From da4dfa3a3ee4d7110fa57d90b09d783cdbaea75d Mon Sep 17 00:00:00 2001 From: letmein Date: Thu, 8 Nov 2018 19:40:53 +0800 Subject: [PATCH] add soal baru --- README.md | 4 +++- kesek-kesek/Dockerfile | 38 ++++++++++++++++++++++++++++++++++++++ kesek-kesek/chall/membuat | Bin 0 -> 7248 bytes kesek-kesek/membuat.c | 17 +++++++++++++++++ 4 files changed, 58 insertions(+), 1 deletion(-) create mode 100644 kesek-kesek/Dockerfile create mode 100755 kesek-kesek/chall/membuat create mode 100644 kesek-kesek/membuat.c diff --git a/README.md b/README.md index 21491d2..4e4df31 100644 --- a/README.md +++ b/README.md @@ -37,4 +37,6 @@ Chall: --> 30702 8. service_agent - --> 30802 \ No newline at end of file + --> 30802 +9. kesek-kesek + --> 30902 diff --git a/kesek-kesek/Dockerfile b/kesek-kesek/Dockerfile new file mode 100644 index 0000000..26bd7c6 --- /dev/null +++ b/kesek-kesek/Dockerfile @@ -0,0 +1,38 @@ +# Use ubuntu 16.04 +FROM ubuntu:16.04 + +#RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken +#RUN apt-get update +#RUN apt-get update && apt-get install -y apt-transport-https +#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP/ubuntu14/2.x/updates/2.4.2.0 HDP main' >> /etc/apt/sources.list.d/HDP.list +#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP-UTILS-1.1.0.20/repos/ubuntu14 HDP-UTILS main' >> /etc/apt/sources.list.d/HDP.list +#RUN echo 'deb [arch=amd64] https://apt-mo.trafficmanager.net/repos/azurecore/ trusty main' >> /etc/apt/sources.list.d/azure-public-trusty.list + +# install socat editor ssh +#RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y +#RUN apt-get install socat lib32ncurses5 -y +RUN apt-get update && apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y + +RUN adduser --disabled-password --gecos "" ksl +RUN echo "ksl:sebuahrahasiamas" | chpasswd + +ADD chall/. /chall +WORKDIR /chall + +RUN echo 'KSL{Upps_Yo0_Th3_R3AA#$L_FuCkB0y}' > /chall/flag.txt # ubah isi flagnya + +# Secure ENV + +RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc +RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm +RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python + + +RUN chown root:ksl /chall/membuat # ubah nama file +RUN chmod 775 /chall/membuat # ubah nama file + +# Run Service + +RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/membuat,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh + +CMD ["/var/tmp/.start.sh"] diff --git a/kesek-kesek/chall/membuat b/kesek-kesek/chall/membuat new file mode 100755 index 0000000000000000000000000000000000000000..32c74ee30a3aecbe8890f7fe2806c255297de9c7 GIT binary patch literal 7248 zcmeHMU2I%O6`u93lTEtaZj4Fu2fa|cq*Z)lr)gr^0$Im)5^$WY;{>59xxM!8dRN&W zYxi!jOGF*EX=;omx8kRQhZ+=t1OX~Q5P^{r)=d=XLnt8e5JXWMY10@fQ6Tui&GLOS zcjC2EB*Y`~SZB|iIp3U_IWza(Gsn+$bai?