digital-forensics-labs/SecGen
1
0
Fork 0
mirror of https://github.com/cliffe/SecGen.git synced 2026-02-22 03:38:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

WiP: fix resource confict. (get the 00_angr_find.c.template to build + test it, then update other XX_angr_.* to use same pattern).

Browse Source
This commit is contained in:
thomashaw
2018-10-29 21:43:31 +00:00
parent 96a426bc29
commit 32c8f1dc73
5 changed files with 142 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
modules/build/puppet/secgen_functions/manifests/install_setgid_binary.pp
View File

@@ -17,11 +17,13 @@ define secgen_functions::install_setgid_binary (
if $account {
$username = $account['username']
::accounts::user { $username:
shell => '/bin/bash',
password => pw_hash($account['password'], 'SHA-512', 'mysalt'),
managehome => true,
home_mode => '0755',
if ! User[$username] {
::accounts::user { $username:
shell => '/bin/bash',
password => pw_hash($account['password'], 'SHA-512', 'mysalt'),
managehome => true,
home_mode => '0755',
}
}
$storage_directory = "/home/$username"
@@ -45,11 +47,11 @@ define secgen_functions::install_setgid_binary (
# Create challenge directory
::secgen_functions::create_directory { "create_$challenge_directory":
path => $challenge_directory,
notify => File["create_$compile_directory"],
notify => File["create-$compile_directory-$challenge_name"],
}
# Move contents of the module's files directory into compile directory
file { "create_$compile_directory":
file { "create-$compile_directory-$challenge_name":
path => $compile_directory,
ensure => directory,
recurse => true,
@@ -60,7 +62,7 @@ define secgen_functions::install_setgid_binary (
exec { "gcc_$challenge_name-$compile_directory":
cwd => $compile_directory,
command => "/usr/bin/make",
require => File["create_$compile_directory"]
require => File["create-$compile_directory-$challenge_name"]
}
# Move the compiled binary into the challenge directory

30
modules/utilities/unix/ctf/metactf/files/repository/src_angr/00_angr_find/00_angr_find.c.templite
View File

@@ -28,6 +28,34 @@ int complex_function(int value, int i) {
return ((value - 'A' + (LAMBDA * i)) % ('Z' - 'A' + 1)) + 'A';
}
void printflag()
{
int fd;
int len;
unsigned char data[128];
fd = open("flag", O_RDONLY);
if ( fd <= 0 ) {
printf("Failed to open flag.\n");
return;
}
len = lseek( fd, 0, SEEK_END);
lseek(fd, 0, SEEK_SET);
if ( len > 128 ) {
len = 128;
}
memset(data, 0, 128);
read( fd, data, len);
close(fd);
printf("%s\n", data);
return;
}
int main(int argc, char* argv[]) {
char buffer[9];
@@ -43,6 +71,6 @@ int main(int argc, char* argv[]) {
if (strcmp(buffer, USERDEF)) {
printf("Try again.\n");
} else {
printf("Good Job.\n");
printflag();
}
}

