├── sharedFolder
    └── .placeholder
├── Vagrantfile
├── README.md
└── cgPwn.sh


/sharedFolder/.placeholder:
--------------------------------------------------------------------------------
1 | 


--------------------------------------------------------------------------------
/Vagrantfile:
--------------------------------------------------------------------------------
 1 | # -*- mode: ruby -*-
 2 | # vi: set ft=ruby :
 3 | 
 4 | Vagrant.configure("2") do |config|
 5 |   config.vm.box = "trusty64"
 6 |   config.vm.box_url = "http://cloud-images.ubuntu.com/vagrant/trusty/current/trusty-server-cloudimg-amd64-vagrant-disk1.box"
 7 |   config.vm.provision :shell, :path => "cgPwn.sh", :privileged => false
 8 |   config.ssh.username = 'vagrant'
 9 |   config.vm.hostname = 'pwnBox'
10 |   config.vm.network :private_network, ip: "192.168.13.37"
11 |   config.ssh.forward_agent = true
12 | 
13 |   config.vm.synced_folder "sharedFolder", "/home/vagrant/sharedFolder"
14 | 
15 |   config.vm.provider "virtualbox" do |vb|
16 |     vb.customize ["modifyvm", :id, "--memory", "3120"]
17 |     vb.customize ["modifyvm", :id, "--cpus", 2]
18 |   end
19 | end
20 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # cgPwn - Cyber Grand Pwnage Box 
 2 |  This is a Ubuntu VM tailored for hardware hacking, RE and Wargaming.
 3 | 
 4 | ## Tools included
 5 | *  Pwndbg
 6 | *  Pwntools
 7 | *  Binwalk
 8 | *  Radare2 
 9 | *  Capstone, Unicorn and Keystone Engines
10 | *  Qira Timeless Debugger
11 | *  AFL
12 | *  Valgrind , VGdb
13 | *  ROPGadget, XRop, Ropper, rp++
14 | *  Intel PIN
15 | *  Angr
16 | *  z3 
17 | *  frida 
18 | *  Compiler tools: CLANG, LLVM, GDBMultiarch, GDBArm
19 | *  Useful tools: htop, lynx, socat, p7zip, mc 
20 | <p align="center">
21 | ![cgPwn Usage DEMO](https://thumbs.gfycat.com/AccomplishedPleasedBlackrhino-size_restricted.gif)
22 | </p>
23 | 
24 | ## Vagrant
25 | 
26 | ### Install VirtualBox
27 | Check [Virtualbox](https://www.virtualbox.org/wiki/Downloads) for information on installing Virtualbox on your respective operating system.
28 | 
29 | ### Install Vagrant
30 | Check [VagrantUp](https://www.vagrantup.com/downloads.html) for information on installing vagrant.
31 | 
32 | ### Fire up the VM
33 | ```
34 | git clone https://github.com/0xM3R/cgPwn
35 | cd cgPwn
36 | vagrant up
37 | ... Grab a beer and relax until everything is getting setup for you ;)
38 | vagrant ssh
39 | ```
40 | 
41 | ## Default settings
42 | By default, [personal dotfiles](http://github.com/0xM3R/dotfiles) are installed onto the VM. Simply comment out the following lines in cgPwn.sh if you don't want my settings.
43 | 
44 | ```
45 | # Personal config
46 | sudo apt-get -y install stow
47 | cd ~
48 | rm .bashrc
49 | git clone https://github.com/0xM3R/dotfiles
50 | cd dotfiles
51 | chmod a+x ./install.sh
52 | ./install.sh
53 | ```
54 | 
55 | ### Shared folder
56 | 
57 | Drop files in the `sharedFolder` folder on your host to find them on your VM at `/home/vagrant/sharedFolder`
58 | 


