From 3a1051f8bf71fa47f5d2a9f1ea1b2d05c98caab8 Mon Sep 17 00:00:00 2001 From: XuCcc <2604133533@qq.com> Date: Wed, 21 Feb 2018 22:08:37 +0800 Subject: [PATCH] feat: add Docker demo --- README.md | 5 ++++- demo/Dockerfile | 34 ++++++++++++++++++++++++++++++ demo/README.md | 14 ++++++++++++ demo/RUN.sh | 3 +++ demo/bin/flag | 0 demo/bin/pwn | Bin 0 -> 9037 bytes {docker => demo}/requirements.txt | 0 {docker => demo}/send.py | 2 +- demo/start.sh | 5 +++++ demo/xinetd.conf | 12 +++++++++++ 10 files changed, 73 insertions(+), 2 deletions(-) create mode 100644 demo/Dockerfile create mode 100644 demo/README.md create mode 100644 demo/RUN.sh create mode 100644 demo/bin/flag create mode 100644 demo/bin/pwn rename {docker => demo}/requirements.txt (100%) rename {docker => demo}/send.py (94%) create mode 100644 demo/start.sh create mode 100644 demo/xinetd.conf diff --git a/README.md b/README.md index cc09e87..3820224 100644 --- a/README.md +++ b/README.md @@ -5,9 +5,11 @@ ## Usage 1. New a Online Challenges with a random token. -2. Copy the token into [send.py](docker/send.py) and change the platfrom url. +2. Copy the token into [send.py](demo/send.py) and change the platfrom url. 3. Copy the `send.py` into your Online envirenment and run it. +* Dockerfile [demo](demo/README.md) + ## Install **Requires**: [CTFd >= 1.1.2](https://github.com/CTFd/CTFd/releases/tag/1.1.2) @@ -19,6 +21,7 @@ ## TODO +- [x] Useage demo - [ ] Regenerate the flag when it accessed - [ ] More detailed log file in Serve and Client - [ ] Optimize Web UI diff --git a/demo/Dockerfile b/demo/Dockerfile new file mode 100644 index 0000000..e66e57e --- /dev/null +++ b/demo/Dockerfile @@ -0,0 +1,34 @@ +FROM ubuntu:16.04 + +RUN dpkg --add-architecture i386 +RUN sed -i "s/http:\/\/archive.ubuntu.com/http:\/\/mirrors.aliyun.com/g" /etc/apt/sources.list +RUN apt-get update && apt-get -y dist-upgrade +RUN apt-get install -y xinetd libc6:i386 libncurses5:i386 libstdc++6:i386 +RUN apt-get install -y python2.7 python-pip + +RUN useradd -m ctf + +COPY ./bin/* /home/ctf/ +COPY ./xinetd.conf /etc/xinetd.d/ctf +COPY ./start.sh /root/ +COPY ./send.py /root/ +COPY ./requirements.txt /root/ + +RUN pip install -r /root/requirements.txt + +# xinted 连接失败信息 +RUN echo "Blocked by xinetd" > /etc/banner_fail + +RUN chown -R root:ctf /home/ctf &&\ +chmod -R 750 /home/ctf &&\ +chmod 740 /home/ctf/flag + +# flag 日志 +RUN touch /root/log +RUN chmod 700 /root/* + +WORKDIR /home/ctf + +CMD ["/root/start.sh"] + +EXPOSE 9999 diff --git a/demo/README.md b/demo/README.md new file mode 100644 index 0000000..8dc62f5 --- /dev/null +++ b/demo/README.md @@ -0,0 +1,14 @@ +# Docker demo + +## Usage + +* run `bash RUN.sh` + +## Note + +**Ensure your send.py and log file privileges are correct so ctfers can't read your challenge token and flag log** + +```dockerfile +RUN touch /root/log +RUN chmod 700 /root/* +``` \ No newline at end of file diff --git a/demo/RUN.sh b/demo/RUN.sh new file mode 100644 index 0000000..bb89304 --- /dev/null +++ b/demo/RUN.sh @@ -0,0 +1,3 @@ +#!