Builds, moves and configures metactf src_angr challenges as setgid challenges. Test the file read for 00_angr_find (should read a flag file as setgid instead of returning 'well done')

modules/utilities/unix/ctf/metactf/files/repository/src_angr/00_angr_find/00_angr_find.c.templite

@@ -8,6 +8,7 @@ userdef = ''.join(random.choice(userdef_charset) for _ in range(8))
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <fcntl.h>
 
 #define USERDEF "${ userdef }$"
 #define LEN_USERDEF ${ write(len(userdef)) }$

modules/utilities/unix/ctf/metactf/manifests/configure.pp

@@ -0,0 +1,49 @@
+class metactf::configure {
+  $secgen_params = secgen_functions::get_parameters($::base64_inputs_file)
+  $install_dir = '/opt/metactf'
+  $challenge_list = $secgen_params['challenge_list']
+  $flags = $secgen_params['flags']
+  $groups = $secgen_params['groups']
+
+  $raw_account = $secgen_params['account'][0]
+  $account = parsejson($raw_account)
+  $username = $account['username']
+
+  # TODO : Test me with dynamic challenge directory...
+  # if $secgen_params['challenge_directory'][0] != undef {
+  #   $challenge_directory = $secgen_params['challenge_directory'][0]
+  # } else {
+  $storage_dir = "/home/$username/challenges"
+  # }
+
+  Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
+
+  # Move the challenges based on account name and challenge name.
+
+  $challenge_pairs = zip($challenge_list, $flags)
+
+  $challenge_pairs.each |$counter, $challenge_pair| {
+    $challenge_path = $challenge_pair[0]
+    $flag = $challenge_pair[1]
+    $split_challenge = split($challenge_path, '/')
+    $metactf_challenge_dir = $split_challenge[0]
+    $metactf_challenge_type = split($metactf_challenge_dir, '_')[1]
+    $challenge_name = $split_challenge[1]
+    $group = $groups[$counter]
+
+    $binary_path = "$install_dir/$metactf_challenge_dir/obj/secgen/$metactf_challenge_type/$challenge_name"
+
+    ::secgen_functions::install_setgid_binary { "metactf_$challenge_name":
+      source_module_name => $module_name,
+      challenge_name     => $challenge_name,
+      group              => $group,
+      account            => $account,
+      flag               => $flag,
+      flag_name          => 'flag',
+      binary_path        => $binary_path,
+      storage_dir        => $storage_dir,
+      strings_to_leak    => $secgen_params['strings_to_leak'],
+    }
+  }
+
+}

modules/utilities/unix/ctf/metactf/manifests/install.pp

@@ -1,23 +1,12 @@
 class metactf::install {
   $secgen_params = secgen_functions::get_parameters($::base64_inputs_file)
   $install_dir = '/opt/metactf'
-  $challenge_list = $secgen_params['challenge_list']
-  $flags = $secgen_params['flags']
-  $groups = $secgen_params['groups']
-
-  $raw_account = $secgen_params['account'][0]
-  $account = parsejson($raw_account)
-  $username = $account['username']
-
-  # TODO : Test me with dynamic challenge directory...
-  # if $secgen_params['challenge_directory'][0] != undef {
-  #   $challenge_directory = $secgen_params['challenge_directory'][0]
-  # } else {
-    $storage_dir = "/home/$username/challenges"
-  # }
 
   Exec { path => ['/bin', '/usr/bin', '/usr/local/bin', '/sbin', '/usr/sbin'] }
 
+  ensure_packages('build-essential')
+  ensure_packages('gcc-multilib')
+
   file { $install_dir:
     ensure  => directory,
     recurse => true,
@@ -33,44 +22,12 @@ class metactf::install {
   }
 
   # For now just build all of the binaries.
-  exec { 'build ctf_angr binaries':
-    command => "/bin/make /opt/metactf/src_angr/"
+  exec { 'build src_angr binaries':
+    cwd     => "$install_dir/src_angr/",
+    command => "/usr/bin/make",
   }
 
