open-education-hub · catalinamanolache · May 10, 2025 · May 17, 2025 · May 17, 2025 · razvand
diff --git a/...rs/exploitation-techniques/shellcodes/drills/07-challenge-shellcode-on-stack/sol/Makefile b/...rs/exploitation-techniques/shellcodes/drills/07-challenge-shellcode-on-stack/sol/Makefile
@@ -0,0 +1,23 @@
+PORT ?= 31345
+IMG_NAME ?= challenge07
+CONT_NAME ?= $(IMG_NAME)-container
+
+build:
+	cd .. && docker build -f src/Dockerfile -t $(IMG_NAME) .
+
+run: stop build
+	docker run -d --rm -p $(PORT):31345 --name $(CONT_NAME) -t $(IMG_NAME)
+	docker cp $(CONT_NAME):/app/vuln ./vuln
+
+exploit: run
+	python3 exploit.py
+
+stop:
+	-docker stop $(CONT_NAME) 2>/dev/null || true
+	-docker rm -f $(CONT_NAME) 2>/dev/null || true
+	-rm -f ./vuln 2>/dev/null || true
+
+clean: stop
+	@echo "Cleanup complete"
+
+.PHONY: build run exploit stop clean
diff --git a/...tion-techniques/shellcodes/drills/07-challenge-shellcode-on-stack/sol/README.md b/...tion-techniques/shellcodes/drills/07-challenge-shellcode-on-stack/sol/README.md
@@ -0,0 +1,23 @@
+### Building and running
+
+**Using the provided Makefile**
+
+Make sure you are in the `sol` directory and run the following commands:
+
+```console
+# Build the Docker image
+make build
+
+# Run the container and copy the binary
+make run
+
+# Execute the exploit
+make exploit
+
+# Clean up when finished
+make clean
+```
+
+The Makefile automates the process of building the Docker image, running the
+container, copying the binary and executing the exploit script.
-The Makefile automates the process of building the Docker image, running the
-container, copying the binary and executing the exploit script.
+The Makefile automates the process of building the Docker image, running the container, copying the binary and executing the exploit script.
-The Makefile automates the process of building the Docker image, running the
-container, copying the binary and executing the exploit script.
+The Makefile automates the process of building the Docker image, running the container, copying the binary and executing the exploit script.
+The `make clean` command will remove all resources when you're done.
diff --git a/...ters/exploitation-techniques/shellcodes/drills/07-challenge-shellcode-on-stack/sol/run.sh b/...ters/exploitation-techniques/shellcodes/drills/07-challenge-shellcode-on-stack/sol/run.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+# Build the Docker image from the correct directory
+cd ..
+docker build -f src/Dockerfile -t challenge07 .
+
+# Run container in background
+docker run -d --name challenge07 -p 31345:31345 challenge07
+
+# Copy the binary from the container for local analysis
+docker cp challenge07:/app/vuln sol/vuln
+
+# Navigate to the sol directory and run the exploit
+cd sol
+python3 exploit.py
+
+# Cleanup: Remove the local copy of the binary and stop the container
+rm -f vuln
+docker stop challenge07
+docker rm -f challenge07
diff --git a/.../exploitation-techniques/shellcodes/drills/07-challenge-shellcode-on-stack/src/Dockerfile b/.../exploitation-techniques/shellcodes/drills/07-challenge-shellcode-on-stack/src/Dockerfile
@@ -0,0 +1,28 @@
+# Build Stage
+FROM gcc AS builder
+WORKDIR /build
+
+# Copy only the content from the src directory
+COPY src/ .
+
+RUN make
+
+# Runtime Stage
+FROM python:3.9-slim
+WORKDIR /app
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends binutils cpp && \
+    rm -rf /var/lib/apt/lists/* && \
+    pip install --no-cache-dir pwntools
+
+ENV TERM=xterm
+
+COPY --from=builder /build/vuln /app/vuln
+COPY sol/exploit.py /app/exploit.py
+
+# Expose port 31345
+EXPOSE 31345
+
+# Run the vulnerable binary
+CMD ["/app/vuln"]