diff --git a/README.md b/README.md index d379e02..926fa1d 100644 --- a/README.md +++ b/README.md @@ -6,9 +6,10 @@ This is a simple challenge utilizing docker-compose to setup a ssh client/contro Running `docker-compose up -d --build` will setup a default environment. -Users will be setup on the client using the teamX format. -Initial user password can be obtained from the container logs of `client`. +Login with the default user `user` and check the container logs for the generated password. +The default password can be manually overridden with the `USER_PASSWORD` variable on the client host. All "scoring" public/private keys will be stored under a local `keys` directory. +If the `user` key already exists a new one will not be created ## Goal @@ -19,3 +20,5 @@ Since could take up to a minute to show up after completion. For added complexity, the `SSHD_CHALLENGE_DIR` exists changing the default AuthorizedKeysFile within SSHD. This adds a further challenge since teams will need to checkout the configuration in `/etc/ssh/sshd_config` for the correct structure. +The text which gets dumped into `~/.flag` can be controlled via the `SCORING_FLAG` variable. + diff --git a/client/scripts/setup.sh b/client/scripts/setup.sh index 22da73d..948d903 100755 --- a/client/scripts/setup.sh +++ b/client/scripts/setup.sh @@ -1,21 +1,16 @@ #!/bin/bash -TEAM_NUM=${TEAM_NUM:=10} - -for (( i=1; i<=TEAM_NUM; i++ )); do - echo "Creating Team ${i}" - adduser -D "team${i}" - chmod 750 "/home/team${i}" - PASSWORD="TEAM${i}_PASSWORD" - if [[ -z "${!PASSWORD}" ]]; then - PASSWORD=$(head -c10 /dev/null +unset PASSWORD if [[ -n "${SSHD_CHALLENGE_DIR}" ]]; then sed -i "s|^AuthorizedKeysFile.*|AuthorizedKeysFile ${SSHD_CHALLENGE_DIR}|" /etc/ssh/sshd_config diff --git a/controller/scripts/gen_keys.sh b/controller/scripts/gen_keys.sh index a656bb8..0dba2c2 100755 --- a/controller/scripts/gen_keys.sh +++ b/controller/scripts/gen_keys.sh @@ -1,10 +1,6 @@ #!/bin/bash -TEAM_NUM=${TEAM_NUM:=10} - -for (( i=1; i<=TEAM_NUM; i++ )); do - if [[ ! -e "${HOME}/.ssh/team-${i}" ]]; then - ssh-keygen -q -t ed25519 -N '' -f "${HOME}/.ssh/team-${i}" -C "team${i}" - fi -done +if [[ ! -e "${HOME}/.ssh/user" ]]; then + ssh-keygen -q -t ed25519 -N '' -f "${HOME}/.ssh/user" -C "user" +fi diff --git a/controller/scripts/init.sh b/controller/scripts/init.sh index 3201770..431df21 100755 --- a/controller/scripts/init.sh +++ b/controller/scripts/init.sh @@ -1,27 +1,16 @@ #!/bin/bash SCORING_POD=${SCORING_POD:=client} -TEAM_NUM=${TEAM_NUM:=10} - -echo "Generating scoring details" +SCORING_FLAG=${SCORING_FLAG:=defaultFlag} /opt/scripts/gen_keys.sh -echo "Scoring Details" - -cat /root/.ssh/*.pub - while true; do - echo "Testing Scoring" + ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "user@${SCORING_POD}" -i "/root/.ssh/user" \ + "echo ${SCORING_FLAG} >.flag" - for (( i=1; i<=${TEAM_NUM}; i++ )); do - echo "Testing Team ${i}" - ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "team${i}@${SCORING_POD}" -i "/root/.ssh/team-${i}" \ - 'echo "flag" >.flag' - done - - sleep 30 + sleep 15 done diff --git a/docker-compose.yml b/docker-compose.yml index 2a82a10..cb1afcb 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,20 +4,20 @@ version: "3.9" services: client: image: local/c2games-client:latest + ports: + - "22022:22" build: context: ./client environment: - TEAM_NUM: 5 + USER_PASSWORD: changeme! SSHD_CHALLENGE_DIR: .ssh/auth_keys controller: image: local/c2games-controller:latest - ports: - - "22022:22" build: context: ./controller environment: - TEAM_NUM: 5 + SCORING_FLAG: flagMe volumes: - "${PWD}/keys:/root/.ssh" ...