WiP: fix resource confict. (get the 00_angr_find.c.template to build + test it, then update other XX_angr_.* to use same pattern).

2026-02-22 19:58:03 +00:00 · 2018-10-29 21:43:31 +00:00
parent 96a426bc29
commit 32c8f1dc73
5 changed files with 142 additions and 24 deletions
--- a/modules/build/puppet/secgen_functions/manifests/install_setgid_binary.pp
+++ b/modules/build/puppet/secgen_functions/manifests/install_setgid_binary.pp
@@ -17,11 +17,13 @@ define secgen_functions::install_setgid_binary (
  if $account {
    $username = $account['username']

-    ::accounts::user { $username:
-      shell      => '/bin/bash',
-      password   => pw_hash($account['password'], 'SHA-512', 'mysalt'),
-      managehome => true,
-      home_mode  => '0755',
+    if ! User[$username] {
+      ::accounts::user { $username:
+        shell      => '/bin/bash',
+        password   => pw_hash($account['password'], 'SHA-512', 'mysalt'),
+        managehome => true,
+        home_mode  => '0755',
+      }
    }

    $storage_directory = "/home/$username"
@@ -45,11 +47,11 @@ define secgen_functions::install_setgid_binary (
  # Create challenge directory
  ::secgen_functions::create_directory { "create_$challenge_directory":
    path => $challenge_directory,
-    notify => File["create_$compile_directory"],
+    notify => File["create-$compile_directory-$challenge_name"],
  }

  # Move contents of the module's files directory into compile directory
-  file { "create_$compile_directory":
+  file { "create-$compile_directory-$challenge_name":
    path => $compile_directory,
    ensure  => directory,
    recurse => true,
@@ -60,7 +62,7 @@ define secgen_functions::install_setgid_binary (
  exec { "gcc_$challenge_name-$compile_directory":
    cwd     => $compile_directory,
    command => "/usr/bin/make",
-    require => File["create_$compile_directory"]
+    require => File["create-$compile_directory-$challenge_name"]
  }

  # Move the compiled binary into the challenge directory
--- a/modules/utilities/unix/ctf/metactf/files/repository/src_angr/00_angr_find/00_angr_find.c.templite
+++ b/modules/utilities/unix/ctf/metactf/files/repository/src_angr/00_angr_find/00_angr_find.c.templite
@@ -28,6 +28,34 @@ int complex_function(int value, int i) {
  return ((value - 'A' + (LAMBDA * i)) % ('Z' - 'A' + 1)) + 'A';
 }

+void printflag()
+{
+	int fd;
+	int len;
+	unsigned char data[128];
+
+	fd = open("flag", O_RDONLY);
+
+	if ( fd <= 0 ) {
+		printf("Failed to open flag.\n");
+		return;
+	}
+
+	len = lseek( fd, 0, SEEK_END);
+	lseek(fd, 0, SEEK_SET);
+
+	if ( len > 128 ) {
+		len = 128;
+	}
+
+	memset(data, 0, 128);
+	read( fd, data, len);
+	close(fd);
+
+	printf("%s\n", data);
+	return;
+}
+
 int main(int argc, char* argv[]) {
  char buffer[9];

@@ -43,6 +71,6 @@ int main(int argc, char* argv[]) {
  if (strcmp(buffer, USERDEF)) {
    printf("Try again.\n");
  } else {
-    printf("Good Job.\n");
+    printflag();
  }
 }
--- a/modules/utilities/unix/ctf/metactf/manifests/install.pp
+++ b/modules/utilities/unix/ctf/metactf/manifests/install.pp
@@ -1,12 +1,27 @@
 class metactf::install {
+  $secgen_params = secgen_functions::get_parameters($::base64_inputs_file)
  $install_dir = '/opt/metactf'
+  $challenge_list = $secgen_params['challenge_list']
+  $flags = $secgen_params['flags']
+  $groups = $secgen_params['groups']
+
+  $raw_account = $secgen_params['account'][0]
+  $account = parsejson($raw_account)
+  $username = $account['username']
+
+  # TODO : Test me with dynamic challenge directory...
+  # if $secgen_params['challenge_directory'][0] != undef {
+  #   $challenge_directory = $secgen_params['challenge_directory'][0]
+  # } else {
+    $storage_dir = "/home/$username/challenges"
+  # }

  Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }

  file { $install_dir:
-    ensure => directory,
+    ensure  => directory,
    recurse => true,
-    source => 'puppet:///modules/metactf/repository',
+    source  => 'puppet:///modules/metactf/repository',
  }

  exec { 'set install.sh mode':
@@ -17,14 +32,45 @@ class metactf::install {
    command => "/bin/bash $install_dir/install.sh"
  }

-  # Determine how best to generate individual challenges at scenario level.
-
  # For now just build all of the binaries.
+  exec { 'build ctf_angr binaries':
+    command => "/bin/make /opt/metactf/src_angr/"
+  }

-  # Modify the 'users file' to use accounts{} ? Do we even bother? It appears to only be used on the webapp anyway.
-  # The filename is irrelevant.
+  # Move the challenges based on account name and challenge name.

-  # Move the challenges based on account name.
+  $challenge_pairs = zip($challenge_list, $flags)

+  $challenge_pairs.each |$counter, $challenge_pair| {
+    $challenge_path = $challenge_pair[0]
+    $flag = $challenge_pair[1]
+    $split_challenge = split($challenge_path, '/')
+    $metactf_challenge_type = $split_challenge[0]
+    $challenge_name = $split_challenge[1]
+    $group = $groups[$counter]
+
+    if $group {
+      ::secgen_functions::install_setgid_binary { "metactf_$challenge_name":
+        source_module_name => $module_name,
+        challenge_name     => $challenge_name,
+        group              => $group,
+        account            => $account,
+        flag               => $flag,
+        flag_name          => 'flag',
+        storage_dir        => $storage_dir,
+        strings_to_leak    => $secgen_params['strings_to_leak'],
+      }
+    } else {  # TODO : Refactor so that this works well with a default account ? (should we make it so that if we just include metactf it will throw out 1 random challenge with a default account or just not bother?)
+      ::secgen_functions::install_setuid_root_binary { "metactf_$challenge_name":
+        source_module_name => $module_name,
+        challenge_name     => $secgen_params['challenge_name'][0],
+        account            => $account,
+        flag               => $secgen_params['flag'][0],
+        flag_name          => 'flag',
+        storage_dir        => $storage_dir,
+        strings_to_leak    => $secgen_params['strings_to_leak'],
+      }
+    }
+  }

 }
--- a/modules/utilities/unix/ctf/metactf/secgen_metadata.xml
+++ b/modules/utilities/unix/ctf/metactf/secgen_metadata.xml
@@ -16,6 +16,32 @@
  <reference>https://thefengs.com/wuchang/papers/3gse15metactf.pdf</reference>
  <reference>https://bitbucket.org/wuchangfeng/metactf</reference>

+  <!-- Note - Scenarios must provide the same number of flags as challenges and groups in the challenge_list -->
+  <read_fact>challenge_list</read_fact>
+  <read_fact>flags</read_fact>
+  <read_fact>account</read_fact>
+
+  <default_input into="challenge_list">
+    <value>src_angr/00_angr_find</value>
+    <value>src_angr/01_angr_avoid</value>
+    <value>src_angr/02_angr_find_condition</value>
+    <!--<generator type="metactf_challenge"/>-->
+    <!--<generator type="metactf_challenge"/>-->
+    <!--<generator type="metactf_challenge"/>-->
+  </default_input>
+
+  <default_input into="flags">
+    <generator type="flag_generator"/>
+    <generator type="flag_generator"/>
+    <generator type="flag_generator"/>
+  </default_input>
+
+  <default_input into="groups">
+    <value>challenge01</value>
+    <value>challenge02</value>
+    <value>challenge03</value>
+  </default_input>
+
  <conflict>
    <name>Wheezy</name>
  </conflict>