Skip to content

enjhnsn2/EpicTreasure

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits
docker
docker
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
Vagrantfile
Vagrantfile
 
 
et_setup.sh
et_setup.sh
 
 
setup.sh
setup.sh
 
 

Repository files navigation

EpicTreasure - Batteries included CTF VM

Tools included

Docker

docker pull ctfhacker/epictreasure
docker run -v /path/to/host/share/folder:/root/host-share --privileged -it --workdir=/root ctfhacker/epictreasure

Vagrant

Install VirtualBox

Check Virtualbox for information on installing Virtualbox on your respective operating system.

Install Vagrant

Check VagrantUp for information on installing vagrant.

Fire up the VM

git clone https://github.com/ctfhacker/epictreasure
cd epictreasure
mkdir host-share
vagrant up
... Go grab a coffee while we install all the things
vagrant ssh

Default settings

By default, my dotfiles are installed onto the VM. Simply comment out the following lines in et_setup.sh if you don't want my settings.

# Personal config
sudo sudo apt-get -y install stow
cd /home/vagrant
rm .bashrc
git clone https://github.com/thebarbershopper/dotfiles
cd dotfiles
./install.sh

Terminal

  • Colorscheme for the terminal and vim is solarized

Vim

  • jk or jj to ESC out of Vim
  • ESC and Arrow keys are hard coded to not work in Vim (as a teaching mechanism)
  • : is remapped to ; (who uses ; anyway?)
  • leader key is SPACE (thanks to spacemacs)
  • SPACE p will drop an embedded IPython line in a python script
  • H moves to beginning of line, L moves to end of line (instead of ^ and $)

Tmux

  • A new shell spawns a fresh tmux session
  • tmux leader switched to Ctrl+A
  • Ctrl+A - produces a horizontal pane. Ctrl+A \ produces a vertical pane.
  • Ctrl+A [hjkl] moves around available panes as vim motion

Check correct installation

Pwndbg

Run the following command in the VM:

gdb /bin/ls

Expected output:

Loaded 53 commands.  Type pwndbg for a list.
Reading symbols from host-share/crackme...(no debugging symbols found)...done.
Only available when running
pwn>

Radare

Run the following command in the VM:

r2 /bin/ls

Expected output:

[0x00404890]> aaa

Binjitsu

Run the following command in the VM:

python
>>> from pwn import *
>>> elf = ELF('/bin/ls')
[*] '/bin/ls'
    Arch:     amd64-64-little
    RELRO:    Partial RELRO
    Stack:    Canary found
    NX:       NX enabled
    PIE:      No PIE
    FORTIFY:  Enabled
>>> rop = ROP(elf)
[*] Loading gadgets for '/bin/ls'

angr

Run the following commands in the VM:

source ~/angr/bin/activate
python
>>> import angr
>>>

decompile

Run the following commands in the VM:

decompile binary_name

Shared folder

Drop files in the host-share folder on your host to find them on your VM at /home/vagrant/host-share

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 78.4%
  • Shell 21.6%