Hey y'all,

I have been learning some docker stuff lately on and off and have sort of started making a full on mini set of CTF challenges.

If you're interested in having a go I have 2 challenges created so far, I anticipate having around 10 or so but the first 2 are ready for someone to
have a go at. I would love some feedback so I can determine whether they're
too easy or too hard or if you have any suggestions for more challenges.

If you want to have a go, you can get to the first challenge using ssh to the following address;

ssh user01@www.erb.pw -p1337

The password for user01 is also user01, none of the other users' passwords
will be that easy though =) The description for the first challenge, is;

"Can you get to your home folder and open the flag?"

Let me know how you get on, feedback / suggestions very much welcomed.
If you had a go at my first attempt of a challenge, you'll know this one as it's the same, just the format has changed slightly to allow me to build on
it with more.

It's all done in a Docker container, with a Dockerfile to build the challenge "machine" every 60 minutes. If your connection drops while on it, just reconnect as it's likely that it kicked you off to rebuild the image.

I haven't yet figured out how to spawn a new image for every connection and then despawn it upon quitting, but that is my goal at some point to figure that.

---
|14Best regards,
|11Ch|03rist|11ia|15n |11a|03ka |11Me|03aTLoT|11io|15N

|07ÄÄ |08[|10eml|08] |15ml@erb.pw |07ÄÄ |08[|10web|08] |15www.erb.pw |07ÄÄÄ¿ |07ÄÄ |08[|09fsx|08] |1521:1/158 |07ÄÄ |08[|11tqw|08] |151337:1/101 |07ÂÄÄÙ |07ÄÄ |08[|12rtn|08] |1580:774/81 |07ÄÂ |08[|14fdn|08] |152:250/5 |07ÄÄÄÙ
|07ÄÄ |08[|10ark|08] |1510:104/2 |07ÄÙ

--- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
* Origin: The Quantum Wormhole, Ramsgate, UK. bbs.erb.pw (1337:1/101)

Re: tqwCTF
By: MeaTLoTioN to All on Wed Apr 15 2020 07:28 pm

I haven't yet figured out how to spawn a new image for every connection and then despawn it upon quitting, but that is my goal at some point to figure that.

So you shouldnt need to rebuild the image with a new challenge (although I dont
really understand what you are trying to do).

But if I'm thinking correctly, you would restart the container every "x" mins, that has a new challenge - that is easy to do. (That new challenge is calculated when the container starts.)

EG: For my BBS containers, I start zerotier if "ZT_ENABLE=1" is set, before starting the BBS.

Depending on how you start your containers (I use docker swarm):
* If you just "docker run", then you could do "--restart=always", or "--restart=unless-stopped", and then inside or outside the container kill it. To kill from inside the container, just "kill 1". From outside the container, you would do "docker kill <name>",

* If you are using "docker swarm", then the container will auto restart when you start the stack or service, so "docker stop" or "kill 1" (from inside), will make it auto restart until you "docker rm service", or "docker rm stack". ...deon


... Laugh and the world laughs with you, snore and you sleep alone.
--- SBBSecho 3.10-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (1337:2/101)

So you shouldnt need to rebuild the image with a new challenge (although
I dont really understand what you are trying to do).

No what I want it to be like is say you connect to my system on the right
port, it will create an instance of the container there and then in real
time, and assuming you log in with the right creds, it will land you inside
it at the shell. Once you log out, it will kill that instance.

The reason i would like it like that is so any changes, scripts, whatever someone does when logged in, are all gone so that if someone else logs in later, it's fresh ready for them to start that challenge without anything
being messed with.

Currently I have it set on a cronjob to kill and rebuild the container every hour which does achieve sort of what I am wanting, but it would be nicer to spawn a new instance upon connecting and despawn it when leaving.

when you start the stack or service, so "docker stop" or "kill 1" (from

Hmm a "kill 1" from inside sounds reasonable-ish... I could make it do that upon logout, so that when they log in again it will be fresh and not have to restart it every hour... but if 2 people are logged in at the same time, and one logs out, it will kill the progress of the other user... so hmm, not sure how to proceed with this yet.

