NoPwnDocker

ENGLISH | 中文

Included

• zsh
• oh-my-zsh
• starship
• pwntools —— CTF framework and exploit development library
• gef
• pwndbg —— a GDB plug-in that makes debugging with GDB suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers
• pwngdb —— gdb for pwn
• ROPgadget —— facilitate ROP exploitation tool
• one_gadget —— A searching one-gadget of execve('/bin/sh', NULL, NULL) tool for amd64 and i386
• seccomp-tools —— Provide powerful tools for seccomp analysis
• ltrace —— trace library function call
• strace —— trace system call

How to use?

Compose

git clone https://github.com/Nova-Noir/NoPwnDocker
cd NoPwnDocker
sudo docker compose up -d
sudo docker exec -it nopwndocker:ubuntu20.04 /bin/zsh

It might takes 30+ minutes depends on your computer performance It will use 8GB~ of your disks.

Put your challenges and custom libc into folder challenge

Manual

git clone https://github.com/Nova-Noir/NoPwnDocker
cd NoPwnDocker
docker build . -t nopwndocker:ubuntu22.04 \
       --build-arg image=ubuntu:22.04 --build-arg proxy=http://172.17.0.1:7890 --build-arg python-version=3.11.5
docker run -it \
           --platform linux/amd64 \
           --security-opt seccomp:unconfined \
           --cap-add SYS_PTRACE \
           --add-host host.docker.internal:host-gateway \
           -v "$(pwd):/home/ctf/challenge" \
           --tty nopwndocker:ubuntu22.04

Configuration

docker-compose.yml

• BUILD_MULTI: set true to enable NoPwnDocker compiling multiarch GDB (WILL OCCUPY 2G~ DISK)

There's not much can be modified. But you do can change something.

• open Dockerfile, you can change the version and proxy.
• open docker-compose.yml, you can change the container name.
• modify starship.toml to use your own starship style.
• modify .gdbinit to use your own gdbinit config.

Usage or features

gdb

init-gef、init-pwndbg to load different gdb plugin.

zsh

zsh-autosuggestions plugins

build_glibc

A shell file to build glibc source with debug in one command. bash ~/build_glibc.sh -h

There could be some bug when building older version of glibc. Check below to see the solution. (at least for me)

`loc1@GLIBC_2.2.5' can't be versioned to common symbol 'loc1'

see https://patchwork.ozlabs.org/project/glibc/patch/20170623161158.GA5384@gmail.com/

Update Log

2023/10/31

🐛 GDB is now fully copied from builder 🐛 zsh plugins works normally now 🚸 New user will use the same configuration now

2023/10/02

♻️ Refactor Dockerfile and docker-compose.yml

2023/03/23

🔥 Remove build_glibc32.sh and build_glibc64.sh, add build_glibc.sh for general usage. :fire: Remove built-in glibc to reduce the docker size and build time.