challenge changes

README.md

@@ -6,9 +6,10 @@ This is a simple challenge utilizing docker-compose to setup a ssh client/contro
 
 Running `docker-compose up -d --build` will setup a default environment.
 
-Users will be setup on the client using the teamX format.
+Login with the default user `user` and check the container logs for the generated password.
-Initial user password can be obtained from the container logs of `client`.
+The default password can be manually overridden with the `USER_PASSWORD` variable on the client host.
 All "scoring" public/private keys will be stored under a local `keys` directory.
+If the `user` key already exists a new one will not be created
 
 ## Goal
 
@@ -19,3 +20,5 @@ Since could take up to a minute to show up after completion.
 For added complexity, the `SSHD_CHALLENGE_DIR` exists changing the default AuthorizedKeysFile within SSHD.
 This adds a further challenge since teams will need to checkout the configuration in `/etc/ssh/sshd_config` for the correct structure.
 
+The text which gets dumped into `~/.flag` can be controlled via the `SCORING_FLAG` variable.
+

client/scripts/setup.sh

@@ -1,21 +1,16 @@
 #!/bin/bash
 
-TEAM_NUM=${TEAM_NUM:=10}
+adduser -D "user"
-
+chmod 750 "/home/user"
-for (( i=1; i<=TEAM_NUM; i++ )); do
+PASSWORD="USER_PASSWORD"
-  echo "Creating Team ${i}"
+if [[ -z "${!PASSWORD}" ]]; then
-  adduser -D "team${i}"
+  PASSWORD=$(head -c10 </dev/urandom | base64)
-  chmod 750 "/home/team${i}"
+else
-  PASSWORD="TEAM${i}_PASSWORD"
+  PASSWORD=${!PASSWORD}
-  if [[ -z "${!PASSWORD}" ]]; then
+fi
-    PASSWORD=$(head -c10 </dev/urandom | base64)
+echo -e "Password: ${PASSWORD}\n"
-  else
+echo -e "${PASSWORD}\n${PASSWORD}" | passwd "user" &>/dev/null
-    PASSWORD=${!PASSWORD}
+unset PASSWORD
-  fi
-  echo -e "Password: ${PASSWORD}\n"
-  echo -e "${PASSWORD}\n${PASSWORD}" | passwd "team${i}"
-  unset PASSWORD
-done
 
 if [[ -n "${SSHD_CHALLENGE_DIR}" ]]; then
   sed -i "s|^AuthorizedKeysFile.*|AuthorizedKeysFile ${SSHD_CHALLENGE_DIR}|" /etc/ssh/sshd_config

controller/scripts/gen_keys.sh

@@ -1,10 +1,6 @@
 #!/bin/bash
 
-TEAM_NUM=${TEAM_NUM:=10}
+if [[ ! -e "${HOME}/.ssh/user" ]]; then
-
+  ssh-keygen -q -t ed25519 -N '' -f "${HOME}/.ssh/user" -C "user"
-for (( i=1; i<=TEAM_NUM; i++ )); do
+fi
-  if [[ ! -e "${HOME}/.ssh/team-${i}" ]]; then
-    ssh-keygen -q -t ed25519 -N '' -f "${HOME}/.ssh/team-${i}" -C "team${i}"
-  fi
-done
 

controller/scripts/init.sh

@@ -1,27 +1,16 @@
 #!/bin/bash
 
 SCORING_POD=${SCORING_POD:=client}
-TEAM_NUM=${TEAM_NUM:=10}
+SCORING_FLAG=${SCORING_FLAG:=defaultFlag}
-
-echo "Generating scoring details"
 
 /opt/scripts/gen_keys.sh
 
-echo "Scoring Details"
-
-cat /root/.ssh/*.pub
-
 while true; do
 
-  echo "Testing Scoring"
+  ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "user@${SCORING_POD}" -i "/root/.ssh/user" \
+      "echo ${SCORING_FLAG} >.flag"
 
-  for (( i=1; i<=${TEAM_NUM}; i++ )); do
+  sleep 15
-    echo "Testing Team ${i}"
-    ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "team${i}@${SCORING_POD}" -i "/root/.ssh/team-${i}" \
-      'echo "flag" >.flag'
-  done
-
-  sleep 30
 
 done
 

docker-compose.yml

@@ -4,20 +4,20 @@ version: "3.9"
 services:
   client:
     image: local/c2games-client:latest
+    ports:
+      - "22022:22"
     build:
       context: ./client
     environment:
-      TEAM_NUM: 5
+      USER_PASSWORD: changeme!
       SSHD_CHALLENGE_DIR: .ssh/auth_keys
 
   controller:
     image: local/c2games-controller:latest
-    ports:
-      - "22022:22"
     build:
       context: ./controller
     environment:
-      TEAM_NUM: 5
+      SCORING_FLAG: flagMe
     volumes:
       - "${PWD}/keys:/root/.ssh"
 ...