-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 8111671
Showing
32 changed files
with
743 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
name: Pull Request Check | ||
|
||
on: | ||
pull_request: | ||
paths: | ||
- "challenges/**" | ||
workflow_dispatch: | ||
|
||
jobs: | ||
action-generate: | ||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: read | ||
pull-requests: write | ||
actions: write | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
with: | ||
token: ${{ secrets.GITHUB_TOKEN }} | ||
repository: ${{ github.event.pull_request.head.repo.full_name }} | ||
ref: ${{ github.event.pull_request.head.ref }} | ||
|
||
- name: Generate action files | ||
run: | | ||
python3 scripts/gen_action.py -a -s || exit 1 | ||
- name: Commit and push changes | ||
uses: EndBug/add-and-commit@v9 | ||
with: | ||
default_author: github_actions | ||
message: "ci: generate action file" | ||
add: ".github/workflows/*" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
name: Generate README | ||
|
||
on: | ||
push: | ||
branches: ["main"] | ||
paths: | ||
- "challenges/**" | ||
- "scripts/gen_readme.py" | ||
- "scripts/note.md" | ||
workflow_dispatch: | ||
|
||
jobs: | ||
action-generate: | ||
runs-on: ubuntu-latest | ||
permissions: | ||
contents: write | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Generate README | ||
run: | | ||
python3 scripts/gen_readme.py | ||
- name: Setup Node.js | ||
uses: actions/setup-node@v4 | ||
with: | ||
node-version: latest | ||
|
||
- name: Prettier format | ||
run: | | ||
npm install -g prettier | ||
prettier --write README.md | ||
- name: Commit and push changes | ||
uses: EndBug/add-and-commit@v9 | ||
with: | ||
default_author: github_actions | ||
message: "docs: update README" | ||
add: README.md |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
.DS_Store | ||
|
||
**/target | ||
|
||
**/*.bak | ||
**/__pycache__ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
[submodule "challenges/web/phpcms-i/build/src/lecms-src"] | ||
path = challenges/web/phpcms-i/build/src/lecms-src | ||
url = https://gitee.com/dazhouda/lecms3.0.3.git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
# GZCTF Game Template | ||
|
||
This repository is used to store and build challenge images. | ||
|
||
## Challenge Specification | ||
|
||
For each challenge, a separate branch should be created, named `<category>/<challenge_name>`, and related operations should be performed in this branch, and finally squash merged into the main branch. | ||
|
||
- Challenges should follow the GZCTF challenge specification, and the Dockerfile of the challenge should be placed in the `challenges` directory. | ||
- You should generate `chal.<category>.<challenge_name>.yml` to `.github/workflows` with `python scripts/gen_action.py` to build the challenge image, and put the `Dockerfile` in the `challenges` directory. | ||
- If necessary, an issue or pr can be opened to track the progress of the challenge. | ||
- Do not upload any big binary files to the repository, use other methods to share files. | ||
|
||
**To generate the action file, use `python scripts/gen_action.py`. This script will check your challenge directory and generate the action file for you.** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
# %challenge-name% | ||
|
||
**Author:** %author% | ||
|
||
**Difficulty:** %difficulty% | ||
|
||
<!-- Baby/Trivial/Easy/Normal/Medium/Hard/Expert/Insane --> | ||
|
||
