I'm very sad because I couldn't finish my attacker/submitter project in time for the CCIT2023 finals 😢
I always had to wait for demos to test any changes I made and they were always broken.
So now I made a Simple Attack-Defense environment that I can use to test 🤯
This project relies on sysbox for a Docker-in-Docker runtime. It's necessary to have the team's containers behave closer to actual VMs.
Make sure your Docker is installed as system package and not snap 🤢
which dockerIf it's snap, follow the instructions here. Then, run
sudo apt install sysboxCheck if your distro is supported. We're gonna need to build from source, but it's fairly easy.
git clone --recursive https://github.com/nestybox/sysbox.git && cd sysboxmake sysbox-staticsudo make installsudo ./scr/sysbox
sudo ./scr/docker-cfg --sysbox-runtime=enable pip install -r requirements.txtEdit the config.toml file according to your needs.
Add services to the services/ dir.
Each service should be a directory containing at least one well-known entrypoint.
The valid entrypoints are, in order of priority:
deploy.shdocker-compose.ymldocker-compose.yamlDockerfile
The first entrypoint found will be used to start the service and everything else will be ignored.
When cloning this repo, an example service is already loaded in services/.
Additionally, inside FlagsAdder/ there's two useful modules: simple_service.py adds a random flag to the example service (on a single target machine, change it in the code) when run.
flag_submit.py is a working example showing how you're supposed to submit flags to the gameserver.
This whole directory is NOT necessary and is just provided as an example.
python3 SAD.py startpython3 SAD.py stoppython3 SAD.py restartshould be pretty self-descriptive 🧐
I did my best to have the team's containers run as close as possible as VMs but no matter what a container is not a VM. Refer to sysbox if you are curious about the exact differences from a VM and from a regular container.