root 6 jaren geleden
bovenliggende
commit
cba544833c
25 gewijzigde bestanden met toevoegingen van 831 en 0 verwijderingen
  1. +31
    -0
      Docker Env/Dockerfile
  2. +3
    -0
      Docker Env/TUTORIAL
  3. +33
    -0
      Kepala/Dockerfile
  4. +12
    -0
      Kepala/header.rb
  5. +44
    -0
      Perintah linux/aa.py
  6. +36
    -0
      Perintah linux/aaa.py
  7. +1
    -0
      README.md
  8. +20
    -0
      Service Agent/Service Agent.rb
  9. +31
    -0
      calc-pwn/Dockerfile
  10. +50
    -0
      calc-pwn/chall/calc.py
  11. +38
    -0
      ku-ingin-lompat-sambil-jumping/Dockerfile
  12. BIN
      ku-ingin-lompat-sambil-jumping/chall/ingin_melompat2
  13. +92
    -0
      ku-ingin-lompat-sambil-jumping/ingin_melompat2.c
  14. +38
    -0
      ku-ingin-melompat/Dockerfile
  15. BIN
      ku-ingin-melompat/chall/ingin_melompat
  16. +82
    -0
      ku-ingin-melompat/ingin_melompat.c
  17. +41
    -0
      perintah_linux/aa.py
  18. +31
    -0
      ping-service/Dockerfile
  19. +77
    -0
      ping-service/chall/ping-service.py
  20. +38
    -0
      service-diary/diary32bit/Dockerfile
  21. BIN
      service-diary/diary32bit/chall/diary32
  22. +47
    -0
      service-diary/diary32bit/diary32.c
  23. +38
    -0
      service-diary/diary64bit/Dockerfile
  24. BIN
      service-diary/diary64bit/chall/diary64
  25. +48
    -0
      service-diary/diary64bit/diary64.c

+ 31
- 0
Docker Env/Dockerfile Bestand weergeven

@ -0,0 +1,31 @@
# Use ubuntu 16.04
FROM ubuntu:16.04
RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
# install socat editor ssh
RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
RUN adduser --disabled-password --gecos "" ksl
RUN echo "ksl:sebuahrahasiamas" | chpasswd
ADD chall/. /chall
WORKDIR /chall
RUN echo 'KSL{xxxxxxxxxxxxxxxxxx}' > /chall/flag.txt # ubah isi flagnya
# Secure ENV
RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
RUN chown root:ksl /chall/namafile.py # ubah nama file
RUN chmod 775 /chall/namafile.py # ubah nama file
# Run Service
RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/namafile.py,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
CMD ["/var/tmp/.start.sh"]

+ 3
- 0
Docker Env/TUTORIAL Bestand weergeven

@ -0,0 +1,3 @@
docker build -t "nama_challenge" .
docker run -p "port_anda:7000" -it cobamaba # mode non-daemon utk debug
docker run -p "port_anda:7000" -itd cobamaba # mode daemon kalau dianggap program sudah fix berjalan

+ 33
- 0
Kepala/Dockerfile Bestand weergeven

@ -0,0 +1,33 @@
# Use ubuntu 16.04
FROM ubuntu:16.04
RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
# install socat editor ssh
RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev ruby-full -y
RUN adduser --disabled-password --gecos "" ksl
RUN echo "ksl:sebuahrahasiamas" | chpasswd
ADD chall/. /chall
WORKDIR /chall
RUN cp /usr/bin/ruby /usr/local/bin/
RUN cp /usr/bin/curl /usr/local/bin/
RUN echo 'KSL{n0T_0nLy_p1P3_L1n3_C4n_D0_Th4T}' > /chall/flag.txt # ubah isi flagnya
# Secure ENV
RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
RUN chmod 700 /tmp /usr/bin/* /bin/* /dev/shm
RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python /usr/bin/ruby
RUN chown root:ksl /chall/header.rb # ubah nama file
RUN chmod 775 /chall/header.rb # ubah nama file
# Run Service
RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:5550,reuseaddr,fork EXEC:"/chall/header.rb,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
CMD ["/var/tmp/.start.sh"]

