ctf pwn题目的部署

版权声明：本文为博主原创文章，未经博主允许不得转载，转载请注明出处。 https://blog.csdn.net/u012763794/article/details/82750102

使用socat部署

安装

apt install socat

模板：socat tcp-listen:port,fork exec:./程序名,reuseaddr

实例：socat tcp-listen:10001,fork exec:./pwn1,reuseaddr

使用pwn_deploy部署

https://github.com/giantbranch/pwn_deploy

项目基于docker和xinetd
项目主要根据bin目录的文件，动态生成flag，xinetd配置文件，Dockerfile和docker-compose.yml
程序都是放在家目录，通过权限控制不能进入别人的家目录，同时不能修改或删除二进制程序和flag文件

使用

1. 将所有pwn题目放入bin目录（注意命名）
2. python initialize.py
3. docker-compose up --build -d

关于xinetd配置文件
xinetd配置文件作用是启动pwn程序（其中user跟server都是根据bin目录的文件名生成的）
我放入3个文件到bin目录后生成的xinetd配置文件：

service ctf
{
    disable = no
    socket_type = stream
    protocol    = tcp
    wait        = no
    user        = pwn1
    type        = UNLISTED
    port        = 10000
    bind        = 0.0.0.0
    server      = /home/pwn1/pwn1   
    # safety options
    per_source  = 10 # the maximum instances of this service per source IP address
    rlimit_cpu  = 20 # the maximum number of CPU seconds that the service may use
    rlimit_as  = 100M # the Address Space resource limit for the service
    #access_times = 2:00-9:00 12:00-24:00
}

service ctf
{
    disable = no
    socket_type = stream
    protocol    = tcp
    wait        = no
    user        = pwn1_copy1
    type        = UNLISTED
    port        = 10001
    bind        = 0.0.0.0
    server      = /home/pwn1_copy1/pwn1_copy1   
    # safety options
    per_source  = 10 # the maximum instances of this service per source IP address
    rlimit_cpu  = 20 # the maximum number of CPU seconds that the service may use
    rlimit_as  = 100M # the Address Space resource limit for the service
    #access_times = 2:00-9:00 12:00-24:00
}

service ctf
{
    disable = no
    socket_type = stream
    protocol    = tcp
    wait        = no
    user        = pwn1_copy2
    type        = UNLISTED
    port        = 10002
    bind        = 0.0.0.0
    server      = /home/pwn1_copy2/pwn1_copy2   
    # safety options
    per_source  = 10 # the maximum instances of this service per source IP address
    rlimit_cpu  = 20 # the maximum number of CPU seconds that the service may use
    rlimit_as  = 100M # the Address Space resource limit for the service
    #access_times = 2:00-9:00 12:00-24:00
}

使用pwn_deploy_chroot部署

https://github.com/giantbranch/pwn_deploy_chroot

项目基于docker，xinetd和chroot，更加安全

相对上面，基本相同，不同的是 使用chroot更加安全

也是3步：

1. 将所有pwn题目放入bin目录（注意命名）
2. python initialize.py
3. docker-compose up --build -d