---
|14Best regards,
|11Ch|03rist|11ia|15n |11a|03ka |11Me|03aTLoT|11io|15N

|07ÄÄ |08[|10eml|08] |15ml@erb.pw |07ÄÄ |08[|10web|08] |15www.erb.pw |07ÄÄÄ¿ |07ÄÄ |08[|09fsx|08] |1521:1/158 |07ÄÄ |08[|11tqw|08] |151337:1/101 |07ÂÄÄÙ |07ÄÄ |08[|12rtn|08] |1580:774/81 |07ÄÂ |08[|14fdn|08] |152:250/5 |07ÄÄÄÙ
|07ÄÄ |08[|10ark|08] |1510:104/2 |07ÄÙ

--- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
* Origin: The Quantum Wormhole, Ramsgate, UK. bbs.erb.pw (1337:1/101)

Re: Re: tqwCTF
By: MeaTLoTioN to alterego on Thu Apr 16 2020 05:35 pm

The reason i would like it like that is so any changes, scripts, whatever someone does when logged in, are all gone so that if someone else logs in later, it's fresh ready for them to start that challenge without anything being messed with.

Ahh, ok, got it.

Currently I have it set on a cronjob to kill and rebuild the container

You mean "restart" right? Shouldnt need to "build" it... My point earlier is the "built container" has the app inside, and know when it is started, to create (what ever it needs to create) to be unique from the last time it was started.

Hmm a "kill 1" from inside sounds reasonable-ish... I could make it do that upon logout, so that when they log in again it will be fresh and not have to restart it every hour... but if 2 people are logged in at the same time, and one logs out, it will kill the progress of the other user... so hmm, not sure how to proceed with this yet.

There is a tool on github called dockersh - I did try to use it (about 2-3 years ago now), but couldnt at the time. But it should do what you need, but you might need to tweak it.

On an incoming ssh connection, it should be able to spawn a container (and thus
it does initialisation of uniqueness), connect the user to that instance, and when they leave it kills it. Each incoming connection would get it's own container.
...deon


... All right, so I like spending money! But name one other extravagance.
--- SBBSecho 3.10-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (1337:2/101)

You mean "restart" right? Shouldnt need to "build" it... My point
earlier is the "built container" has the app inside, and know when it is started, to create (what ever it needs to create) to be unique from the last time it was started.

No it actually rebuilds it. the reason why I do that, is because i want it to be cleaned up in case someone logs in and say deletes something, adds something, etc etc, I want it to be clean ready for the next person to use.

There is a tool on github called dockersh - I did try to use it (about
2-3 years ago now), but couldnt at the time. But it should do what you need, but you might need to tweak it.

Ah I'll look into this, thank you.

On an incoming ssh connection, it should be able to spawn a container
(and thus it does initialisation of uniqueness), connect the user to
that instance, and when they leave it kills it. Each incoming connection would get it's own container.

Yes this sounds exactly what I am after,

---
|14Best regards,
|11Ch|03rist|11ia|15n |11a|03ka |11Me|03aTLoT|11io|15N

|07ÄÄ |08[|10eml|08] |15ml@erb.pw |07ÄÄ |08[|10web|08] |15www.erb.pw |07ÄÄÄ¿ |07ÄÄ |08[|09fsx|08] |1521:1/158 |07ÄÄ |08[|11tqw|08] |151337:1/101 |07ÂÄÄÙ |07ÄÄ |08[|12rtn|08] |1580:774/81 |07ÄÂ |08[|14fdn|08] |152:250/5 |07ÄÄÄÙ
|07ÄÄ |08[|10ark|08] |1510:104/2 |07ÄÙ

--- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
* Origin: The Quantum Wormhole, Ramsgate, UK. bbs.erb.pw (1337:1/101)

Re: Re: tqwCTF
By: MeaTLoTioN to alterego on Fri Apr 17 2020 08:04 pm

No it actually rebuilds it. the reason why I do that, is because i want it to be cleaned up in case someone logs in and say deletes something, adds something, etc etc, I want it to be clean ready for the next person to use.

You dont need to do that.

An image cannot be permanently changed (during running a container).

An image is used to start a container - which is what your users will be attaching to.

Try it, run a container, "rm -rf <a bunch of files>", then start a new container from the same image, and you'll see that those files are still there.

So while the deletes persist in the current running container, when the container is destroyed and recreated (not image rebuilting) it starts again from the image as a base.
...deon


... To a friends' house, the road is never long.
--- SBBSecho 3.10-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (1337:2/101)

You dont need to do that.
An image cannot be permanently changed (during running a container).
An image is used to start a container - which is what your users will be attaching to.