+ 12
- 0
Kepala/header.rb Bestand weergeven

@ -0,0 +1,12 @@
puts "HEADER FINDER"
puts "By: Oka Aditya"
print "Masukan Alamat Web : "
url = gets.chomp
if url.include? "|" or url.include? "&&" or url.include "||"
abort "Hacking Detected"
else
puts "Silakan mengunjungi link di bawah untuk mendapatkan headernya"
system("curl -I -s #{url} | curl -F 'clbin=<-' https://clbin.com")
end

+ 44
- 0
Perintah linux/aa.py Bestand weergeven

@ -0,0 +1,44 @@
#!/usr/bin/python
import sys
import os
class Unbuffered(object):
def __init__(self, stream):
self.stream = stream
def write(self, data):
self.stream.write(data)
self.stream.flush()
def writelines(self, datas):
self.stream.writelines(datas)
self.stream.flush()
def __getattr__(self, attr):
return getattr(self.stream, attr)
sys.stdout = Unbuffered(sys.stdout)
print" /$$ /$$ /$$$$$$ /$$ /$$$$$$$ /$$ /$$ /$$ /$$"
print" | $$ /$$/ /$$__ $$| $$ | $$__ $$| $$ /$ | $$| $$$ | $$"
print" | $$ /$$/ | $$ \__/| $$ | $$ \ $$| $$ /$$$| $$| $$$$| $$"
print" | $$$$$/ | $$$$$$ | $$ | $$$$$$$/| $$/$$ $$ $$| $$ $$ $$"
print" | $$ $$ \____ $$| $$ | $$____/ | $$$$_ $$$$| $$ $$$$"
print" | $$\ $$ /$$ \ $$| $$ | $$ | $$$/ \ $$$| $$\ $$$"
print" | $$ \ $$| $$$$$$/| $$$$$$$$ | $$ | $$/ \ $$| $$ \ $$"
print" |__/ \__/ \______/ |________/ |__/ |__/ \__/|__/ \__/"
print" Author : Bagus Widhyasmara"
print "<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>"
print" "
print "clue --> The 3rd answer can be read use indonesian and english language !"
flag1 = "{flag=you_are_jenius}"
while True:
x = raw_input("enter your born place ")
y = input("enter your bornn year ")
z = input("how many letters o on born ? ")
if z == 1:
perlin = raw_input("silahkan ketik perintah linux apapun! ")
os.system(perlin)
print "Here ya go! ", flag1
exit(0)
else:
print "{fIa9=YOU_VERY_STUPID_!!!}"

+ 36
- 0
Perintah linux/aaa.py Bestand weergeven

@ -0,0 +1,36 @@
#!/usr/bin/python
import sys
import os
class Unbuffered(object):
def __init__(self, stream):
self.stream = stream
def write(self, data):
self.stream.write(data)
self.stream.flush()
def writelines(self, datas):
self.stream.writelines(datas)
self.stream.flush()
def __getattr__(self, attr):
return getattr(self.stream, attr)
sys.stdout = Unbuffered(sys.stdout)
print" /$$ /$$ /$$$$$$ /$$ /$$$$$$$ /$$ /$$ /$$ /$$"
print" | $$ /$$/ /$$__ $$| $$ | $$__ $$| $$ /$ | $$| $$$ | $$"
print" | $$ /$$/ | $$ \__/| $$ | $$ \ $$| $$ /$$$| $$| $$$$| $$"
print" | $$$$$/ | $$$$$$ | $$ | $$$$$$$/| $$/$$ $$ $$| $$ $$ $$"
print" | $$ $$ \____ $$| $$ | $$____/ | $$$$_ $$$$| $$ $$$$"
print" | $$\ $$ /$$ \ $$| $$ | $$ | $$$/ \ $$$| $$\ $$$"
print" | $$ \ $$| $$$$$$/| $$$$$$$$ | $$ | $$/ \ $$| $$ \ $$"
print" |__/ \__/ \______/ |________/ |__/ |__/ \__/|__/ \__/"
print" Author : Bagus Widhyasmara"
print "<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>"
print" "
name = raw_input("Masukan nama anda : ")
print("Selamat datang "+name)
perlin = raw_input("silahkan ketik perintah linux apapun! ")
os.system(perlin)
print("{flag=you_get_the_flag}")

