From da4dfa3a3ee4d7110fa57d90b09d783cdbaea75d Mon Sep 17 00:00:00 2001
From: letmein <nyomanpradipta120@gmail.com>
Date: Thu, 8 Nov 2018 19:40:53 +0800
Subject: [PATCH] add soal baru

---
 README.md                 |   4 +++-
 kesek-kesek/Dockerfile    |  38 ++++++++++++++++++++++++++++++++++++++
 kesek-kesek/chall/membuat | Bin 0 -> 7248 bytes
 kesek-kesek/membuat.c     |  17 +++++++++++++++++
 4 files changed, 58 insertions(+), 1 deletion(-)
 create mode 100644 kesek-kesek/Dockerfile
 create mode 100755 kesek-kesek/chall/membuat
 create mode 100644 kesek-kesek/membuat.c

diff --git a/README.md b/README.md
index 21491d2..4e4df31 100644
--- a/README.md
+++ b/README.md
@@ -37,4 +37,6 @@ Chall:
    --> 30702
    
 8. service_agent
-   --> 30802
\ No newline at end of file
+   --> 30802
+9. kesek-kesek
+   --> 30902
diff --git a/kesek-kesek/Dockerfile b/kesek-kesek/Dockerfile
new file mode 100644
index 0000000..26bd7c6
--- /dev/null
+++ b/kesek-kesek/Dockerfile
@@ -0,0 +1,38 @@
+# Use ubuntu 16.04
+FROM ubuntu:16.04
+
+#RUN apt-get update && apt-get -y dist-upgrade --fix-missing --fix-broken
+#RUN apt-get update
+#RUN apt-get update && apt-get install -y apt-transport-https
+#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP/ubuntu14/2.x/updates/2.4.2.0 HDP main' >> /etc/apt/sources.list.d/HDP.list
+#RUN echo 'deb http://private-repo-1.hortonworks.com/HDP-UTILS-1.1.0.20/repos/ubuntu14 HDP-UTILS main' >> /etc/apt/sources.list.d/HDP.list
+#RUN echo 'deb [arch=amd64] https://apt-mo.trafficmanager.net/repos/azurecore/ trusty main' >> /etc/apt/sources.list.d/azure-public-trusty.list
+
+# install socat editor ssh
+#RUN apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
+#RUN apt-get install socat lib32ncurses5 -y
+RUN apt-get update && apt-get install curl netcat-openbsd vim nano openssh-server socat lib32ncurses5 python python-pip python-dev -y
+
+RUN adduser --disabled-password --gecos "" ksl
+RUN echo "ksl:sebuahrahasiamas" | chpasswd
+
+ADD chall/. /chall
+WORKDIR /chall
+
+RUN echo 'KSL{Upps_Yo0_Th3_R3AA#$L_FuCkB0y}'  > /chall/flag.txt # ubah isi flagnya
+
+# Secure ENV
+
+RUN echo 'alias kill="echo no kill please!"' >> ~/.bashrc
+RUN chmod 700 /tmp /var/tmp /usr/bin/* /bin/* /dev/shm