>9-&K(@Cr&3MW25w_~iXcvsD;kh1e)Q zEIuTbp^3V!Bfx+RbRhZAM)HDsA@?5l`AHvuOrj3WlE8#OUsA(zAxO1s3n{(-J|XS6eGM7(A?QeD$Rz6Z91`f0z}TdAw3Da?xVX(OqK0oP6=tx@s6!Z}9 zDwraN7d_Bd&u(%9e zKJW8K%0GgIe~fKtD8(n#-^9&3Rn<_fWXqWb4F3uKI1OhwBG$M5!046YOnri_l}p9x z(8bc|t?{XkQGK&C{xf-wTv_&SBJ$j9&FF8=z59UY((h*-5B5P z+m%Xj+Ba65gKA7f%3n|o;~i6x@^ka`@#3E(zDqXw$4?vs9u6(b)@`bF-pXTcPX#M0 zy-zx9?9klBJ5HWB@Y#d=%ijR{c=&iD>goQ6%3zWOU-iWfX^*T-)c-Y!lDo<3|HQvPty<)d1Yuk(7n$g!w7*gy;Gv_-5%%MA&a4>Mv8xDqE@P&i*#oF$mkqkD3 zgB#m}o7#iTdxOTVV12k04291J1K|rnfB5wv-V>a|pJ@-a^xSE3sVsS5$pcFsSn|M< z2bMhW|LK8A#M6TygfQ|>5daV14vY(hIE6dTT5#S)5qiqI8sab!fXrBj_n&{>u4GT+ zuE~2@*OzeL0DlAWN^o9XcvoV4@j(y^<2Qk*mvM#xVm!q=6|dVf=+F9PaNfJvkN0QB zMF>r@Q)ovRmgQWpgP(?s>i<-Df7Ts4vEGBAIOr%yx9{4y^KoP2fxbe6}NDFo@reue+PnbQsb4ss`aly z(BttbIR{z$%L9M?7P20X`oBPC&Ib%-mAFpk`o{zREyDyRq36l0!+cjmehdEKNvx|0 ziX>$1Uqh@Bn;`4L*?n@699bkk16l7!2>p4N;`@a*>TrGrAZz>7J5~J+V2Y3pcfPA? z)`$tn)j60~tMHu96yzPS&$|)VGX=iU?H|H^y#f6ttWT~N>q|ps?hi1De+M$pGuO`? z&o#)p@HD>%d44@>#R?c=ZsH~AI9?F4)^on+f#-XbHtP6R?9VxQ2bWW`UqoZM*g!Jx z#B!FCw)#`qOe~KiP&8`|q_TZ>%8EMKT;8$^L!v*M9!$lYSk&CUrM2b#K~_AONm_O; zXAfJkjFTG{@tmEGSe#=P|GDpn5AvbfjW5;}kOr_MSTbOC9maQ0*05C|VQfUwt+VrIB)Pm^O0xY9tTVD=S~NWUhd!lab2 zk##hq!x`99+{r1;(O52@%w`q{7Iaty@v1VIa)c?@XQFBjWFb1SA^h@u0h5&;He(6* zL?xmyp(WK-9WB*E*D-*dPWEH)tV7F~8h6TsON5E@oyM8vQ}W*x#wC0-`5eoWeEx3mPiX$9QA}IQbG)Fj=SkttuSf;}gKuaZzre zJ(h2Sv^{=*PGJEm+K_5FCTrhwaWuj2z!~7$sc?&4$B!Y?9&!A>^8YJOx)?Hz`!(ts z$2h1J4w`u%+y%5T_Q3Sj|A7!%X&Z#IPWl6gQ5SKH0|Ng6_gCn-7sN3>;Qx=xZX1}i zMgM&r#Q71&IBOQTYCr37*;nIa`~b)DE})CX-9UrJ@w>hOxW)F^=U*VUb6kEe8-Sw? zU1)=44#avh1r*{QQC0a%ou;a77ZKo^VUTm&1fp#;$+OHcbs51SSXb3ikIQd;HSU`T LJ!`cRI$ixY&IIfT literal 0 HcmV?d00001 diff --git a/kesek-kesek/membuat.c b/kesek-kesek/membuat.c new file mode 100644 index 0000000..845af8b --- /dev/null +++ b/kesek-kesek/membuat.c @@ -0,0 +1,17 @@ +#include +#include +#include +#include + +int main(int argc, char **argv) +{ + char buffer[64]; + char vuln[64]; + printf("masukan nama anda : "); + fflush(stdout); + gets(buffer); + printf("selamat datang %s\n",buffer); + printf("buffer ada di : %p\n",vuln); + fflush(stdout); + gets(vuln); +}