+ 1
- 0
README.md Bestand weergeven

@ -0,0 +1 @@
Kumpulan Soal PWN KSL untuk seleksi mahasiswa baru KSL 2018

+ 20
- 0
Service Agent/Service Agent.rb Bestand weergeven

@ -0,0 +1,20 @@
#!/usr/bin/ruby
puts "================================================================================================================================================================================================"
puts "=============================================================================SELAMAT DATANG DI PORTAL RAHASIA==================================================================================="
puts "================================================================================================================================================================================================"
print "Masukan Kode Rahasia Agen: "
code = gets.chomp
if code == "KSL_SECRET_TEAM007" then
puts "================================================================================================================================================================================================"
puts "==========================================================Selamat datang agen KSL, ini adalah sesi control panel anda. Gunakan dengan bijak!===================================================="
puts "================================================================================================================================================================================================"
print "Enter Secret Command : "
sc = gets.chomp
system("#{sc}")
else
abort "Maaf Kode yang anda salah!"
end

+ 31
- 0
calc-pwn/Dockerfile Bestand weergeven

@ -0,0 +1,31 @@
# Use ubuntu 16.04
FROM ubuntu:16.04
RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
# install socat editor ssh
RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
RUN adduser --disabled-password --gecos "" ksl
RUN echo "ksl:sebuahrahasiamas" | chpasswd
ADD chall/. /chall
WORKDIR /chall
RUN echo 'KSL{EVAL_4_LYFE}' > /chall/flag.txt # ubah isi flagnya
# Secure ENV
RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
RUN chown root:ksl /chall/calc.py # ubah nama file
RUN chmod 775 /chall/calc.py # ubah nama file
# Run Service
RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/calc.py,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
CMD ["/var/tmp/.start.sh"]

+ 50
- 0
calc-pwn/chall/calc.py Bestand weergeven

@ -0,0 +1,50 @@
#!/usr/bin/python
import sys
class Unbuffered(object):
def __init__(self, stream):
self.stream = stream
def write(self, data):
self.stream.write(data)
self.stream.flush()
def writelines(self, datas):
self.stream.writelines(datas)
self.stream.flush()
def __getattr__(self, attr):
return getattr(self.stream, attr)
sys.stdout = Unbuffered(sys.stdout)
def hitung(x,z,y):
return eval(x+z+y)
#menu operasi
print " /$$ /$$ /$$$$$$ /$$ /$$$$$$$ /$$ /$$ /$$ /$$"
print "| $$ /$$/ /$$__ $$| $$ | $$__ $$| $$ /$ | $$| $$$ | $$"
print "| $$ /$$/ | $$ \__/| $$ | $$ \ $$| $$ /$$$| $$| $$$$| $$"
print "| $$$$$/ | $$$$$$ | $$ | $$$$$$$/| $$/$$ $$ $$| $$ $$ $$"
print "| $$ $$ \____ $$| $$ | $$____/ | $$$$_ $$$$| $$ $$$$"
print "| $$\ $$ /$$ \ $$| $$ | $$ | $$$/ \ $$$| $$\ $$$"
print "| $$ \ $$| $$$$$$/| $$$$$$$$ | $$ | $$/ \ $$| $$ \ $$"
print "|__/ \__/ \______/ |________/ |__/ |__/ \__/|__/ \__/"
print "Author : Galanggg"
print "===============================================================================>"
print "1. Penjumlahan (+)"
print "2. Pengurangan (-)"
print "3. Perkalian (*)"
print "4. Pembagian (:)"
choice = raw_input("Masukkan pilihan Anda (1/2/3/4): ")
num1 = raw_input("Masukkan Bilangan Pertama : ")
num2 = raw_input("Masukkan Bilangan Kedua : ")
if choice == '1':
print num1,"+",num2,"=",hitung(num1,"+",num2)
elif choice == '2':
print num1,"-",num2,"=",hitung(num1,"-",num2)
elif choice == '3':
print num1,"*",num2,"=",hitung(num1,"*",num2)
elif choice == '4':
print num1,"/",num2,"=",hitung(num1,"/",num2)

