先记一些命令吧~
2022.11.26 再一次捡起 docker,并且记录了一次成功部署密码学的题目
参考文章
https://blog.soreatu.com/posts/how-to-setup-for-interactive-crypto-problems/
https://4xwi11.github.io/posts/921543e1/#Socat
https://blog.csdn.net/github_38924695/article/details/110531410
# docker 基础
# 查看所有容器的命令:
# 启动一个容器:
# 进入一个容器:
1 2 3 4
| docker exec -it fba /bin/bash
#OCI runtime exec failed: exec failed: unable to start container process: exec: "/bin/bash": stat /bin/bash: no such file or directory: unknown docker exec -it 容器名 /bin/sh
|
# 删除容器:
# 停止容器:
1
| docker stop [container_id]
|
# 创建镜像:
# 传输文件:
1 2
| docker cp 10704c9eb7bb:/root/test.text /home/vagrant/test.txt #容器往主机传送 docker cp /home/vagrant/test.txt 10704c9eb7bb:/root/test.text #主机往容器传送
|
# 密码学题目搭建
格式需要特别注意,这里给出样例
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69
| from hashlib import sha256 import socketserver from secret import flag import signal import string import random import os
class Task(socketserver.BaseRequestHandler): def _recvall(self): BUFF_SIZE = 2048 data = b'' while True: part = self.request.recv(BUFF_SIZE) data += part if len(part) < BUFF_SIZE: break return data.strip()
def send(self, msg, newline=True): try: if newline: msg += b'\n' self.request.sendall(msg) except: pass
def recv(self, prompt=b'[-] '): self.send(prompt, newline=False) return self._recvall()
def proof_of_work(self): random.seed(os.urandom(8)) proof = ''.join( [random.choice(string.ascii_letters+string.digits) for _ in range(20)]) _hexdigest = sha256(proof.encode()).hexdigest() self.send(f"[+] sha256(XXXX+{proof[4:]}) == {_hexdigest}".encode()) x = self.recv(prompt=b'[+] Plz tell me XXXX: ') if len(x) != 4 or sha256(x+proof[4:].encode()).hexdigest() != _hexdigest: return False return True
def handle(self): signal.alarm(60) if not self.proof_of_work(): self.send(b'[!] Wrong!') return
self.send(b'here is your flag') self.send(flag)
class ThreadedServer(socketserver.ThreadingMixIn, socketserver.TCPServer): pass
class ForkedServer(socketserver.ForkingMixIn, socketserver.TCPServer): pass
if __name__ == "__main__": HOST, PORT = '0.0.0.0', 10000 server = ForkedServer((HOST, PORT), Task) server.allow_reuse_address = True print(HOST, PORT) server.serve_forever()
|
端口 PORT
需要特别注意对应关系,只修改 handle 中的内容
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
| FROM python:3.8-alpine LABEL Description="Game" VERSION='1.0'
RUN apk update && apk add gcc g++ make openssl-dev python3-dev libffi-dev autoconf
WORKDIR /opt/game RUN mkdir -p /opt/game
COPY task.py . COPY secret.py .
RUN python -m pip install --upgrade pip RUN pip install pycrypto -i https://pypi.tuna.tsinghua.edu.cn/simple/
EXPOSE 10000 CMD ["python", "-u", "task.py"]
|
secret.py 里面就放 flag
搭建环境需要将 Docker,task.py,secret.py
三个文件放置统一目录,之后依次运行如下命令
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
| docker build . -t wmctf-game (镜像名字)
docker images
docker run --name game -d -p 10000:10000 wmctf-game
docker container ls
nc 0.0.0.0 10000
|
# 2023.3.11
发现了一个新的 dockerfile 的写法,感谢空白👴
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
| FROM ubuntu:22.04 ENV DEBIAN_FRONTEND noninteractive RUN apt-get update && apt-get install -y socat python3 RUN groupadd -r ctf && useradd -r -g ctf ctf RUN chmod 1733 /tmp /var/tmp /dev/shm
WORKDIR /home/ctf
ADD server.py . RUN chmod 500 ./server.py RUN chown ctf:root . -R
ADD flag /flag RUN chmod 444 /flag
USER ctf CMD socat TCP-L:11411,fork,reuseaddr EXEC:"python3 ./server.py",pty,stderr,setsid,sane,raw,echo=0 EXPOSE 11411
|
注意在 vps 里把防火墙修改一下即可,这样密码学的附件不需要更改格式。
3.17 发现一个问题,这样构造的不能引入第三方包,需要修改
# 将虚拟机中的环境放至服务器中
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
| #首先将容器打包 docker commit [OPTIONS] CONTAINER [REPOSITORY[:TAG]] docker commit fd010ab37bf3 xxxx:latest
#打包镜像 docker save [OPTIONS] IMAGE [IMAGE...] docker save -o xxxx.tar xxxx:latest
#服务器中载入镜像 docker load [OPTIONS] docker load --input xxxx.tar docker load < xxxx.tar
#运行docker并映射端口 docker run -d -p "0.0.0.0:9998:10000" -h "latest" --name="xxxx" game
|
之后在外部可以运行命令 nc ip:9998
与靶机进行交互