先记一些命令吧~
2022.11.26 再一次捡起 docker,并且记录了一次成功部署密码学的题目
参考文章
https://blog.soreatu.com/posts/how-to-setup-for-interactive-crypto-problems/
https://4xwi11.github.io/posts/921543e1/#Socat
https://blog.csdn.net/github_38924695/article/details/110531410
# docker 基础
# 查看所有容器的命令:
# 启动一个容器:
# 进入一个容器:
1
2
3
4
| docker exec -it fba /bin/bash
#OCI runtime exec failed: exec failed: unable to start container process: exec: "/bin/bash": stat /bin/bash: no such file or directory: unknown
docker exec -it 容器名 /bin/sh
|
# 删除容器:
# 停止容器:
1
| docker stop [container_id]
|
# 创建镜像:
# 传输文件:
1
2
| docker cp 10704c9eb7bb:/root/test.text /home/vagrant/test.txt #容器往主机传送
docker cp /home/vagrant/test.txt 10704c9eb7bb:/root/test.text #主机往容器传送
|
# 密码学题目搭建
格式需要特别注意,这里给出样例
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
from hashlib import sha256
import socketserver
from secret import flag
import signal
import string
import random
import os
class Task(socketserver.BaseRequestHandler):
def _recvall(self):
BUFF_SIZE = 2048
data = b''
while True:
part = self.request.recv(BUFF_SIZE)
data += part
if len(part) < BUFF_SIZE:
break
return data.strip()
def send(self, msg, newline=True):
try:
if newline:
msg += b'\n'
self.request.sendall(msg)
except:
pass
def recv(self, prompt=b'[-] '):
self.send(prompt, newline=False)
return self._recvall()
def proof_of_work(self):
random.seed(os.urandom(8))
proof = ''.join(
[random.choice(string.ascii_letters+string.digits) for _ in range(20)])
_hexdigest = sha256(proof.encode()).hexdigest()
self.send(f"[+] sha256(XXXX+{proof[4:]}) == {_hexdigest}".encode())
x = self.recv(prompt=b'[+] Plz tell me XXXX: ')
if len(x) != 4 or sha256(x+proof[4:].encode()).hexdigest() != _hexdigest:
return False
return True
def handle(self):
signal.alarm(60)
if not self.proof_of_work():
self.send(b'[!] Wrong!')
return
self.send(b'here is your flag')
self.send(flag)
class ThreadedServer(socketserver.ThreadingMixIn, socketserver.TCPServer):
pass
class ForkedServer(socketserver.ForkingMixIn, socketserver.TCPServer):
pass
if __name__ == "__main__":
HOST, PORT = '0.0.0.0', 10000
server = ForkedServer((HOST, PORT), Task)
server.allow_reuse_address = True
print(HOST, PORT)
server.serve_forever()
|
端口 PORT 需要特别注意对应关系,只修改 handle 中的内容
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
FROM python:3.8-alpine
LABEL Description="Game" VERSION='1.0'
RUN apk update && apk add gcc g++ make openssl-dev python3-dev libffi-dev autoconf
WORKDIR /opt/game
RUN mkdir -p /opt/game
COPY task.py .
COPY secret.py .
RUN python -m pip install --upgrade pip
RUN pip install pycrypto -i https://pypi.tuna.tsinghua.edu.cn/simple/
EXPOSE 10000
CMD ["python", "-u", "task.py"]
|
secret.py 里面就放 flag
搭建环境需要将 Docker,task.py,secret.py 三个文件放置统一目录,之后依次运行如下命令
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
docker build . -t wmctf-game (镜像名字)
docker images
docker run --name game -d -p 10000:10000 wmctf-game
docker container ls
nc 0.0.0.0 10000
|
# 2023.3.11
发现了一个新的 dockerfile 的写法,感谢空白👴
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| FROM ubuntu:22.04
ENV DEBIAN_FRONTEND noninteractive
RUN apt-get update && apt-get install -y socat python3
RUN groupadd -r ctf && useradd -r -g ctf ctf
RUN chmod 1733 /tmp /var/tmp /dev/shm
WORKDIR /home/ctf
ADD server.py .
RUN chmod 500 ./server.py
RUN chown ctf:root . -R
ADD flag /flag
RUN chmod 444 /flag
USER ctf
CMD socat TCP-L:11411,fork,reuseaddr EXEC:"python3 ./server.py",pty,stderr,setsid,sane,raw,echo=0
EXPOSE 11411
|
注意在 vps 里把防火墙修改一下即可,这样密码学的附件不需要更改格式。
3.17 发现一个问题,这样构造的不能引入第三方包,需要修改
# 将虚拟机中的环境放至服务器中
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| #首先将容器打包
docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]]
docker commit fd010ab37bf3 xxxx:latest
#打包镜像
docker save [OPTIONS] IMAGE [IMAGE...]
docker save -o xxxx.tar xxxx:latest
#服务器中载入镜像
docker load [OPTIONS]
docker load --input xxxx.tar
docker load < xxxx.tar
#运行docker并映射端口
docker run -d -p "0.0.0.0:9998:10000" -h "latest" --name="xxxx" game
|
之后在外部可以运行命令 nc ip:9998 与靶机进行交互