--------------------------------------------------------------------------------
/cgPwn.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | # Author : 0xM3R
  3 | # Purpose : Cyber Grand Pwnage Box
  4 | #################################
  5 | HOMEDIR=~
  6 | 
  7 | # Updates
  8 | sudo apt-get -y update
  9 | 
 10 | sudo apt-get -y install python3-pip
 11 | sudo apt-get -y install tmux
 12 | sudo apt-get -y install gdb gdb-multiarch
 13 | sudo apt-get -y install gcc-multilib
 14 | sudo apt-get -y install clang llvm
 15 | sudo apt-get -y install unzip
 16 | sudo apt-get -y install foremost
 17 | sudo apt-get -y install ipython
 18 | sudo apt-get -y install silversearcher-ag
 19 | 
 20 | # Install 32 bit libs
 21 | sudo dpkg --add-architecture i386
 22 | sudo apt-get update
 23 | sudo apt-get -y install libc6:i386 libncurses5:i386 libstdc++6:i386
 24 | sudo apt-get -y install libc6-dev-i386
 25 | sudo apt-get -y install libc6-dbg # necessary for pwndbg's heap functionality 
 26 | sudo apt-get -y install libc6-dbg:i386 #necessary for pwndbg's heap functionality 
 27 | sudo apt-get -y install valgrind #useful when using vgdb ;)
 28 | sudo apt-get -y install gcc-arm-linux-gnueabihf # for the arm toolchain 
 29 | # Enable ptracing
 30 | sudo sed -i 's/kernel.yama.ptrace_scope = 1/kernel.yama.ptrace_scope = 0/g' /etc/sysctl.d/10-ptrace.conf
 31 | sudo sysctl --system
 32 | 
 33 | # Fix urllib3 InsecurePlatformWarning
 34 | sudo -H pip install --upgrade urllib3[secure]
 35 | 
 36 | # Fix warning when loading .gdbinit files
 37 | echo 'set auto-load safe-path /' > ~/.gdbinit
 38 | 
 39 |  #Install PwnTools
 40 | sudo apt-get -y install python2.7 python-pip python-dev git libssl-dev libffi-dev build-essential
 41 | sudo -H pip install --upgrade pip
 42 | sudo -H pip install --upgrade git+https://github.com/Gallopsled/pwntools
 43 | 
 44 | #install some useful system tools
 45 | sudo apt-get -y install htop
 46 | sudo apt-get -y install lynx
 47 | sudo apt-get -y install socat
 48 | sudo apt-get -y install p7zip
 49 | sudo apt-get -y install mc
 50 | 
 51 | cd ~
 52 | mkdir tools
 53 | cd tools
 54 | 
 55 | 
 56 | # pycparser for pwndbg
 57 | sudo -H pip3 install pycparser # Use pip3 for Python3
 58 | 
 59 | # Install pwndbg latest version 
 60 | cd ~/tools 
 61 | git clone --recursive https://github.com/pwndbg/pwndbg
 62 | cd pwndbg 
 63 | sudo ./setup.sh 
 64 | 
 65 | # Install radare2
 66 | cd ~/tools
 67 | git clone https://github.com/radare/radare2
 68 | cd radare2
 69 | ./sys/install.sh
 70 | 
 71 | # Install binwalk
 72 | cd ~/tools
 73 | git clone https://github.com/devttys0/binwalk
 74 | cd binwalk
 75 | sudo python setup.py install
 76 | sudo apt-get -y install squashfs-tools
 77 | 
 78 | # Install Keystone engine with debug option
 79 | cd ~/tools
 80 | sudo apt-get -y install cmake
 81 | git clone https://github.com/keystone-engine/keystone.git
 82 | cd keystone
 83 | mkdir build
 84 | cd build
 85 | ../make-share.sh debug
 86 | sudo make install
 87 | cd ../bindings/python/
 88 | sudo python setup.py install
 89 | sudo ldconfig
 90 | 
 91 | #install qira timeless debugger
 92 | cd ~/tools 
 93 | wget -q https://github.com/BinaryAnalysisPlatform/qira/archive/v1.2.tar.gz
 94 | tar zxvf v1.2.tar.gz 
 95 | rm v1.2.tar.gz 
 96 | cd qira-1.2 
 97 | ./install.sh
 98 | 
 99 | #install xrop
100 | cd ~/tools
101 | git clone --depth 1 https://github.com/acama/xrop.git
102 | cd xrop
103 | git submodule update --init --recursive
104 | sudo make install
105 | 
106 | 
107 | # Install american-fuzzy-lop
108 | cd ~/tools
109 | wget --quiet http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz
110 | tar -xzvf afl-latest.tgz
111 | rm afl-latest.tgz
112 | wget --quiet http://llvm.org/releases/3.8.0/clang+llvm-3.8.0-x86_64-linux-gnu-ubuntu-14.04.tar.xz
113 | xz -d clang*
114 | tar xvf clang*
115 | cd clang*
116 | cd bin
117 | export PATH=$PWD:$PATH
118 | cd ../..
119 | (
120 |   cd afl-*
121 |   make
122 |   # build clang-fast
123 |   (
124 |     cd llvm_mode
125 |     make
126 |   )
127 |   sudo make install
128 | 
129 |   # build qemu-support
130 |   sudo apt-get -y install libtool automake bison libglib2.0-dev
131 |   ./build_qemu_support.sh
132 | )
133 | 
134 | 
135 | # Install r2pipe
136 | sudo -H pip install --upgrade r2pipe
137 | 
138 | # Install frida
139 | sudo -H pip install --upgrade frida
140 | 
141 | # Install ROPGadget
142 | cd ~/tools
143 | git clone https://github.com/JonathanSalwan/ROPgadget
144 | cd ROPgadget
145 | sudo python setup.py install
146 | 
147 | # Install intel PIN
148 | cd ~/tools
149 | wget  --quiet http://software.intel.com/sites/landingpage/pintool/downloads/pin-2.14-71313-gcc.4.4.7-linux.tar.gz
150 | tar -xzvf pin-2.14-71313-gcc.4.4.7-linux.tar.gz
151 | rm pin-2.14-71313-gcc.4.4.7-linux.tar.gz
152 | cd pin*
153 | export PIN_ROOT=$PWD
154 | export PATH=$PATH:$PIN_ROOT;
155 | 
156 | #Install angr 
157 | sudo -H pip install angr 
158 | 
159 | #Install ropper 
160 | sudo -H pip install ropper 
161 | 
162 | #install golang
163 | sudo apt-get -y install golang 
164 | 
165 | # Personal config
166 | sudo apt-get -y install stow
167 | cd ~
168 | rm .bashrc
169 | git clone --recursive https://github.com/0xM3R/dotfiles
170 | cd dotfiles
171 | chmod a+x ./install.sh
172 | ./install.sh
173 | 
174 | #install rp++
175 | cd ~/tools
176 | wget -q https://github.com/downloads/0vercl0k/rp/rp-lin-x64
177 |     sudo install -s rp-lin-x64 /usr/bin/rp++
178 | rm rp-lin-x64
179 | 
180 | # Fix locales after installing everything
181 | sudo locale-gen en_US.UTF-8
182 | export LANGUAGE=en_US.UTF-8
183 | export LANG=en_US.UTF-8
184 | export LC_CTYPE=en_US.UTF-8
185 | export LC_ALL=en_US.UTF-8
186 | sudo dpkg-reconfigure locales
187 | 


--------------------------------------------------------------------------------