make-git-better-2
Git CTF 🚩 but good this time.
- Dependencies
- Build
- Test
- Develop
Dependencies
- Rust
- Docker
- Python 3.6 (for docker TCP switchboard)
- Ansible (optional)
Build
Ansible
Using Ansible, you can build and deploy the game server from nothing.
cd build/ansible
sed -i 's/ctf.mrnice.dev/your.server.com/g' hosts
ansible-playbook -v -i hosts build.yamlMake sure that you have Ansible configured correctly with your SSH keys. Here's the docs.
Note: Remember to expose 22 to your IP. If you're like me with AWS EC2, you need to add a rule to the security group. Like this:
aws ec2 authorize-security-group-ingress --group-id PUT_HERE --protocol tcp --port 22 --cidr "$(curl -s https://wtfismyip.com/json | jq -r '.YourFuckingIPAddress')/32"
How to build the challenge Docker manually
Create the hook script
cd to the scripts directory.
powershell
cargo run --bin generate-pre-receive-hook -- --verbose ..\levels\game-config.toml .\src\bin\templates\hook.tmplsh
cargo run --bin generate-pre-receive-hook -- --verbose ../levels/game-config.toml src/bin/templates/hook.tmplBuild and run docker image
Build docker
docker build --tag mgb:0.1 --build-arg CACHE_DATE=$(date +%Y-%m-%d:%H:%M:%S) --build-arg OWASP_FLAG_1="AppSec-IL{g1t_d035_P3rM1t_T0_c0mm1T}" --build-arg OWASP_FLAG_2="AppSec-IL{1f_y0u_w4n7_17_c0m3_4nd_917_17}" .Run docker
docker run --detach --name mgbtest --publish 7777:22 mgb:0.1Copy ssh key (for outside cloning)
docker cp mgbtest:/home/player/.ssh/id_rsa ./id_rsa.playerUseful oneliner
docker rm -f mgbtest; docker build --build-arg CACHE_DATE=$(date +%Y-%m-%d:%H:%M:%S%z) --build-arg OWASP_FLAG_1="AppSec-IL{g1t_d035_P3rM1t_T0_c0mm1T}" --build-arg OWASP_FLAG_2="AppSec-IL{1f_y0u_w4n7_17_c0m3_4nd_917_17}" --tag mgb:0.1 . && docker run --detach --name mgbtest --publish 7777:22 mgb:0.1Connect to the running instance
Password is player.
ssh player@localhost -p 7777How to build the web content
Build the level browser
cargo run --bin generate-levels-graph -- -v ../levels/game-config.toml src/bin/templates/graph.tmplSet up docker-tcp-switchboard
Only relevant for the game server, no need to do this for local build.
git clone https://github.com/OverTheWireOrg/docker-tcp-switchboard.git
# install deps and then
touch /var/log/docker-tcp-switchboard.log
chmod a+w /var/log/docker-tcp-switchboard.logCopy build/docker-tcp-switchboard.conf to /etc/docker-tcp-switchboard.conf. Finally, run python3 docker-tcp-switchboard.py.
Test
Unit tests
cd scripts
cargo testTest levels
Login as user tester to the built Docker and then:
cd tests
./run_all_tests.shShould print something like:
tester@ad6145e90679:~/tests
> ./run_all_tests.sh
TESTLOG: Testing /home/tester/tests/test-basic-1.sh
TESTLOG: testing level basic-1 branch scorpion-treenware-gestatory
TESTLOG: Test /home/tester/tests/test-basic-1.sh passed
TESTLOG: Testing /home/tester/tests/test-basic-2.sh
TESTLOG: testing level basic-2 branch sidespins-areae-regalio
TESTLOG: Test /home/tester/tests/test-basic-2.sh passed
TESTLOG: Testing /home/tester/tests/test-log-1.sh
TESTLOG: testing level log-1 branch turbulator-feere-reinclined
TESTLOG: Test /home/tester/tests/test-log-1.sh passed
TESTLOG: Testing /home/tester/tests/test-log-2.sh
TESTLOG: testing level log-2 branch insatiably-skyjackers-program
TESTLOG: Test /home/tester/tests/test-log-2.sh passed
TESTLOG: Testing /home/tester/tests/test-log-3.sh
TESTLOG: testing level log-3 branch originates-anagyrine-untolerative
TESTLOG: Test /home/tester/tests/test-log-3.sh passed
TESTLOG: Testing /home/tester/tests/test-log-4.sh
TESTLOG: testing level log-4 branch belialist-interlaying-mize
TESTLOG: Test /home/tester/tests/test-log-4.sh passed
TESTLOG: Testing /home/tester/tests/test-merge-1.sh
TESTLOG: testing level merge-1 branch macrochiropteran-jupon-lutecium
TESTLOG: Test /home/tester/tests/test-merge-1.sh passed
TESTLOG: Testing /home/tester/tests/test-merge-2.sh
TESTLOG: testing level merge-2 branch poseuse-citronwood-manganese
TESTLOG: Test /home/tester/tests/test-merge-2.sh passed
TESTLOG: Testing /home/tester/tests/test-merge-3.sh
TESTLOG: testing level merge-3 branch twee-enfamish-stropharia
TESTLOG: Test /home/tester/tests/test-merge-3.sh passed
TESTLOG: Testing /home/tester/tests/test-merge-4.sh
TESTLOG: testing level merge-4 branch multichord-ethicalism-fenestration
TESTLOG: Test /home/tester/tests/test-merge-4.sh passed
TESTLOG: Testing /home/tester/tests/test-merge-5.sh
TESTLOG: testing level merge-5 branch reappraise-veratroyl-garfishes
TESTLOG: Test /home/tester/tests/test-merge-5.sh passed
TESTLOG: Testing /home/tester/tests/test-revert-1.sh
TESTLOG: testing level revert-1 branch lomentaceous-mididae-hexadecane
TESTLOG: Test /home/tester/tests/test-revert-1.sh passed
TESTLOG: Testing /home/tester/tests/test-start-here.sh
TESTLOG: testing level start-here branch start-here
TESTLOG: Test /home/tester/tests/test-start-here.sh passed
TESTLOG: Out of 13 tests, 13 passed and 0 failed.Note: Can also run with -v to see all
gitoutput and randomechos as well.
Develop
Add a new stage
cargo run --bin generate-new-level -- ..\levels\game-config.toml .\src\bin\templates\level_checker.tmpl .\src\bin\templates\level_test.tmpl .\src\bin\templates\level_page.tmpl .\src\bin\resources\words_alpha.txt ..\levels\ -v