1. Kevin Hamacher Avatar Kevin Hamacher
  2. Untitled project
  3. RAF3
  4. Issues

Server terminates sometimes

Issue #14 resolved
Flozza created an issue

Hard to describe what's special but at least this time I have some details!

There are two TCP conversations running. One to fetch the target list, the other to submit flags. I attached the pcap dump of those two conversation (there is a third, empty, one that resembles an attempt to submit flags to the gameserver).

Also the program creates a core dump (which I also attached) and gives the following output:

[!!]           server.cpp:140 (                main) - RAF3 -- Server starting.
[!!] submitter/raw_submit.cpp:193 (       initSubmitter) - Initializing [127.0.0.1:9001]
[!!]           server.cpp:213 (                main) - Using mysql as database type
[!!]           server.cpp:224 (                main) - host=192.168.1.30 user=*** pass=*** name=***
[DD]      db/db_mysql.cpp:063 (                init) - Preparing statements...
[!!]           server.cpp:301 (                main) - Server running on 0.0.0.0:1338
[DD]           server.cpp:302 (                main) - Starting submit-thread
[DD]      db/db_mysql.cpp:222 (     getPendingFlags) - cDB_mysql::getPendingFlags() got 1772 pending flags.
[!!] submitter/raw_submit.cpp:207 (          submitFlag) - gameserverThread isn't running, starting.
[EE] submitter/raw_submit.cpp:084 (    gameserverThread) - submitFlag() Could not connect socket. Trying again in 30s.
[DD]           server.cpp:323 (                main) - Client accepted at socket 5
[DD]           server.cpp:425 (        handleClient) - [0] Handling client, socknr[5]
[DD]           server.cpp:476 (        handleClient) - [0] Service: bad-perl-service     Vuln: login-sqli          
[DD]           server.cpp:323 (                main) - Client accepted at socket 7
[DD]           server.cpp:425 (        handleClient) - [1] Handling client, socknr[7]
[DD]           server.cpp:476 (        handleClient) - [1] Service: bad-perl-service     Vuln: login-sqli          
[DD]      db/db_mysql.cpp:063 (                init) - Preparing statements...
[DD]      db/db_mysql.cpp:063 (                init) - Preparing statements...
[DD]           server.cpp:531 (        handleClient) - [0][E:1] OP=get_targets
[DD]      db/db_mysql.cpp:411 (      getIPsToAttack) - We got 4 IPs to attack for exploitID = 1
[DD]           server.cpp:531 (        handleClient) - [1][E:1] OP=submit_flag
terminate called after throwing an instance of 'std::runtime_error'
  what():  Type is not convertible to string
Aborted (core dumped)

I hope this helps in finding the source of the problem. I am sure my client did something weird but from the traffic it looks pretty normal...

Comments (2)

  1. Kevin Hamacher repo owner

    The "IP"-string at the submit_flag-operation is an integer, I'll add a check soon.

  3. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Component
Votes
0
Watchers
2
Jira: the preferred issue tracker for Bitbucket. Join the team!