+RUN chmod 755 /usr/bin/env /bin/dash /bin/bash /bin/sh /bin/nc /bin/cat /usr/bin/curl /usr/bin/groups /usr/bin/id /bin/ls /usr/bin/python
+
+
+RUN chown root:ksl /chall/membuat # ubah nama file
+RUN chmod 775 /chall/membuat # ubah nama file
+
+# Run Service
+
+RUN echo '#!/bin/bash'"\n(socat TCP-LISTEN:7000,reuseaddr,fork EXEC:"/chall/membuat,su=nobody")" > /var/tmp/.start.sh && chmod +x /var/tmp/.start.sh
+
+CMD ["/var/tmp/.start.sh"]
diff --git a/kesek-kesek/chall/membuat b/kesek-kesek/chall/membuat
new file mode 100755
index 0000000000000000000000000000000000000000..32c74ee30a3aecbe8890f7fe2806c255297de9c7
GIT binary patch
literal 7248
zcmeHMU2I%O6`u93lTEtaZj4Fu2fa|cq*Z)lr)gr^0$Im)5^$WY;{>59xxM!8dRN&W
zYxi!jOGF*EX=;omx8kRQhZ+=t1OX~Q5P^{r)=d=XLnt8e5JXWMY10@fQ6Tui&GLOS
zcjC2EB*Y`~SZB|iIp3U_IWza(Gsn+$bai?>9-&K(@Cr&3MW25w_~iXcvsD;kh1e)Q
zEIuTbp^3V!Bfx+RbRhZAM)HDsA@?5l`AHvuOrj3WlE8#OUsA(zAxO1s3n{(-J|X<C
z`uwB~u6>S6eGM7(A?QeD$Rz6Z91`f0z}TdAw3D<ha>a?xVX(OqK0oP6=tx@s6!Z}9
zDwraN7d_Bd&u<oOB=+a}Hm8z(n^V!IR5DW-GV@t;i_)<#^}D(c;8*#HYhhvEdJug_
z{kxl2zuc7b-n><Rb49u5C$BvCwaYh%<s4{3`pOUns<Q2epLzQ%>(%9<DxnVb2Nuce
z7Riw+*+89ptPA@$X#so{=pN7%{KvVkqGzz~ey(?$u=eb;@=i3Fu?qQER1CzNyokqB
zg?vH`=8_pFE}+d89AR1P1gxENthAlXh+SQK+ICu7%x35Y(%FowvoHvDo_~sa;0OMx
zJ)t&~Ox{afCk2#QoQ-9e+#ER$M_|(DUycqTa+s+nhr`#9!=d|&Gyd}L(D8Wb+6E!U
zinEnU<-}R1wtNtc#cBW3B~f|I2Xv*;k6(^aX{6Nzt5@FwywXVP3F@w1k}^k0aO<z0
zl`=<5tfBmxlsU`z1Y}uS{(gA$Z^d`6M|yk852EFG=^0FAyf}HKQi+TgcaS}G@WR>e
zKJW8K%0GgIe~fKtD8(n#-^9&3Rn<_fWXqWb4F3uKI1OhwBG$M5!046YOnri_l}p9x
z(8bc|t?{XkQGK&C{xf-wTv_&SBJ$j9&FF8=z59UY((h*-<CoIbo6h~xRw$y3y(x{2
zI}g#$&j}fkV~c{q`O7J+;CwCZc`la5kKQ#N%pJP+W&G|hPLGsLppTcj*V7|s>5B5P
z+m%Xj+Ba65gKA7f%3n|o;~i6x@^ka`@#3E(zDqXw$4?vs9u6(b)@`bF-pXTcPX#M0
zy-zx9?9klBJ5HWB@Y#d=%ijR{c<C2-o{BSpu~fsx@t+1@zWjstDwXk~AJvD?pSxXi
z;+E6cQc->=&iD>goQ6%3zWOU-iWfX^*T-)c-Y!lDo<3|HQvPty<)d<p{Tzb_k?#o)
z&U)I;7mnB&BV(s+!_Gu)<8edeV=0J^5w#sVGhj64SBkzuJRZv#HUQBiFpYyNg=f9@
ziB{Obqan6psyxNdgMS75kKn!F-^Z|%;O&^;H25j-5S}5vt5`hG_6W~0zh`~G=X;UQ
z7TR!N#Sr@IcbfsZ88nSOihzrtzcU#4^nLd@z9I3cbx%C9rQxIO$MLQMBOff(4G`y4
zgE_neF2X_oiJG>1Yuk(7n$g!w7*gy;Gv_-5%%MA&a4>Mv8xDqE@P&i*#oF$mkqkD3
zgB#m}o7#iTdxOTVV12k04291J1K|rnfB5wv-V>a|pJ@-a^xSE3sVsS5$pcFsSn|M<
z2bMhW|LK8A#M6TygfQ|>5daV14vY(hIE6dTT5#S)5qiqI8sab!fXrBj_n&{>u4GT+
zuE~2@*OzeL0DlAWN^o9XcvoV4@j(y^<2Qk*mvM#xVm!q=6|dVf=+F9PaNfJvkN0QB
