0x7ffff7dd0000, 12288, PROT_READ) = 0
458 mprotect(0x601000, 4096, PROT_READ) = 0
458 mprotect(0x7ffff7ffc000, 4096, PROT_READ) = 0
458 munmap(0x7ffff7fe8000, 53561) = 0
458 brk(0) = 0x603000
458 brk(0x624000) = 0x624000
458 getcwd("/home/currentanalyst/prset03", 4096) = 29
458 lstat("/home/currentanalyst/prset03/Makefile", {st_mode=S_IFREG|0664, st_size=170, ...}) = 0
458 open("/home/currentanalyst/prset03/Makefile", O_RDONLY) = 3
458 fstat(3, {st_mode=S_IFREG|0664, st_size=170, ...}) = 0
458 mmap(NULL, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7ee4000
458 read(3, ".PHONY: all clean\n\nCC = clang\nCF"..., 1048576) = 170
458 read(3, "", 1048576) = 0
458 close(3) = 0
458 munmap(0x7ffff7ee4000, 1048576) = 0
458 fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
458 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7ff5000
458 write(1, "ERROR: invalid hash byte (H\203)\n", 30) = 30
458 execve("/bin//sh", ["/bin//sh"], [/* 0 vars */]) = 0
458 brk(0) = 0x555555774000
458 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
458 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7ff6000
458 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
458 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
458 fstat(3, {st_mode=S_IFREG|0644, st_size=53561, ...}) = 0
458 mmap(NULL, 53561, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7ffff7fe8000
458 close(3) = 0
458 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
458 open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
458 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\37\2\0\0\0\0\0"..., 832) = 832
458 fstat(3, {st_mode=S_IFREG|0755, st_size=1840928, ...}) = 0
458 mmap(NULL, 3949248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7ffff7a15000
458 mprotect(0x7ffff7bd0000, 2093056, PROT_NONE) = 0
458 mmap(0x7ffff7dcf000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ba000) = 0x7ffff7dcf000
458 mmap(0x7ffff7dd5000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7ffff7dd5000
458 close(3) = 0
458 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7fe7000
458 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7ffff7fe5000
458 arch_prctl(ARCH_SET_FS, 0x7ffff7fe5740) = 0
458 mprotect(0x7ffff7dcf000, 16384, PROT_READ) = 0
458 mprotect(0x55555576f000, 8192, PROT_READ) = 0
458 mprotect(0x7ffff7ffc000, 4096, PROT_READ) = 0
458 munmap(0x7ffff7fe8000, 53561) = 0
458 getpid() = 458
458 rt_sigaction(SIGCHLD, {0x555555566460, ~[RTMIN RT_1], SA_RESTORER, 0x7ffff7a4bd40}, NULL, 8) = 0
458 geteuid() = 1000
458 getppid() = 453
458 brk(0) = 0x555555774000
458 brk(0x555555795000) = 0x555555795000
458 getcwd("/home/currentanalyst/prset03", 4096) = 29
458 ioctl(0, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B9600 opost isig icanon echo ...}) = 0
458 ioctl(1, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B9600 opost isig icanon echo ...}) = 0
458 rt_sigaction(SIGINT, NULL, {SIG_DFL, [], 0}, 8) = 0
458 rt_sigaction(SIGINT, {0x555555566460, ~[RTMIN RT_1], SA_RESTORER, 0x7ffff7a4bd40}, NULL, 8) = 0
458 rt_sigaction(SIGQUIT, NULL, {SIG_DFL, [], 0}, 8) = 0
458 rt_sigaction(SIGQUIT, {SIG_IGN, ~[RTMIN RT_1], SA_RESTORER, 0x7ffff7a4bd40}, NULL, 8) = 0
458 rt_sigaction(SIGTERM, NULL, {SIG_DFL, [], 0}, 8) = 0
458 rt_sigaction(SIGTERM, {SIG_IGN, ~[RTMIN RT_1], SA_RESTORER, 0x7ffff7a4bd40}, NULL, 8) = 0
458 open("/dev/tty", O_RDWR) = 3
458 fcntl(3, F_DUPFD, 10) = 10
458 close(3) = 0
458 fcntl(10, F_SETFD, FD_CLOEXEC) = 0
458 ioctl(10, TIOCGPGRP, [453]) = 0
458 getpgrp() = 453
458 rt_sigaction(SIGTSTP, NULL, {SIG_DFL, [], 0}, 8) = 0
458 rt_sigaction(SIGTSTP, {SIG_IGN, ~[RTMIN RT_1], SA_RESTORER, 0x7ffff7a4bd40}, NULL, 8) = 0
458 rt_sigaction(SIGTTOU, NULL, {SIG_DFL, [], 0}, 8) = 0
458 rt_sigaction(SIGTTOU, {SIG_IGN, ~[RTMIN RT_1], SA_RESTORER, 0x7ffff7a4bd40}, NULL, 8) = 0
458 rt_sigaction(SIGTTIN, NULL, {SIG_DFL, [], 0}, 8) = 0
458 rt_sigaction(SIGTTIN, {SIG_DFL, ~[RTMIN RT_1], SA_RESTORER, 0x7ffff7a4bd40}, NULL, 8) = 0
458 setpgid(0, 458) = 0
458 ioctl(10, SNDRV_TIMER_IOCTL_SELECT or TIOCSPGRP, [458]) = 0
458 wait4(-1, 0x7fffffffea5c, WNOHANG|WSTOPPED, NULL) = -1 ECHILD (No child processes)
458 write(2, "$ ", 2) = 2
458 read(0, "exit\n", 8192) = 5
458 ioctl(10, SNDRV_TIMER_IOCTL_SELECT or TIOCSPGRP, [453]) = 0
458 setpgid(0, 453) = 0
458 close(10) = 0
458 exit_group(0) = ?
458 +++ exited with 0 +++