The security playground is an HTTP web server to simulate security breaches. It allows you to read, write, and execute commands in a containerized environment.
Deploy the docker image in your environment.
$ docker run --rm -p 8080:8080 sysdiglabs/security-playgroundSetup the health check to the /health endpoint if required.
The HTTP API exposes tree endpoints to interact with the system.
You can read a file using just the URL.
$ curl localhost:8080/etc/shadowThis will return the content of the /etc/shadow file.
You can write to a file using the URL and POSTing the content.
$ curl -X POST localhost:8080/bin/hello -d 'content=hello-world'This will write to /bin/hello the hello-world string
You can execute a command using the /exec endpoint and POSTing the command.
$ curl -X POST localhost:8080/exec -d 'command=ls -la'This will capture and return the STDOUT of the executed command.