This repo contains all of the files associated with my ctf used at Sectalks MEL0x14. I have included all the socat scripts, docker containers, docker-compose scripts and a couple of little automater scripts. The aim is to show a little bit more about how dockerizing a CTF works on a very small-scale!
In order to play on your own machine:
- build each docker image with:
docker build -t stackme:0.1 stackme/ docker build -t babyecho:0.1 babyecho/ docker build -t nopnopnop:0.1 nopnopnop/ docker build -t legitbusiness:0.1 legitbusiness/ docker build -t stackme:0.1 stackme/ - check they have all built correctly with
docker images. - now, either use the
start.shscript to start the socat wrapper on your own machine and begin playing; or - enter each challenge folder and use
docker-compose -dto spin up the docker container as a daemon and play from there.
I recommend using the socat wrapper on a VPS or local VM as it's the best way to practise remotely exploiting CTF binaries!
The code in each challenge is deliberately vulnerable and bad things can happen if exposed incorrectly. Please take measures to limit the risk on your machine by placing it in a VM or on a VPS. I am not liable if bad things happen on your machine as a result :(