Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Gmocanu/session 02 task #70

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

Gmocanu/session 02 task #70

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
729c180
task: Add beep-beep-boop public source code and deployment
gabrielmocanu Jun 30, 2023
32ac81f
task: Add chef-hacky-mchack source code and deployment
gabrielmocanu Jun 30, 2023
6a10f21
task: Add colors source code and deployment
gabrielmocanu Jun 30, 2023
b00de25
task: Add do-you-need-glasses source code and deployment
gabrielmocanu Jun 30, 2023
b7f0516
task: Add great-names source code and deployment
gabrielmocanu Jun 30, 2023
62001f5
task: Add mind-your-own-business source code and deployment
gabrielmocanu Jun 30, 2023
8c47988
task: Add nobody-loves-me source code and deployment
gabrielmocanu Jun 30, 2023
c0a4b49
task: Add santa source code and deployment
gabrielmocanu Jun 30, 2023
50984a1
task: Add traverse-universe source code and deployment
gabrielmocanu Jun 30, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
27 changes: 27 additions & 0 deletions cookies-session-management-access-control/activities/beep-beep-boop/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
# Name: Beep beep boop

Check failure on line 1 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

WARNING:REPEATED_WORD: Possible repeated word: 'Beep'

Check failure on line 1 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

ERROR:DOS_LINE_ENDINGS: DOS line endings

Check failure on line 2 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

ERROR:DOS_LINE_ENDINGS: DOS line endings
## Description

Check failure on line 3 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

ERROR:DOS_LINE_ENDINGS: DOS line endings

Check failure on line 4 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

ERROR:DOS_LINE_ENDINGS: DOS line endings
Get the flag from http://141.85.224.115:8088.

Check failure on line 5 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

ERROR:TRAILING_WHITESPACE: trailing whitespace

Check failure on line 6 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

ERROR:DOS_LINE_ENDINGS: DOS line endings
Score: 50

Check failure on line 7 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

ERROR:DOS_LINE_ENDINGS: DOS line endings

Check failure on line 8 in cookies-session-management-access-control/activities/beep-beep-boop/README.md

View workflow job for this annotation

GitHub Actions / Checkpatch 

ERROR:DOS_LINE_ENDINGS: DOS line endings
## Vulnerability

Information disclosure in robots.txt leading to a hidden PHP file. The cookie from that page also needs to be set to a certain value.

## Exploit

Script in `./sol/solution.sh`

## Environment

Apache web server. (deployable as a Docker container using files in `deploy/` folder)

## Deploy

Copy `deploy/` folder and run `make run`.

If you need to update the image and container, remove the old container with `make clean` and update the image (and container) using `make`.

It is not possible to update the container without updating the image first.
3 changes: 3 additions & 0 deletions cookies-session-management-access-control/activities/beep-beep-boop/deploy/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
FROM php:7.2-apache

COPY /public /var/www/html/
16 changes: 16 additions & 0 deletions cookies-session-management-access-control/activities/beep-beep-boop/deploy/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
FILE :=../flag
FLAG :=$(shell cat $(FILE))

build:
docker build -f Dockerfile -t sss-web-02_beep-beep-boop ..

run: build
docker run -d -p 8088:80 --name sss-web-02_beep-beep-boop sss-web-02_beep-beep-boop

stop:
docker stop sss-web-02_beep-beep-boop

clean: stop
docker rm sss-web-02_beep-beep-boop

.PHONY: build run stop clean
1 change: 1 addition & 0 deletions cookies-session-management-access-control/activities/beep-beep-boop/flag
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
SSS{We_w0rsh1p_1saac_As1m0v}
9 changes: 9 additions & 0 deletions ...ccess-control/activities/beep-beep-boop/src/73656372657420666f72204153494d4f.template.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
<?php
setcookie('robotType', 'HUMAN'); // 48756d616e

if ($_COOKIE['robotType'] == 'ASIMOV') { // 4153494d4f
echo 'Congrats! You’ve proven to be worthy. <br />Here is your secret: __TEMPLATE__';
} else {
echo 'This is a secure area that can only be accessed by the most advanced humanoid robots.';
}
?>
12 changes: 12 additions & 0 deletions cookies-session-management-access-control/activities/beep-beep-boop/src/Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
FILE :=../flag
FLAG :=$(shell cat $(FILE))

generate:
rm -rf ../public
mkdir -p ../public
cp -r assets/ ../public
cp index.html ../public
cp robots.txt ../public
sed 's/__TEMPLATE__/$(FLAG)/g' ./73656372657420666f72204153494d4f.template.php > ../public/73656372657420666f72204153494d4f.php

.PHONY: generate
Loading
Loading