**Category:** %category% | ||
|
||
<!-- Misc/Crypto/Pwn/Web/Reverse/Blockchain/Forensics/Mobile/PPC/Pentest/OSINT --> | ||
|
||
**Flag:** `%flag or flag template%` | ||
|
||
<!-- NOTE: Read https://docs.ctf.gzti.me/zh/guide/dynamic-flag for Flag --> | ||
<!-- NOTE: **Author** can be multiple, separated by `,` --> | ||
<!-- NOTE: Replace %difficulty%, %category%, %author% with the actual value --> | ||
|
||
## Description | ||
|
||
%description% | ||
|
||
## Deployment | ||
|
||
<!-- NOTE: | ||
All build files should be in the ./build/src folder | ||
Only 4 files are allowed to be in the root of the ./build folder: | ||
- Dockerfile (required for a container challenge) | ||
- custom.yml (optional, to customize the workflow) | ||
- pre-build.sh (optional, to run before building the challenge) | ||
- post-build.sh (optional, to run after building the challenge) | ||
And you can add files starting with `.git` to your challenge folder. | ||
In which you can config gitattributes, gitignore, etc. | ||
--> | ||
|
||
| Port | CPU(0.1c) | Memory(1M) | Disk(1M) | | ||
| ------ | --------- | ---------- | -------- | | ||
| %port% | %cpu% | %memory% | %disk% | | ||
|
||
## Solution | ||
|
||
%solution% |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
# Assets | ||
|
||
This directory is used to store assets for the challenge. | ||
|
||
This includes images, videos, and other files that are used in the **Writeup** or **README**. | ||
|
||
**NOTE: DO NOT COPY THIS MARKDOWN FILE TO THE CHALLENGE FOLDER. IT IS ONLY A TEMPLATE FOR THE ATTACHMENTS FOLDER.** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,27 @@ | ||
# Attacments | ||
|
||
## Local Files | ||
|
||
Local file size limit: | ||
|
||
- On git tree: <= 512 KiB | ||
- On LFS: <= 10 MiB | ||
- Use other ways to share files if they are bigger than the limits. | ||
|
||
You should put here all the files here to be zipped and sent to the participants. | ||
|
||
## Remote Files | ||
|
||
You should put here the only one link to the remote files. | ||
|
||
## Action Generated Files | ||
|
||
If you use the action to generate files, you should use `../build/pre-build.sh` or `../build/post-build.sh` to generate the files and put them here. | ||
|
||
Use the following command to copy the files to the attachments folder: | ||
|
||
```bash | ||
cp -av build/... attachments/ | ||
``` | ||
|
||
**NOTE: DO NOT COPY THIS MARKDOWN FILE TO THE CHALLENGE FOLDER. IT IS ONLY A TEMPLATE FOR THE ATTACHMENTS FOLDER.** |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,53 @@ | ||
# Use `challenge-base` | ||
FROM ghcr.io/gzctf/challenge-base/xinetd:alpine | ||
|
||
# For a pwn challenge: | ||
|
||
# FROM ubuntu:22.04 AS builder | ||
# FROM ghcr.io/gzctf/challenge-base/xinetd:alpine | ||
|
||
# COPY src/init.sh /init.sh | ||
# COPY src/xinetd.conf /etc/xinetd.conf | ||
|
||
# RUN chmod +x /init.sh && \ | ||
# chown -R ctf:ctf /home/ctf && \ | ||
# chmod -R 750 /home/ctf && \ | ||
# cp -R /lib* /home/ctf && \ | ||
# mkdir /home/ctf/lib64 && \ | ||
# mkdir /home/ctf/dev && \ | ||
# mknod /home/ctf/dev/null c 1 3 && \ | ||
# mknod /home/ctf/dev/zero c 1 5 && \ | ||
# mknod /home/ctf/dev/random c 1 8 && \ | ||
# mknod /home/ctf/dev/urandom c 1 9 && \ | ||
# chmod 666 /home/ctf/dev/* && \ | ||
# mkdir /home/ctf/bin && \ | ||
# mkdir -p /home/ctf/lib/x86_64-linux-gnu/ && \ | ||
# mkdir -p /home/ctf/lib32/ && \ | ||
# cp /bin/sh /home/ctf/bin && \ | ||
# cp /bin/ls /home/ctf/bin && \ | ||
# cp /bin/cat /home/ctf/bin && \ | ||
# cp /bin/base64 /home/ctf/bin | ||
|