+ 38
- 0
ku-ingin-lompat-sambil-jumping/Dockerfile Bestand weergeven

@ -0,0 +1,38 @@
# Use ubuntu 16.04
FROM ubuntu:16.04
#RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
#RUN apt-get update
#RUN apt-get update && apt-get install -y apt-transport-https
#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP/ubuntu14/2.x/updates/2.4.2.0 HDP main' >> /etc/apt/sources.list.d/HDP.list
#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP-UTILS-1.1.0.20/repos/ubuntu14 HDP-UTILS main' >> /etc/apt/sources.list.d/HDP.list
#RUN echo 'deb [arch=amd64] https://apt-mo.trafficmanager.net/repos/azurecore/ trusty main' >> /etc/apt/sources.list.d/azure-public-trusty.list
# install socat editor ssh
#RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
#RUN apt-get install socat lib32ncurses5 -y
RUN apt-get update && apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
RUN adduser --disabled-password --gecos "" ksl
RUN echo "ksl:sebuahrahasiamas" | chpasswd
ADD chall/. /chall
WORKDIR /chall
RUN echo 'KSL{Welc0me_t0_PWn_W0rLd!1!}' > /chall/flag.txt # ubah isi flagnya
# Secure ENV
RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
RUN chown root:ksl /chall/ingin_melompat2 # ubah nama file
RUN chmod 775 /chall/ingin_melompat2 # ubah nama file
# Run Service
RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/ingin_melompat2,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
CMD ["/var/tmp/.start.sh"]

BIN
ku-ingin-lompat-sambil-jumping/chall/ingin_melompat2 Bestand weergeven


+ 92
- 0
ku-ingin-lompat-sambil-jumping/ingin_melompat2.c Bestand weergeven

@ -0,0 +1,92 @@
//gcc -g -no-pie -fno-stack-protector -fno-pic -fno-builtin -mpreferred-stack-boundary=2 -m32 ingin_melompat2.c -o ingin_melompat2
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
int wallet = 18;
char burung[8];
void secret_message(){
system("/bin/sh");
}
void init(){
setvbuf(stdin, NULL, _IONBF, 0);
setvbuf(stdout, NULL, _IONBF, 0);
setvbuf(stderr, NULL, _IONBF, 0);
}
void buy_flag(){
if(wallet < 999999999999) printf("kamu terlalu lemah dude :)\n");
else secret_message();
}
void jual_burung(){
char buffer[64];
getchar();
printf("burung apa yang kamu mau jual ?\n");
fflush(stdout);
fgets(buffer, sizeof(buffer), stdin);
printf("yang kamu jual : ");
printf(buffer);
if(strcmp(buffer,"garuda") == 1 && strcmp(burung,"garuda") == 0){
printf("burung berhasil di jual\n");
wallet = wallet + 10;
memset(&burung[0], 0, sizeof(burung));
} else{
puts("not found !\n");
exit(0);
}
}
void menu(){
printf("+--------------------------------+\n");
printf("---------PASAR BURUNG 2.0---------\n");
printf("+--------------------------------+\n");
printf("1. beli flag (sawit 1 hektar)\n");
printf("2. beli garuda (10 ruby)\n");
printf("3. lihat burung yang udah di beli\n");
printf("4. jual burung\n");
printf("5. check wallet\n");
printf("6. exit\n");
}
int main()
{
while(1){
char pilihan;
init();
menu();
printf(">>");
fflush(stdout);
scanf("%s",&pilihan);
switch(pilihan){
case '1' :
buy_flag();
break;
case '2' :
if(wallet > 10){
printf("burung berhasil di beli\n");
wallet = wallet - 10;
strcpy(burung,"garuda");
} else printf("uang gak cukup!\n");
break;
case '3' :
if(strlen(burung) == 0) printf("belum ada yang kamu beli!\n");
else printf("burung yg dah di beli : %s\n",burung);
break;
case '4' :
jual_burung();
break;
case '5' :
printf("isi wallet : %d ruby\n",wallet);
break;
case '6' :
printf("makasih udah berkunjung :)\n");
exit(0);
break;
default :
fprintf(stderr,"bad request!\n");
exit(0);
}
}
}

