Merge pull request #3 from gtg2619/add-pyjail-template

Randark-JMT · web-flow · commit 5c97ac997597 · 2023-07-26T09:32:54.000+08:00
add python jail template
diff --git a/misc-pyjail-python_3.8/Dockerfile b/misc-pyjail-python_3.8/Dockerfile
@@ -0,0 +1,21 @@
+FROM ubuntu:20.04
+
+RUN sed -i "s/http:\/\/archive.ubuntu.com/http:\/\/mirrors.tuna.tsinghua.edu.cn/g" /etc/apt/sources.list && \
+    apt-get update && apt-get -y dist-upgrade && \
+    apt-get install -y lib32z1 xinetd && \
+    apt-get install -y python3 && \
+    apt-get install -y python3-pip && \
+    pip3 install pillow -i https://pypi.tuna.tsinghua.edu.cn/simple
+
+
+COPY ./src/ctf.xinetd /etc/xinetd.d/ctf
+COPY ./service/docker-entrypoint.sh /
+
+RUN chmod +x /docker-entrypoint.sh
+
+COPY ./src/server.py /home/server.py
+
+RUN echo "Blocked by ctf_xinetd" > /etc/banner_fail && chmod +x /docker-entrypoint.sh && chmod -R 777 /home/
+CMD ["/docker-entrypoint.sh"]
+
+EXPOSE 9999
diff --git a/misc-pyjail-python_3.8/docker/docker-compose.yml b/misc-pyjail-python_3.8/docker/docker-compose.yml
@@ -0,0 +1,11 @@
+version: '3'
+services:
+  test:
+    build: ../
+    environment:
+      # 仅为测试用flag
+      FLAG: "flag{a63b4d37-7681-4850-b6a7-0d7109febb19}"
+    ports:
+      # 设置了暴露端口
+      - 9999:9999
+    restart: unless-stopped
diff --git a/misc-pyjail-python_3.8/service/docker-entrypoint.sh b/misc-pyjail-python_3.8/service/docker-entrypoint.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+# Get the user
+user=$(ls /home)
+
+# Check the environment variables for the flag and assign to INSERT_FLAG
+if [ "$DASFLAG" ]; then
+    INSERT_FLAG="$DASFLAG"
+    export DASFLAG=no_FLAG
+    DASFLAG=no_FLAG
+elif [ "$FLAG" ]; then
+    INSERT_FLAG="$FLAG"
+    export FLAG=no_FLAG
+    FLAG=no_FLAG
+elif [ "$GZCTF_FLAG" ]; then
+    INSERT_FLAG="$GZCTF_FLAG"
+    export GZCTF_FLAG=no_FLAG
+    GZCTF_FLAG=no_FLAG
+else
+    INSERT_FLAG="flag{TEST_Dynamic_FLAG}"
+fi
+
+# 将FLAG写入文件 请根据需要修改
+echo $INSERT_FLAG | tee /flag
+
+
+# 启动 xinetd 服务
+/etc/init.d/xinetd start;
+sleep infinity;
+rm -rf /docker-entrypoint.sh
diff --git a/misc-pyjail-python_3.8/src/ctf.xinetd b/misc-pyjail-python_3.8/src/ctf.xinetd
@@ -0,0 +1,20 @@
+service ctf
+{
+    disable = no
+    socket_type = stream
+    protocol    = tcp
+    wait        = no
+    user        = root
+    type        = UNLISTED
+    port        = 9999
+    bind        = 0.0.0.0
+    server      = /usr/sbin/chroot
+    # replace helloworld to your program（要跑的服务）
+    server_args = --userspec=1000:1000 / python3 /home/server.py
+    banner_fail = /etc/banner_fail
+    # safety options
+    per_source	= 10 # the maximum instances of this service per source IP address
+    rlimit_cpu	= 20 # the maximum number of CPU seconds that the service may use
+    #rlimit_as  = 1024M # the Address Space resource limit for the service
+    #access_times = 2:00-9:00 12:00-24:00
+}
diff --git a/misc-pyjail-python_3.8/src/server.py b/misc-pyjail-python_3.8/src/server.py
@@ -0,0 +1,18 @@
+WELCOME = '''
+  _     ______      _                              _       _ _ 
+ | |   |  ____|    (_)                            | |     (_) |
+ | |__ | |__   __ _ _ _ __  _ __   ___ _ __       | | __ _ _| |
+ | '_ \|  __| / _` | | '_ \| '_ \ / _ \ '__|  _   | |/ _` | | |
+ | |_) | |___| (_| | | | | | | | |  __/ |    | |__| | (_| | | |
+ |_.__/|______\__, |_|_| |_|_| |_|\___|_|     \____/ \__,_|_|_|
+               __/ |                                           
+              |___/                                            
+'''
+
+print(WELCOME)
+ 
+print("Welcome to the python jail")
+print("Let's have an beginner jail of calc")
+print("Enter your expression and I will evaluate it for you.")
+input_data = input("> ")
+print('Answer: {}'.format(eval(input_data)))
