pwn题部署

ctfd上的pwn题部署，服务器系统centos

docker, docker-compose安装

yum update
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
yum install -y docker-ce
systemctl start docker
systemctl enable docker
yum -y install epel-release
yum -y install python-pip
pip install -i https://pypi.tuna.tsinghua.edu.cn/simple docker-compose

Pwn题部署

基于xinted + docker

git clone https://github.com/Eadom/ctf_xinetd.git
rm ctf_xinetd/bin/helloworld
cp pwn ctf_xinetd/bin/pwn
echo <newflag> > ctf_xinetd/bin/flag
vim ctf_xinetd/ctf.xinetd

ctf.xinetd中主要修改server_args = --userspec=1000:1000 /home/ctf ./helloworld中的helloworld为二进制文件名称(pwn).

cd ctf_xinetd
sudo docker build -t "mypwn" .
sudo docker run -d -p "0.0.0.0:8001:9999" -h "mypwn" --name="mypwn" mypwn

pwn题要先关闭缓冲区.

setvbuf(stdin, 0LL, 2, 0LL);
setvbuf(stdout, 0LL, 2, 0LL);
setvbuf(stderr, 0LL, 2, 0LL);

完成后可以nc 127.0.0.1 端口号来查看是否成功

阿里云等服务器需要把设置的端口添加到安全组里否则远程可能无法连接上