60
modules/utilities/unix/ctf/metactf/manifests/install.pp
View File

@@ -1,12 +1,27 @@
class metactf::install {
$secgen_params = secgen_functions::get_parameters($::base64_inputs_file)
$install_dir = '/opt/metactf'
$challenge_list = $secgen_params['challenge_list']
$flags = $secgen_params['flags']
$groups = $secgen_params['groups']
$raw_account = $secgen_params['account'][0]
$account = parsejson($raw_account)
$username = $account['username']
# TODO : Test me with dynamic challenge directory...
# if $secgen_params['challenge_directory'][0] != undef {
# $challenge_directory = $secgen_params['challenge_directory'][0]
# } else {
$storage_dir = "/home/$username/challenges"
# }
Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
file { $install_dir:
ensure => directory,
ensure => directory,
recurse => true,
source => 'puppet:///modules/metactf/repository',
source => 'puppet:///modules/metactf/repository',
}
exec { 'set install.sh mode':
@@ -17,14 +32,45 @@ class metactf::install {
command => "/bin/bash $install_dir/install.sh"
}
# Determine how best to generate individual challenges at scenario level.
# For now just build all of the binaries.
exec { 'build ctf_angr binaries':
command => "/bin/make /opt/metactf/src_angr/"
}
# Modify the 'users file' to use accounts{} ? Do we even bother? It appears to only be used on the webapp anyway.
# The filename is irrelevant.
# Move the challenges based on account name and challenge name.
# Move the challenges based on account name.
$challenge_pairs = zip($challenge_list, $flags)
$challenge_pairs.each |$counter, $challenge_pair| {
$challenge_path = $challenge_pair[0]
$flag = $challenge_pair[1]
$split_challenge = split($challenge_path, '/')
$metactf_challenge_type = $split_challenge[0]
$challenge_name = $split_challenge[1]
$group = $groups[$counter]
if $group {
::secgen_functions::install_setgid_binary { "metactf_$challenge_name":
source_module_name => $module_name,
challenge_name => $challenge_name,
group => $group,
account => $account,
flag => $flag,
flag_name => 'flag',
storage_dir => $storage_dir,
strings_to_leak => $secgen_params['strings_to_leak'],
}
} else { # TODO : Refactor so that this works well with a default account ? (should we make it so that if we just include metactf it will throw out 1 random challenge with a default account or just not bother?)
::secgen_functions::install_setuid_root_binary { "metactf_$challenge_name":
source_module_name => $module_name,
challenge_name => $secgen_params['challenge_name'][0],
account => $account,
flag => $secgen_params['flag'][0],
flag_name => 'flag',
storage_dir => $storage_dir,
strings_to_leak => $secgen_params['strings_to_leak'],
}
}
}
}

26
modules/utilities/unix/ctf/metactf/secgen_metadata.xml
View File

@@ -16,6 +16,32 @@
<reference>https://thefengs.com/wuchang/papers/3gse15metactf.pdf</reference>
<reference>https://bitbucket.org/wuchangfeng/metactf</reference>
<!-- Note - Scenarios must provide the same number of flags as challenges and groups in the challenge_list -->
<read_fact>challenge_list</read_fact>
<read_fact>flags</read_fact>
<read_fact>account</read_fact>
<default_input into="challenge_list">
<value>src_angr/00_angr_find</value>
<value>src_angr/01_angr_avoid</value>
<value>src_angr/02_angr_find_condition</value>
<!--<generator type="metactf_challenge"/>-->
<!--<generator type="metactf_challenge"/>-->
<!--<generator type="metactf_challenge"/>-->
</default_input>
<default_input into="flags">
<generator type="flag_generator"/>
<generator type="flag_generator"/>
<generator type="flag_generator"/>
</default_input>
<default_input into="groups">
<value>challenge01</value>
<value>challenge02</value>
<value>challenge03</value>
</default_input>
<conflict>
<name>Wheezy</name>
</conflict>

32
scenarios/examples/ctf_challenge_examples/metactf.xml
View File

@@ -9,15 +9,31 @@
<base platform="linux" type="server" distro="Stretch"/>
<utility module_path=".*metactf"/>
<!--<utility module_path=".*metactf"/>-->
<!--<utility type="parameterised_accounts">-->
<!--<input into="account" into_datastore="account">-->
<!--<generator type="account"/>-->
<!--</input>-->
<!--</utility>-->
<!---->
<!--<utility module_path=".*metactf" >-->
<utility module_path=".*parameterised_accounts">
<input into="account" into_datastore="account">
<generator type="account"/>
</input>
</utility>
<utility module_path=".*metactf">
<input into="challenge_list">
<value>src_angr/00_angr_find</value>
<value>src_angr/01_angr_avoid</value>
<value>src_angr/02_angr_find_condition</value>
</input>
<input into="groups">
<value>challenge01</value>
<value>challenge02</value>
<value>challenge03</value>
</input>
<input into="account">
<datastore>account</datastore>
</input>
</utility>
<!--<utility module_path=".*metactf">-->
<!--<input into="challenge_list">-->
<!--<generator type="metactf_challenge">-->
<!--<input into="difficulty">-->