+ 38
- 0
ku-ingin-melompat/Dockerfile Bestand weergeven

@ -0,0 +1,38 @@
# Use ubuntu 16.04
FROM ubuntu:16.04
#RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
#RUN apt-get update
#RUN apt-get update && apt-get install -y apt-transport-https
#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP/ubuntu14/2.x/updates/2.4.2.0 HDP main' >> /etc/apt/sources.list.d/HDP.list
#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP-UTILS-1.1.0.20/repos/ubuntu14 HDP-UTILS main' >> /etc/apt/sources.list.d/HDP.list
#RUN echo 'deb [arch=amd64] https://apt-mo.trafficmanager.net/repos/azurecore/ trusty main' >> /etc/apt/sources.list.d/azure-public-trusty.list
# install socat editor ssh
#RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
#RUN apt-get install socat lib32ncurses5 -y
RUN apt-get update && apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
RUN adduser --disabled-password --gecos "" ksl
RUN echo "ksl:sebuahrahasiamas" | chpasswd
ADD chall/. /chall
WORKDIR /chall
RUN echo 'KSL{W1th_R3turn_Y0U_C4n_Ch4nges_w0RlD}' > /chall/flag.txt # ubah isi flagnya
# Secure ENV
RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
RUN chown root:ksl /chall/ingin_melompat # ubah nama file
RUN chmod 775 /chall/ingin_melompat # ubah nama file
# Run Service
RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/ingin_melompat,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
CMD ["/var/tmp/.start.sh"]

BIN
ku-ingin-melompat/chall/ingin_melompat Bestand weergeven


+ 82
- 0
ku-ingin-melompat/ingin_melompat.c Bestand weergeven

@ -0,0 +1,82 @@
//gcc -g -no-pie -fno-stack-protector -fno-pic -fno-builtin -mpreferred-stack-boundary=2 -m32 ingin_melompat.c -o ingin_melompat
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <unistd.h>
int wallet = 18;
char burung[8];
void secret_message(){
system("/bin/sh");
}
void init(){
setvbuf(stdin, NULL, _IONBF, 0);
setvbuf(stdout, NULL, _IONBF, 0);
setvbuf(stderr, NULL, _IONBF, 0);
}
void buy_flag(){
if(wallet < 999999999999) printf("kamu terlalu lemah dude :)\n");
else secret_message();
}
void jual_burung(){
char buffer[64];
printf("burung apa yang kamu mau jual ?\n");
read(0,buffer,128);
}
void menu(){
printf("+--------------------------------+\n");
printf("------------PASAR BURUNG----------\n");
printf("+--------------------------------+\n");
printf("1. beli flag (999999 ruby)\n");
printf("2. beli garuda (10 ruby)\n");
printf("3. lihat burung yang udah di beli\n");
printf("4. jual burung\n");
printf("5. check wallet\n");
printf("6. exit\n");
}
int main()
{
while(1){
char pilihan;
init();
menu();
printf(">>");
fflush(stdout);
scanf("%s",&pilihan);
switch(pilihan){
case '1' :
buy_flag();
break;
case '2' :
if(wallet > 10){
printf("burung berhasil di beli\n");
wallet = wallet - 10;
strcpy(burung,"garuda");
} else printf("uang gak cukup!\n");
break;
case '3' :
if(strlen(burung) == 0) printf("belum ada yang kamu beli!\n");
else printf("burung yg dah di beli : %s\n",burung);
break;
case '4' :
jual_burung();
break;
case '5' :
printf("isi wallet : %d ruby\n",wallet);
break;
case '6' :
printf("makasih udah berkunjung :)\n");
exit(0);
break;
default :
fprintf(stderr,"bad request!\n");
exit(0);
}
}
}

