Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# Name

Binary: Exploitation techniques: challenge-shellcode-after
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# Stage 1: Building the executable (glibc build on Debian)
FROM debian:11-slim AS builder
RUN apt-get update && apt-get install -y --no-install-recommends \
build-essential make ca-certificates \
&& mkdir -p /tmp/build

COPY src/vuln.c src/Makefile /tmp/build/
WORKDIR /tmp/build

RUN make \
&& mv vuln /tmp/pinpoint \
&& make clean \
&& rm -rf /tmp/build \
&& apt-get purge -y --auto-remove build-essential make \
&& rm -rf /var/lib/apt/lists/*

# Stage 2: Final image
FROM debian:11-slim
RUN apt -y update
RUN apt -y install xinetd

RUN useradd -m -d /home/ctf -s /bin/bash ctf
RUN mkdir /home/ctf/pinpoint
COPY flag /home/ctf
COPY --from=builder tmp/pinpoint /home/ctf/pinpoint/

RUN chown -R root:ctf /home/ctf
RUN chmod 750 /home/ctf
RUN chmod 750 /home/ctf/pinpoint
RUN chmod 750 /home/ctf/pinpoint/pinpoint
RUN chmod 440 /home/ctf/flag

COPY xinetd.conf /etc/xinetd.d/pinpoint

WORKDIR /
COPY ./run.sh /usr/local/bin/
CMD ["/usr/local/bin/run.sh"]
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
EXTERNAL_PORT := 31346
INTERNAL_PORT := 80
NAME := exploitation-techniques_shellcode-after
FLAG := $(shell cat ../flag)

run: build
docker run -d -p $(EXTERNAL_PORT):$(INTERNAL_PORT) --name $(NAME) -t $(NAME)

build:
docker build --build-arg FLAG=$(FLAG) -t $(NAME) -f Dockerfile ..

stop:
docker stop $(NAME)

clean: stop
docker rm $(NAME)
docker image rm $(NAME):latest

.PHONY: run build stop clean
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
namespace: exploitation-techniques

challenge:
name: shellcode-after
category: exploitation-techniques

image:
repository: ghcr.io/open-education-hub/binary-security/exploitation-techniques/challenge-shellcode-after
tag: latest
pullPolicy: Always

containerPort: 80

service:
type: NodePort
port: 80
nodePort: 31346

healthCheck:
enabled: true
path: "/shellcode-after"
initialDelaySeconds: 5
periodSeconds: 15
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
SSS{13}
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#!/bin/sh
set -e
chmod +x /home/ctf/pinpoint/pinpoint || true
exec /usr/sbin/xinetd -dontfork -f /etc/xinetd.conf

Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
service classic
{
disable = no
type = UNLISTED
bind = 0.0.0.0
server = /home/ctf/pinpoint/pinpoint
port = 80
socket_type = stream
protocol = tcp
user = ctf
wait = no
}