* added files

2025-09-17 07:35:51 +02:00 · 2025-09-17 07:35:51 +02:00 · c87ea11a5a
commit c87ea11a5a
parent a93922f822
8 changed files with 111 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -1,3 +1,18 @@
-# ctf-chal-ji
+# JI EPITA - CTF
+
+#### Challenge Type : boot to root (box)
+#### Difficulty : easy
+
+----
+
+## Writeup
+
+
+
+
+
+
+
+
+

-Défi (box) du CTF organisé pour la JI
--- a/config/supervisord.conf
+++ b/config/supervisord.conf
@ -0,0 +1,10 @@
+[supervisord]
+nodaemon=true
+
+[program:sshd]
+command=/usr/sbin/sshd -D
+autorestart=true
+
+[program:apache2]
+command=/usr/sbin/apache2ctl -D FOREGROUND
+autorestart=true
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@ -0,0 +1,58 @@
+FROM ubuntu:24.04
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt update && apt upgrade -y && \
+    apt install -y \
+    apache2 \
+    curl \
+    nano \
+    vim \
+    supervisor \
+    openssh-server \
+    sudo \
+    cowsay \
+    && rm -rf /var/lib/apt/lists/*
+
+# the user players will need to have access as
+
+
+RUN useradd -m -s /bin/bash l33t \
+&& echo "l33t:h4x0r" | chpasswd
+
+# foothold user with no sudo perms. Only access to the l33t user home directory.
+
+RUN useradd webmaster
+
+# apache2 config to change default 80 port to 31337
+
+RUN sed -i 's/^Listen 80/Listen 31337/' /etc/apache2/ports.conf
+
+RUN sed -i 's/<VirtualHost \*:80>/<VirtualHost *:31337>/' /etc/apache2/sites-available/000-default.conf
+
+# copy the app
+
+#COPY ./app/ /var/www/html/
+
+RUN mkdir /var/run/sshd
+
+# (suggestion)
+# for the privesc, cowsay allowed to be ran with sudo without password
+# https://gtfobins.github.io/gtfobins/cowsay/
+
+RUN printf 'l33t ALL=(ALL) NOPASSWD: /usr/games/cowsay, /usr/bin/sudo -l\n' > /etc/sudoers.d/l33t && \
+    chmod 0440 /etc/sudoers.d/l33t && \
+    visudo -cf /etc/sudoers.d/l33t
+
+# 22 port -> ssh, 31337 port (suggestion) -> vulnerable webserver players need to find using nmap port scans
+
+EXPOSE 22
+EXPOSE 31337
+
+# config of supervisord to have both apache2 and sshd services running
+
+COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+# start supervisord
+CMD ["/usr/bin/supervisord", "-n"]
+
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
--- a/docker/entrypoint.sh
+++ b/docker/entrypoint.sh
@ -0,0 +1,2 @@
+#! /bin/bash
+
--- a/www/index.html
+++ b/www/index.html
@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Tux gallery !</title>
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous">
+</head>
+<body>
+    <div class="nav-bar">
+        <ol>
+            <li><a href="/">Tux Gallery <img alt="logo" class="icon" src="static/img/icon.jpg"></a></li>
+            <li><a href="#upload">Upload</a></li>
+            <li><a href="#view">View</a></li>
+        </ol>
+    </div>
+    <div class="wrapper">
+        <div class="upload">
+
+        </div>
+    </div>
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@3.3.7/dist/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
+</body>
+</html>
--- a/www/static/css/stylesheet.css
+++ b/www/static/css/stylesheet.css
--- a/www/static/img/logo.jpg
+++ b/www/static/img/logo.jpg