zMF>r@Q)ovRmgQWpgP(?s>i<-Df7Ts4vEGBAIOr%yx9{4y^KoP2fxbe<DHz+$N6qG@
zE!zuHZ24kKtJ%EuVb!cVEaJ=out{YW)V*BED$08Cj$V32(2q(_&niDEnch|YRWiLS
zgkHZ_-h^={b^YO$9#ei)_!SaQ|0<cgqxM<J+$F@S?%KVArvP`BJ2Fp$%8ihFMUYIM
z4|1<SQUc`+&I`F$?wraqD4Dw|MC%J$&)rq$irg!AS)D5-t0-IVk=H#vyfG^MYBG6_
z$h`9OApXX=Qt}!y!P}LRd5Y(YSFDp~UAOqejS5$M-Cb`D*2fh#<GCP)@<+h=oM?GF
zD)ROQ?h$L{-J8z^^&Xt+G&r9v%IrT3&gY1-2kU)>6}NDFo@reue+PnbQsb4ss`aly
z(BttbIR{z$%L9M?7P20X`oBPC&Ib%-mAFpk`o{zREyDyRq36l0!+cjmehdEKNvx|0
ziX>$1Uqh@Bn;`4L*?n@699bkk16l7!2>p4N;`@a*>TrGrAZz>7J5~J+V2Y3pcfPA?
z)`$tn)j60~tMHu96yzPS&$|)VGX=iU?H|H^y#f6ttWT~N>q|ps?hi1De+M$pGuO`?
z&o#)p@HD>%d44@>#R?c=ZsH~AI9?F4)^on+f#-XbHtP6R?9VxQ2bWW`UqoZM*g!Jx
z#B!FCw)#`qOe~KiP&8`|q_TZ>%8EMKT;8$^L!v*M9!$lYSk&CUrM2b#K~_AONm_O;
zXAfJkjFTG{@tmEGS<yl|J&Z0@k_Du*0Gf`a`wF&$Sy@(RPk3*K)zRH<S&$Y$qrz(c
zTz7cyo}CLdGM|Mer1Gqe-L8e*?LETU)wQoJ+-2?S?A+hcYxRcPx;ki8X2JUN1vzQR
zL#^9PWX-I>e#=P|GDpn5AvbfjW5;}kOr_MSTbOC9maQ0*05C|VQfUwt<kg_dXRQR1
z2dUWN#NA!#xdpc8XHBOFE1I%$u~fF-c48dLN%mWVN!W}JT8YoQ8NY=F`to^qQZn~v
zS-pFAx}FwhemL#eec(<`@r14+gBZ&V3Nw>+VrIB)Pm^O0xY9tTVD=S~NWUhd!lab2
zk##hq!x`99+{r1;(O52@%w`q{7Iaty@v1VIa)c?@XQFBjWFb1SA^h@u0h5&;He(6*
zL?xmyp(WK-9WB*E*D-*dPWEH)tV7F~8h6TsON5E@oyM8vQ}W*x#wC0-`5eo<I|RlI
zx=_c$oZ@m2aWX#+g@L**>WeEx3mP<z-)H7_8Z-!8<JwWbg&2hP_}xD3+EZU@g(J2b
z#IGxHjEnf*89|+2a8#u|#yQNiG72EB3*YH3RAlNGG7GURhe3>i<ha0{Muq+LxNIjK
z0WoG`opHewDhBG+<3beAf*2hT$GGb<D%JM52EMe4AmZ9Uj3Z`TdmNXso5nFG#kq1E
zzV8B96n(D?aV#f68ppV!8Muhls2|RO*q1>X$9QA}IQbG)Fj=SkttuSf;}gKuaZzre
zJ(h2Sv^{=*PGJEm+K_5FCTrhwaWuj2z!~7$sc?&4$B!Y?9&!A>^8YJOx)?Hz`!(ts
z$2h1J4w`u%+y%5T_Q3Sj|A7!%X&Z#IPWl6gQ5SKH0|Ng6_gCn-7sN3>;Qx=xZX1}i
zMgM&r#Q71&IBOQTYCr37*;nIa`~b)DE})CX-9UrJ@w>hOxW)F^=U*VUb6kEe8-Sw?
zU1)=44#avh1r*{QQC0a%ou;a77ZKo^VUTm&1fp#;$+OHcbs51SSXb3ikIQd;HSU`T
LJ!`cRI$ixY&IIfT

literal 0
HcmV?d00001

diff --git a/kesek-kesek/membuat.c b/kesek-kesek/membuat.c
new file mode 100644
index 0000000..845af8b
--- /dev/null
+++ b/kesek-kesek/membuat.c
@@ -0,0 +1,17 @@
+#include <stdlib.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <string.h>
+
+int main(int argc, char **argv)
+{
+  char buffer[64];
+  char vuln[64];
+  printf("masukan nama anda : ");
+  fflush(stdout); 
+  gets(buffer);
+  printf("selamat datang %s\n",buffer);
+  printf("buffer ada di : %p\n",vuln);
+  fflush(stdout); 
+  gets(vuln);
+}