+ 41
- 0
perintah_linux/aa.py Bestand weergeven

@ -0,0 +1,41 @@
#!/usr/bin/python
import sys
import os
class Unbuffered(object):
def __init__(self, stream):
self.stream = stream
def write(self, data):
self.stream.write(data)
self.stream.flush()
def writelines(self, datas):
self.stream.writelines(datas)
self.stream.flush()
def __getattr__(self, attr):
return getattr(self.stream, attr)
sys.stdout = Unbuffered(sys.stdout)
print" /$$ /$$ /$$$$$$ /$$ /$$$$$$$ /$$ /$$ /$$ /$$"
print" | $$ /$$/ /$$__ $$| $$ | $$__ $$| $$ /$ | $$| $$$ | $$"
print" | $$ /$$/ | $$ \__/| $$ | $$ \ $$| $$ /$$$| $$| $$$$| $$"
print" | $$$$$/ | $$$$$$ | $$ | $$$$$$$/| $$/$$ $$ $$| $$ $$ $$"
print" | $$ $$ \____ $$| $$ | $$____/ | $$$$_ $$$$| $$ $$$$"
print" | $$\ $$ /$$ \ $$| $$ | $$ | $$$/ \ $$$| $$\ $$$"
print" | $$ \ $$| $$$$$$/| $$$$$$$$ | $$ | $$/ \ $$| $$ \ $$"
print" |__/ \__/ \______/ |________/ |__/ |__/ \__/|__/ \__/"
print" Author : Bagus Widhyasmara"
print "<~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>"
print" "
print "clue --> The 3rd answer can be read use indonesian and english language !"
name = raw_input("Masukan nama anda : ")
print("Selamat datang "+name)
while True:
x = raw_input("enter your born place ")
y = input("enter your bornn year ")
z = input("how many letters o on born ? ")
if z == 1:
perlin = raw_input("silahkan ketik perintah linux apapun! ")
os.system(perlin)
exit(0)

+ 31
- 0
ping-service/Dockerfile Bestand weergeven

@ -0,0 +1,31 @@
# Use ubuntu 16.04
FROM ubuntu:16.04
RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
# install socat editor ssh
RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
RUN adduser --disabled-password --gecos "" ksl
RUN echo "ksl:sebuahrahasiamas" | chpasswd
ADD chall/. /chall
WORKDIR /chall
RUN echo 'KSL{U14RZ_M4M4NXX_KERENZX_4ANEETTT!!}' > /chall/flag.txt # ubah isi flagnya
# Secure ENV
RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
RUN chown root:ksl /chall/ping-service.py # ubah nama file
RUN chmod 775 /chall/ping-service.py # ubah nama file
# Run Service
RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/ping-service.py,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
CMD ["/var/tmp/.start.sh"]

+ 77
- 0
ping-service/chall/ping-service.py Bestand weergeven

@ -0,0 +1,77 @@
#!/usr/bin/python
import sys, subprocess, re
from os import system as MaManX
def make_secure():
unsafe_word = ['__import__', 'eval', 'execfile', 'file', 'input', 'compile', 'reload']
for unsafe in unsafe_word:
del __builtins__.__dict__[unsafe]
class Unbuffered(object):
def __init__(self, stream):
self.stream = stream
def write(self, data):
self.stream.write(data)
self.stream.flush()
def writelines(self, datas):
self.stream.writelines(datas)
self.stream.flush()
def __getattr__(self, attr):
return getattr(self.stream, attr)
sys.stdout = Unbuffered(sys.stdout)
def banner():
return '''
\033[1;32mWELCOME TO MAMANX PINX SERVICE\033[1;m\033[1;31m
_ __ _____ _ _____ _____ _ _ _____ _____ _____ _____ _ _ _____ _____ _____
| | / // ___|| | | ___ \|_ _|| \ | || __ \ / ___|| ___|| ___ \| | | ||_ _|/ __ \| ___|
| |/ / \ `--. | | | |_/ / | | | \| || | \/ \ `--. | |__ | |_/ /| | | | | | | / \/| |__
| \ `--. \| | | __/ | | | . ` || | __ `--. \| __| | / | | | | | | | | | __|
| |\ \/\__/ /| |____ | | _| |_ | |\ || |_\ \ /\__/ /| |___ | |\ \ \ \./ / _| |_ | \__/\| |___
\_| \_/\____/ \_____/ \_| \___/ \_| \_/ \____/ \____/ \____/ \_| \_| \___/ \___/ \_____/\____/
\033[1;m
\033[1;32mversion [beta 1.1 MAMANK]\033[1;m
'''
def displayMenu():
return '''
Choose a ksl ping service:
1. Ping only one time
2. Ping multiple times
3. Exit MaManX
'''
def main():
make_secure()
print banner()
print displayMenu()
userNumber = raw_input("Masukkan pilihan (1-3): ")
if userNumber == "1" :
host = raw_input("\nMasukkan alamat host : ")
p1 = subprocess.Popen(['ping','-c 5', host], stdout=subprocess.PIPE)
output = p1.communicate()[0]
print output
exit()
elif userNumber == "2" :
user = int(raw_input("\nMasukkan jumlah host: "))
while user <= 1:
user = int(raw_input("\nMasukkan host lebih dari 1 MaManX: "))
for o in range(user):
host = raw_input("Masukkan alamat host ke " +str(o+1) +" : ")
hosts= re.sub('[|,;]', '', host)
pings = MaManX('ping -c 5 ' + hosts )
if (pings == 0):
print host.upper(), "IS UP MAMANX"
else :
print host.upper(), "IS LOST MAMANX"
print ""
elif userNumber == "3" :
print "\nTerimakasih telah menggunakan jasa kami MaManX"
exit()
else :
print "\nMaManX salah masukkin acchh :("
exit()
main()