/bin/sh +docker build -t "pwn" . +docker run -d -p 9999:9999 --name="pwn" pwn diff --git a/demo/bin/flag b/demo/bin/flag new file mode 100644 index 0000000..e69de29 diff --git a/demo/bin/pwn b/demo/bin/pwn new file mode 100644 index 0000000000000000000000000000000000000000..cc76e7df68f81aa098fe128d02874e93ebbd7273 GIT binary patch literal 9037 zcmeHMeQ;FO6~DWigb-k}P}B%24+RIoEa5{4Fv#0{v0)N|F##P3Z#UVOWXonZ-F<6_ zT4fA4W)w|l>`2=`q|;8-{-uAkrRqp1R_wGLu`_jWT4xwPXaaQxN2IAm)8D!8p53=E zNozaP|9X>s=bYd9xaZz?Ki+%yk@}_vug4>}c*UK9q)3S_A^R%C3-hI@uxc?|=;9`^ zSd;)M#!r_TqBh5LLWO2ps_cBAMfg>FZJ^q#ONQwUHY}KOhD52pe9;wa(~subB2ytW z36LM<8t_XIG$I+M5tT>3qU=W^`K?fXE0iD8Gb%Br+&*d>{n}K#Hm?qeWSxkplh-^Y zTPnLgwqnFzDw86pE*YkKZCEg6zq{Z!OX@@D60*b^OtNCD|?>aC8rOyj>TM&m)U&g=H7TXOn-wvY#lANRIBg zb3Ai&4P z{%FI?k-LKaq2kY$&R?(ae`En=gOBHByf$~4N^;@$wA+qz^;W_p&66tue zcpo6oXQ!w?!$VsqN?>5!luKb@`w0!Z0PH8vbc{a;m+~cIJOfHGP8>zU#pB(H$hx8aTR6YYQc4!k`XkL*O6v3ag8|*28DK_hOldZg^$#qd*vWC z4UGa3W7`x;z%H1{l*g_I`Wrj)Uh;kKOGM5P_cn2l68CH3Mu>ZrxaWv_nK&0r@`y66k++yyy@-3_JYjDG8#iGjhpHTZp*^AD$iwh?J`N3)-qx>d>}sl{qBh8H;#8l<@<-(PU3LZpEWX%2bM(-gtMG@{&?t6dO}o1ZCk! zGFw-uoh{m)(7jq)i?+SKO>1mhiXxWB@Lwis22BmWrJ}yIwWW0_^{Z#GZwoy;(H?T< zi^<6sK>PnOIe7rI12^*w=yRZ#Kz|7uz{>e|&??X^7&yB?4bXm24a05(bOiJ)C>46H zq2hU*ik-bp!A^F zwrI=Bb<1uhm~60Yio<9_4FMs4;4yFQypnIDVu+-V;rBfBi$HVw_Pm}(?hm2Yo%#p! z`X2*7`7h$X0sV*2FLU}EdH;`q{{{NjoO>hLQ<-#v~#HVLTl2cGuU`zxOE)%&$0 zMfLs_PZo#$RgaZ~{nbOWn*DmhUmfySh5RdO{928_0`@ijQrYiKi1QNS*fWTN{lEOD zJ)q6fZ5O60fEwPpXDs!aC5{%`_IRk1CS%w^+$ECaK7=2wI`^G)}3o z{`0RUQzRet>O^wyd~f+|nV-2vy|&EHgbxY3%u%#L(Q6cCLJvH$;PHV9kD0Sl%Fknd zhPzJTqeZ&p7#~qG=Ut`j_*stY#}Xmi6H)fqbfnDvdP&K3O0UBF&k4WBx+{8D-PiMq zUQx89M3<)5DtfD;8x(C&bho1JxZ7)MH)|`}JF`hEtE~@K2iI4w%}Qy_!)w+DtJVkC z-DcxL1T%wuRWyNX z3dRPLh-Xs^I}2&2!3^_F(>-T`)uRXkWYwRi_XTm!Pc0j@X&Wh#>a=KJ44>9{lfQ zntwFbc$`;zbx8T|FFgMwhzpNPmTv(=W1junygH=(_YF--`AbormE0O!o&J_rm$;<@ zE|XIJ;`XnD>I&uv*MHQjOXH(1|6+;e*AXR(onUB9VE<9C4oQen1(d1=mjEM{=QGdW z-N0zgV1HhR-ckz*uRAc2#od4VfYO|2f1c-cs-f2^KhB@+nC^$3))1C?9f>G^UU%I2 ztFYn$Fl5U9yl#!S{JDO2`wzMNc^w>8{%2K1wiM@n>Q5m5=CgMzA+^x+ zde8Q%TUZpwlz*=O)jm0*96Knuqj3K*^a2<%VgE~Ix>WIZ!o5<;U)=To94e>(t~t6i z-laCmXZ}t7qp+q=pxjNouk&|9cfM}*sNB9=^`{`8(AFH4268Z7DA^eh~_%zfjK|{9!D@j*7A$ z)5|XZi1Lr91UXL*!+tD(0fsPcKYcc#(m#X0JKiL0DgP>RauoJo<-mwl-I=3we86=( zO@E*&;`Ntx?C+F$>@!Amg?iAerp*QAM*J%AX5d7pGDeaM9Oze2ny_qvy63T*2#dAwDm6o>YkY1+Sxpc)1u+>ti7v$eo82;`0Ts zXNCBJ-1|o%{*BywMq*23N!}-}!THa0__c!90jHBs;BA5Dw?p9*6@urj1IB2` zf6p((-MgYauZqN{G#v{H?YSPj1-tX7>ERXg#E9DO*eR&+Q5POkxR|B0sibs%;X$4U zRJ(Y7bW40{e;xr&_2%9uWfUR4C+(-+m*c>vYZuis9ZsL}JU9tCH&+LjFTV#nT|bb; zbaCF3t_!A&hYK>!)cgLKvgiFzinx>@QO`8@{RZF*&=2(0n+h*8w*%KCQg{gipYD8T zue6^!etLjY{HN9Z;t@mNr=~ksdK7p7Xu6>9 zS0z4AjH`Cls6^>tklOpA!gYoFfm6HO^J_71P1!ifO5pRo6{6QQPd5^dCly|Q_&KTp zIMqwX7F0}m6=FB=0OrL(SDgEleZ)1tIu*XERF@H!sW|&p9QS=0Q1*0ALgh7i72+Y_ zn&O>gMA|zMoB!zy_-nwaAKdl6HADOlWSpt%|Cq$*iDuXR5?yHvAE5EYy99K5I-ymEZl0h%`1*ZK2$u%hAF=(*j3mE zy@dw$8E_$H9~Bp3bZ%UTOgS$uRO9eL=9D|1K#LtYyUv!O%cKk(48+h}qp<}oi^Y>h zHe;f1^F2jrh0