TYS 0x06 - willItBounce
This post is part of the Test Your Skills series. You can find an introduction here. And an overview of all TYS’s currently available is over here.
Challenge
The goal of this challenge is to find a way to send a specific input from your host to the “Hidden Service” inside the container (as illustrated by the red arrow) - without changing the docker run command (build and run it exactly the way as shown below) or any of the scripts/files provided.
Study the output of the container carefully - it provides you with very relevant information for this TYS. You are also welcome to read the source code of the scripts contained in the tarball - but don’t change anything!
e-axe@little0ne:~/TYS/willItBounce# docker build -t ftpd .
...
e-axe@little0ne:~/TYS/willItBounce# docker run --rm --name ftpd -p 2121:2121 ftpd
Username: admin
Container local service starting:
Listening on [127.0.0.1] (family 0, port 1051)
[I 2019-08-02 09:57:49] >>> starting FTP server on 172.17.0.2:2121, pid=15 <<<
[I 2019-08-02 09:57:49] concurrency model: async
[I 2019-08-02 09:57:49] masquerade (NAT) address: None
[I 2019-08-02 09:57:49] passive ports: None
Expected value (NTAwODI2Mgo=) not found yet...
Expected value (NTAwODI2Mgo=) not found yet...
...
Download tys_0x06_willItBounce.tar.xz and get started!
Have fun hunting, feel free to post your approach / write-up and let me know if you have any questions, feedback or general comments in the respective twitter thread over here:
https://twitter.com/mytty_project/status/1157326652013199361
Verify the files you download with:
md5sum 4966bdcc24bf691d2a12e9c3b02229cf cdn/tys/tys_0x06_willItBounce.tar.xz
sha1sum bf4db2d0e7ea78e1f1f90e4acf759f610cd58efa cdn/tys/tys_0x06_willItBounce.tar.xz
sha256sum 4afedf9fd290bfe92f078f227e2c7ed2a19dceb1e78949792c1de7940f68e312 cdn/tys/tys_0x06_willItBounce.tar.xz