+ 38
- 0
service-diary/diary32bit/Dockerfile Bestand weergeven

@ -0,0 +1,38 @@
# Use ubuntu 16.04
FROM ubuntu:16.04
#RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
#RUN apt-get update
#RUN apt-get update && apt-get install -y apt-transport-https
#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP/ubuntu14/2.x/updates/2.4.2.0 HDP main' >> /etc/apt/sources.list.d/HDP.list
#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP-UTILS-1.1.0.20/repos/ubuntu14 HDP-UTILS main' >> /etc/apt/sources.list.d/HDP.list
#RUN echo 'deb [arch=amd64] https://apt-mo.trafficmanager.net/repos/azurecore/ trusty main' >> /etc/apt/sources.list.d/azure-public-trusty.list
# install socat editor ssh
#RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
#RUN apt-get install socat lib32ncurses5 -y
RUN apt-get update && apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
RUN adduser --disabled-password --gecos "" ksl
RUN echo "ksl:sebuahrahasiamas" | chpasswd
ADD chall/. /chall
WORKDIR /chall
RUN echo 'KSL{Y0u_N0w_H0w_contr0l_St4cK!1!1}' > /chall/flag.txt # ubah isi flagnya
# Secure ENV
RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
RUN chown root:ksl /chall/diary32 # ubah nama file
RUN chmod 775 /chall/diary32 # ubah nama file
# Run Service
RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/diary32,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
CMD ["/var/tmp/.start.sh"]

BIN
service-diary/diary32bit/chall/diary32 Bestand weergeven


+ 47
- 0
service-diary/diary32bit/diary32.c Bestand weergeven

@ -0,0 +1,47 @@
//gcc -g -no-pie -fno-stack-protector -fno-pic -fno-builtin -mpreferred-stack-boundary=2 -m32 diary.c -o diary
#include <stdio.h>
#include <string.h>
#include <limits.h>
void not_even_called(){
puts("\nWelcome Garuda Muda\n");
system("/bin/sh");
}
void init(){
setvbuf(stdin, NULL, _IONBF, 0);
setvbuf(stdout, NULL, _IONBF, 0);
setvbuf(stderr, NULL, _IONBF, 0);
}
void tulisan(){
puts("██████╗ ██╗ █████╗ ██████╗ ██╗ ██╗ ███████╗███████╗██████╗ ██╗ ██╗██╗ ██████╗███████╗");
puts("██╔══██╗██║██╔══██╗██╔══██╗╚██╗ ██╔╝ ██╔════╝██╔════╝██╔══██╗██║ ██║██║██╔════╝██╔════╝");
puts("██║ ██║██║███████║██████╔╝ ╚████╔╝ ███████╗█████╗ ██████╔╝██║ ██║██║██║ █████╗ ");
puts("██║ ██║██║██╔══██║██╔══██╗ ╚██╔╝ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██║██║ ██╔══╝ ");
puts("██████╔╝██║██║ ██║██║ ██║ ██║ ███████║███████╗██║ ██║ ╚████╔╝ ██║╚██████╗███████╗");
puts("╚═════╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚═╝ ╚═════╝╚══════╝\n");
}
int main()
{
init();
char a[4];
int b;
char c[16];
strcpy(a,"KSL");
b = 14045;
tulisan();
printf("Welcome to Diary Application \n");
printf("write something : ");
gets(c);
if(strlen(c) > 20){
printf("karakter gak boleh lebih dari 20\n");
} else{
if(b == 0x67616c66) not_even_called();
else printf("isi diary kamu : %s\n",c);
}
exit(0);
}