-  # Move the challenges based on account name and challenge name.
-
-  $challenge_pairs = zip($challenge_list, $flags)
-
-  $challenge_pairs.each |$counter, $challenge_pair| {
-    $challenge_path = $challenge_pair[0]
-    $flag = $challenge_pair[1]
-    $split_challenge = split($challenge_path, '/')
-    $metactf_challenge_type = $split_challenge[0]
-    $challenge_name = $split_challenge[1]
-    $group = $groups[$counter]
-
-    if $group {
-      ::secgen_functions::install_setgid_binary { "metactf_$challenge_name":
-        source_module_name => $module_name,
-        challenge_name     => $challenge_name,
-        group              => $group,
-        account            => $account,
-        flag               => $flag,
-        flag_name          => 'flag',
-        storage_dir        => $storage_dir,
-        strings_to_leak    => $secgen_params['strings_to_leak'],
-      }
-    } else {  # TODO : Refactor so that this works well with a default account ? (should we make it so that if we just include metactf it will throw out 1 random challenge with a default account or just not bother?)
-      ::secgen_functions::install_setuid_root_binary { "metactf_$challenge_name":
-        source_module_name => $module_name,
-        challenge_name     => $secgen_params['challenge_name'][0],
-        account            => $account,
-        flag               => $secgen_params['flag'][0],
-        flag_name          => 'flag',
-        storage_dir        => $storage_dir,
-        strings_to_leak    => $secgen_params['strings_to_leak'],
-      }
-    }
-  }
+  # TODO: Build src_csp
+  # TODO: Build src_malware
 
 }

modules/utilities/unix/ctf/metactf/metactf.pp

@@ -1 +1,2 @@
-require metactf::install
+require metactf::install
+require metactf::configure

modules/utilities/unix/ctf/metactf/secgen_metadata.xml

@@ -19,6 +19,7 @@
   <!-- Note - Scenarios must provide the same number of flags as challenges and groups in the challenge_list -->
   <read_fact>challenge_list</read_fact>
   <read_fact>flags</read_fact>
+  <read_fact>groups</read_fact>
   <read_fact>account</read_fact>
 
   <default_input into="challenge_list">

scenarios/examples/ctf_challenge_examples/metactf.xml

@@ -8,12 +8,16 @@
     <system_name>metactf</system_name>
     <base platform="linux" type="server" distro="Stretch"/>
 
-
-    <!--<utility module_path=".*metactf"/>-->
-
     <utility module_path=".*parameterised_accounts">
-      <input into="account" into_datastore="account">
-        <generator type="account"/>
+      <input into="accounts" into_datastore="account">
+        <generator type="account">
+          <input into="username">
+            <value>challenger</value>
+          </input>
+          <input into="password">
+            <value>password</value>
+          </input>
+        </generator>
       </input>
     </utility>
 
@@ -28,6 +32,11 @@
         <value>challenge02</value>
         <value>challenge03</value>
       </input>
+      <input into="flags">
+        <generator type="flag_generator"/>
+        <generator type="flag_generator"/>
+        <generator type="flag_generator"/>
+      </input>
       <input into="account">
         <datastore>account</datastore>
       </input>

secgen.rb

@@ -170,11 +170,11 @@ def build_vms(scenario, project_dir, options)
           end
         else   # TODO:  elsif vagrant_output[:exception].type == ProcessHelper::TimeoutError   >destroy individually broken vms as above?
           Print.err 'Vagrant up timeout, destroying VMs and retrying...'
-          GemExec.exe('vagrant', project_dir, 'destroy -f')
+          # GemExec.exe('vagrant', project_dir, 'destroy -f')
         end
       else
         Print.err 'Error provisioning VMs, destroying VMs and exiting SecGen.'
-        GemExec.exe('vagrant', project_dir, 'destroy -f')
+        # GemExec.exe('vagrant', project_dir, 'destroy -f')
         exit 1
       end
     end