feat(pwn/rop): 添加源码和镜像构建文件

challenges/pwn/rop/build/Dockerfile

@@ -0,0 +1,48 @@
+FROM ubuntu:20.04 AS builder
+
+RUN apt-get update && apt-get install -y gcc make
+
+WORKDIR /build
+
+COPY src/* ./
+
+RUN make
+
+FROM ghcr.io/svuctf/base-v2/xinetd:latest
+
+# Copy initialization script and xinetd configuration
+COPY --chmod=500 init.sh /init.sh
+COPY xinetd.conf /etc/xinetd.conf
+
+# Set up the CTF environment
+RUN chmod -R 750 /home/ctf && \
+    mkdir -p /home/ctf/lib64 && \
+    mkdir -p /home/ctf/dev && \
+    mkdir -p /home/ctf/bin && \
+    mkdir -p /home/ctf/lib/x86_64-linux-gnu && \
+    mkdir -p /home/ctf/lib32
+
+# Copy necessary libraries from builder stage
+COPY --from=builder /lib/x86_64-linux-gnu/libc.so.6 /home/ctf/lib/x86_64-linux-gnu/
+COPY --from=builder /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 /home/ctf/lib64/
+
+# Copy the challenge binary
+COPY --from=builder --chmod=500 /build/rop /home/ctf/rop
+
+# Set up device nodes
+RUN mknod /home/ctf/dev/null c 1 3 && \
+    mknod /home/ctf/dev/zero c 1 5 && \
+    mknod /home/ctf/dev/random c 1 8 && \
+    mknod /home/ctf/dev/urandom c 1 9 && \
+    chmod 666 /home/ctf/dev/*
+
+# Copy necessary binaries abd binaries
+RUN cp /lib/ld-musl-x86_64.so.1 /home/ctf/lib/ && \
+    cp /bin/sh /home/ctf/bin && \
+    cp /bin/ls /home/ctf/bin && \
+    cp /bin/cat /home/ctf/bin && \
+    cp /bin/base64 /home/ctf/bin 
+
+RUN chown -R ctf:ctf /home/ctf 
+
+CMD ["xinetd", "-dontfork"]

challenges/pwn/rop/build/init.sh

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+echo $GZCTF_FLAG > /home/ctf/flag
+chown -R ctf:ctf /home/ctf/flag
+unset GZCTF_FLAG
+
+/usr/sbin/chroot /home/ctf/ /rop

challenges/pwn/rop/build/src/Makefile

@@ -0,0 +1,12 @@
+CC = gcc
+CFLAGS = -Wall -Wextra -Wpedantic -no-pie -m64
+
+TARGET = rop
+
+all: $(TARGET)
+
+$(TARGET): $(TARGET).c
+	$(CC) $(CFLAGS) -o $@ $<
+
+clean:
+	rm -f $(TARGET)

challenges/pwn/rop/build/src/rop.c

@@ -0,0 +1,34 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+char secret[] = "/bin/sh";
+
+void init() {
+    setvbuf(stdin, NULL, _IONBF, 0);
+    setvbuf(stdout, NULL, _IONBF, 0);
+    setvbuf(stderr, NULL, _IONBF, 0);
+}
+
+void banner() {
+    printf(" ___  _  _  __  __  ___  ____  ____ \n");
+    printf("/ __)( \\/ )(  )(  )/ __)(_  _)( ___)\n");
+    printf("\\__ \\ \\  /  )(__)(( (__   )(   )__) \n");
+    printf("(___/  \\/  (______)\\___) (__) (__) \n");
+    printf("\n");
+    printf("Welcome to the SVUCTF HELLOWORLD 2024!\n");
+    printf("\n");
+}
+
+void vuln() {
+    char buf[64];
+    system("echo \"Hello CTFer, what's your name?\"");
+    read(0, &buf, 256);
+}
+
+int main() {
+    init();
+    banner();
+    vuln();
+    return 0;
+}

challenges/pwn/rop/build/xinetd.conf

@@ -0,0 +1,17 @@
+service ctf
+{
+    disable     = no
+    id          = xinetd
+    socket_type = stream
+    protocol    = tcp
+    wait        = no
+    user        = root
+    type        = UNLISTED
+    port        = 70
+    bind        = 0.0.0.0
+    server      = /init.sh
+    # safety options
+    per_source  = 10 # the maximum instances of this service per source IP address
+    rlimit_cpu  = 20 # the maximum number of CPU seconds that the service may use
+    rlimit_as   = 100M # the Address Space resource limit for the service
+}