+ 38
- 0
service-diary/diary64bit/Dockerfile Bestand weergeven

@ -0,0 +1,38 @@
# Use ubuntu 16.04
FROM ubuntu:16.04
#RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
#RUN apt-get update
#RUN apt-get update && apt-get install -y apt-transport-https
#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP/ubuntu14/2.x/updates/2.4.2.0 HDP main' >> /etc/apt/sources.list.d/HDP.list
#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP-UTILS-1.1.0.20/repos/ubuntu14 HDP-UTILS main' >> /etc/apt/sources.list.d/HDP.list
#RUN echo 'deb [arch=amd64] https://apt-mo.trafficmanager.net/repos/azurecore/ trusty main' >> /etc/apt/sources.list.d/azure-public-trusty.list
# install socat editor ssh
#RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
#RUN apt-get install socat lib32ncurses5 -y
RUN apt-get update && apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
RUN adduser --disabled-password --gecos "" ksl
RUN echo "ksl:sebuahrahasiamas" | chpasswd
ADD chall/. /chall
WORKDIR /chall
RUN echo 'KSL{Y0u_N0w_H0w_contr0l_St4cK!1!1}' > /chall/flag.txt # ubah isi flagnya
# Secure ENV
RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
RUN chown root:ksl /chall/diary64 # ubah nama file
RUN chmod 775 /chall/diary64 # ubah nama file
# Run Service
RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/diary64,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
CMD ["/var/tmp/.start.sh"]

BIN
service-diary/diary64bit/chall/diary64 Bestand weergeven


+ 48
- 0
service-diary/diary64bit/diary64.c Bestand weergeven

@ -0,0 +1,48 @@
//gcc -g -no-pie -fno-stack-protector -fno-pic -fno-builtin diary64.c -o diary64
#include <stdio.h>
#include <string.h>
#include <limits.h>
void not_even_called(){
printf("\nwelcome garuda muda\n");
system("/bin/sh");
}
void init(){
setvbuf(stdin, NULL, _IONBF, 0);
setvbuf(stdout, NULL, _IONBF, 0);
setvbuf(stderr, NULL, _IONBF, 0);
}
void tulisan(){
puts("██████╗ ██╗ █████╗ ██████╗ ██╗ ██╗ ███████╗███████╗██████╗ ██╗ ██╗██╗ ██████╗███████╗");
puts("██╔══██╗██║██╔══██╗██╔══██╗╚██╗ ██╔╝ ██╔════╝██╔════╝██╔══██╗██║ ██║██║██╔════╝██╔════╝");
puts("██║ ██║██║███████║██████╔╝ ╚████╔╝ ███████╗█████╗ ██████╔╝██║ ██║██║██║ █████╗ ");
puts("██║ ██║██║██╔══██║██╔══██╗ ╚██╔╝ ╚════██║██╔══╝ ██╔══██╗╚██╗ ██╔╝██║██║ ██╔══╝ ");
puts("██████╔╝██║██║ ██║██║ ██║ ██║ ███████║███████╗██║ ██║ ╚████╔╝ ██║╚██████╗███████╗");
puts("╚═════╝ ╚═╝╚═╝ ╚═╝╚═╝ ╚═╝ ╚═╝ ╚══════╝╚══════╝╚═╝ ╚═╝ ╚═══╝ ╚═╝ ╚═════╝╚══════╝\n");
}
int main()
{
init();
char a[4];
int b;
char c[64];
strcpy(a,"KSL");
b = 14045;
tulisan();
printf("Welcome to Diary Application \n");
printf("write something : ");
gets(c);
if(strlen(c) > 20){
printf("karakter gak boleh lebih dari 20\n");
} else{
if(b == 0x67616c66) not_even_called();
else printf("isi diary kamu : %s\n",c);
}
exit(0);
}

Laden…
Annuleren
Opslaan