||
# COPY --from=builder /lib/x86_64-linux-gnu/libc.so.6 /home/ctf/lib/x86_64-linux-gnu/ | ||
# COPY --from=builder /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 /home/ctf/lib64/ | ||
# COPY --from=builder /lib/x86_64-linux-gnu/libc.so.6 /lib/x86_64-linux-gnu/ | ||
# COPY --from=builder /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 /lib64/ | ||
# COPY --from=builder /usr/sbin/chroot /usr/sbin/ | ||
# COPY --chown=ctf:ctf --chmod=500 remember_it_0 /home/ctf/remember_it_0 | ||
|
||
# CMD ["xinetd", "-dontfork"] | ||
|
||
# ---------------------------- | ||
|
||
# For a crypto challenge: | ||
|
||
# FROM ghcr.io/gzctf/challenge-base/gmpy2:alpine | ||
|
||
# COPY src/xinetd.conf /etc/xinetd.conf | ||
# COPY --chown=ctf:ctf src/chall.py /home/ctf/chall.py | ||
# COPY --chown=ctf:ctf --chmod=500 src/init.sh /init.sh | ||
|
||
# USER ctf | ||
# WORKDIR /home/ctf | ||
|
||
# CMD /init.sh && socat TCP-LISTEN:1337,reuseaddr,fork EXEC:"python3 chall.py" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
# You can add some custom action steps here | ||
# NO NEED TO INDENT CONTENT | ||
# Example: | ||
|
||
# - uses: actions/setup-node@v4 | ||
# with: | ||
# node-version: latest |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
#!/bin/bash | ||
|
||
set -euo pipefail | ||
|
||
# This script is executed AFTER the build process of the challenge. | ||
# You can use this script to copy the built binary to the attachments directory, etc. | ||
# ** This script is executed in the challenge directory. ** | ||
# ** Remove this file if you don't need it. ** | ||
|
||
# You can use the following environment variables: | ||
# NAME: <YOUR_CHALLENGE_DIR_NAME> | ||
# CATEGORY: <YOUR_CHALLENGE_CATEGORY_DIR_NAME> | ||
# REGISTRY: <THE_REGISTRY_WHERE_YOUR_IMAGE_IS_STORED> | ||
|
||
# Example: | ||
|
||
# temprepository="$(tr [A-Z] [a-z] <<< $REGISTRY/$GITHUB_REPOSITORY/$NAME)" | ||
# mkdir -p attachments | ||
# docker rm tempname || true | ||
# tempid=$(docker create --name tempname $temprepository:latest) | ||
# docker cp $tempid:/home/ctf/macho_parser attachments/ | ||
# docker rm tempname | ||
# cp -av build/app attachments/ | ||
# cp -av build/main.c attachments/macho_parser.c |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
#!/bin/bash | ||
|
||
set -euo pipefail | ||
|
||
# This script is executed BEFORE the build process of the challenge. | ||
# You can use this script to install dependencies, build the binary, etc. | ||
# ** This script is executed in the challenge directory. ** | ||
# ** Remove this file if you don't need it. ** | ||
|
||
# You can use the following environment variables: | ||
# NAME: <YOUR_CHALLENGE_DIR_NAME> | ||
# CATEGORY: <YOUR_CHALLENGE_CATEGORY_DIR_NAME> | ||
# REGISTRY: <THE_REGISTRY_WHERE_YOUR_IMAGE_IS_STORED> | ||
|
||
# Example: | ||
|
||
# gcc -o build/remember_it_0 build/src/remember_it_0.c | ||
# mkdir -p attachments | ||
# cp build/remember_it_0 attachments/remember_it_0 | ||
# cp build/src/remember_it_0.c attachments/remember_it_0.c |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
with open("/home/ctf/flag", "r") as f: | ||
flag = f.read() | ||
|
||
print("flag = ", flag) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
#!/bin/sh | ||
|
||
echo $GZCTF_FLAG > /home/ctf/flag | ||
unset GZCTF_FLAG |
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Empty file.
Oops, something went wrong.