Try it, run a container, "rm -rf <a bunch of files>", then start a new container from the same image, and you'll see that those files are still there.

Ohhhhh, so really then all I need to do, once the container is started initially, is whenever a user logs out, it needs to just restart the
container.

that might be better, now to figure that out.

---
|14Best regards,
|11Ch|03rist|11ia|15n |11a|03ka |11Me|03aTLoT|11io|15N

|07ÄÄ |08[|10eml|08] |15ml@erb.pw |07ÄÄ |08[|10web|08] |15www.erb.pw |07ÄÄÄ¿ |07ÄÄ |08[|09fsx|08] |1521:1/158 |07ÄÄ |08[|11tqw|08] |151337:1/101 |07ÂÄÄÙ |07ÄÄ |08[|12rtn|08] |1580:774/81 |07ÄÂ |08[|14fdn|08] |152:250/5 |07ÄÄÄÙ
|07ÄÄ |08[|10ark|08] |1510:104/2 |07ÄÙ

--- Mystic BBS v1.12 A43 2019/03/02 (Linux/64)
* Origin: The Quantum Wormhole, Ramsgate, UK. bbs.erb.pw (1337:1/101)

Re: Re: tqwCTF
By: MeaTLoTioN to alterego on Sat Apr 18 2020 09:34 am

that might be better, now to figure that out.

Easy peasy - kill 1 :)

(Make sure the container is started with --restart=unless_stoped or =yes) ...deon


... Religions change; Beer and Wine remain.
--- SBBSecho 3.10-Linux
* Origin: I'm playing with ANSI+videotex - wanna play too? (1337:2/101)

Hey y'all,

If you're interested in having a go I have 2 challenges created so far, I anticipate having around 10 or so but the first 2 are ready for someone tohave a go at. I would love some feedback so I can determine whether they'retoo easy or too hard or if you have any suggestions for more challenges.

I'm over here reading the wiki@pages connected with cake... and duh, Paulie... just look. I'm 'stuck' @ user04, but I'm sure I'll get to sniffing it out... Searched all yer message bases hunting for hints. :P I'm gonna get you!

:P

--- Mystic BBS v1.12 A47 2020/12/04 (Linux/64)
* Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (1337:1/101)

On 13 Mar 2021, paulie420 said the following...

I'm over here reading the wiki@pages connected with cake... and duh, Paulie... just look. I'm 'stuck' @ user04, but I'm sure I'll get to sniffing it out...Searched all yer message bases hunting for hints. :P
I'm gonna get you!

The message bases do hold the clues, for one challenge at least. I think it's what you're after for progressing.

Ping me if you still are stuck =)

---
|14Best regards,
|11Ch|03rist|11ia|15n |11a|03ka |11Me|03aTLoT|11io|15N

|07ÄÄ |08[|10eml|08] |15ml@erb.pw |07ÄÄ |08[|10web|08] |15www.erb.pw |07ÄÄÄ¿ |07ÄÄ |08[|09fsx|08] |1521:1/158 |07ÄÄ |08[|11tqw|08] |151337:1/101 |07ÂÄÄÙ |07ÄÄ |08[|12rtn|08] |1580:774/81 |07ÄÂ |08[|14fdn|08] |152:250/5 |07ÄÄÄÙ
|07ÄÄ |08[|10ark|08] |1510:104/2 |07ÄÙ

--- Mystic BBS v1.12 A47 2020/12/04 (Linux/64)
* Origin: thE qUAntUm wOrmhOlE, rAmsgAtE, uK. bbs.erb.pw (1337:1/101)

The message bases do hold the clues, for one challenge at least. I think it's what you're after for progressing.
Ping me if you still are stuck =)
Christian aka MeaTLoTioN

Very well, thanks - I'm on USER05 & I'm about to get him TODAY. :P Gonna go mull over the clues once again. I'm sure I'll crack this level today; else I'll























































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































































be bugging you for deets tonight.



|07p|15AULIE|1142|07o
|08.........

--- Mystic BBS v1.12 A47 2021/01/26 (Raspberry Pi/32)
* Origin: 2o fOr beeRS bbs>>>20ForBeers.com:1337 (1337:3/129)