From b70b491314e5e0fc36372608ab952fba5e0fdb8d Mon Sep 17 00:00:00 2001 From: Malfurious Date: Wed, 14 Feb 2024 22:07:16 -0500 Subject: Add pwn Docker image Intended to provide a base environment for working with binary exploitation challenges and enable process isolation of said binaries. Signed-off-by: Malfurious --- tools/pwn-docker/.gef.rc | 126 ++++++++++++++++++++++++++++++++++++++++++++ tools/pwn-docker/Dockerfile | 39 ++++++++++++++ tools/pwn-docker/Makefile | 9 ++++ 3 files changed, 174 insertions(+) create mode 100644 tools/pwn-docker/.gef.rc create mode 100644 tools/pwn-docker/Dockerfile create mode 100644 tools/pwn-docker/Makefile diff --git a/tools/pwn-docker/.gef.rc b/tools/pwn-docker/.gef.rc new file mode 100644 index 0000000..c2dddba --- /dev/null +++ b/tools/pwn-docker/.gef.rc @@ -0,0 +1,126 @@ +[context] +clear_screen = True +enable = True +grow_stack_down = False +ignore_registers = +layout = legend threads regs stack trace code args source memory extra +libc_args = False +libc_args_path = +nb_lines_backtrace = 10 +nb_lines_backtrace_before = 2 +nb_lines_code = 16 +nb_lines_code_prev = 10 +nb_lines_stack = 16 +nb_lines_threads = -1 +peek_calls = False +peek_ret = False +redirect = +show_opcodes_size = 0 +show_registers_raw = False +show_source_code_variable_values = True +show_stack_raw = True + +[dereference] +max_recursion = 2 + +[entry-break] +entrypoint_symbols = main _main __libc_start_main __uClibc_main start _start + +[gef] +autosave_breakpoints_file = +debug = False +disable_color = False +extra_plugins_dir = +follow_child = True +readline_compat = False +show_deprecation_warnings = True +tempdir = /tmp/gef + +[got] +function_not_resolved = yellow +function_resolved = green + +[heap-analysis-helper] +check_double_free = True +check_free_null = False +check_heap_overlap = True +check_uaf = True +check_weird_free = True + +[heap-chunks] +peek_nb_byte = 16 + +[hexdump] +always_show_ascii = True + +[highlight] +regex = False + +[pattern] +length = 1024 + +[pcustom] +max_depth = 4 +struct_path = /tmp/gef/structs +structure_name = bold blue +structure_size = green +structure_type = bold red + +[process-search] +ps_command = /usr/bin/ps auxww + +[syscall-args] +path = /tmp/gef/syscall-tables + +[theme] +address_code = red +address_heap = green +address_stack = pink +context_title_line = gray +context_title_message = cyan +default_title_line = gray +default_title_message = cyan +dereference_base_address = cyan +dereference_code = gray +dereference_register_value = bold blue +dereference_string = yellow +disassemble_current_instruction = green +old_context = gray +registers_register_name = blue +registers_value_changed = bold red +source_current_line = green +table_heading = blue + +[trace-run] +max_tracing_recursion = 1 +tracefile_prefix = ./gef-trace- + +[aliases] +ctx = context +telescope = dereference +flags = edit-flags +start = entry-break +fmtstr-helper = format-string-helper +hl = highlight +highlight set = highlight add +hla = highlight add +hlc = highlight clear +highlight ls = highlight list +hll = highlight list +highlight delete = highlight remove +highlight del = highlight remove +highlight unset = highlight remove +highlight rm = highlight remove +hlr = highlight remove +nb = name-break +pattern offset = pattern search +pf = print-format +ps = process-search +status = process-status +lookup = scan +grep = search-pattern +xref = search-pattern +sc-get = shellcode get +sc-search = shellcode search +screen-setup = tmux-setup + diff --git a/tools/pwn-docker/Dockerfile b/tools/pwn-docker/Dockerfile new file mode 100644 index 0000000..885e0ff --- /dev/null +++ b/tools/pwn-docker/Dockerfile @@ -0,0 +1,39 @@ +FROM debian + +ENV DEBIAN_FRONTEND=noninteractive +ENV LANG=en_US.UTF-8 + +RUN apt update \ + && apt full-upgrade --yes \ + && apt install --yes \ + build-essential \ + curl \ + file \ + gcc-multilib \ + gdb \ + git \ + ipython3 \ + locales \ + netcat-traditional \ + procps \ + python3 \ + python3-pip \ + strace \ + #sudo \ + tig \ + vim \ + wget + +RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen \ + #&& echo 'ALL ALL=(ALL:ALL) NOPASSWD: ALL' >/etc/sudoers && chmod 400 /etc/sudoers \ + && echo '#!/bin/sh\n cp /etc/skel/.* $HOME >/dev/null 2>&1\n exec $@' >/etc/skelinit.sh \ + && chmod 755 /etc/skelinit.sh + +RUN git clone --depth 1 https://github.com/radareorg/radare2 /radare2 \ + && /radare2/sys/install.sh + +RUN HOME=/etc/skel bash -c "$(wget https://gef.blah.cat/sh -O -)" + +COPY . /etc/skel/ +ENTRYPOINT ["/etc/skelinit.sh"] +CMD ["/bin/bash"] diff --git a/tools/pwn-docker/Makefile b/tools/pwn-docker/Makefile new file mode 100644 index 0000000..78c320e --- /dev/null +++ b/tools/pwn-docker/Makefile @@ -0,0 +1,9 @@ +# Run via `scuba --image pwn-docker []` + +.PHONY: all quick + +all: + docker build --tag pwn-docker --no-cache --pull . + +quick: + docker build --tag pwn-docker . -- cgit v1.2.3