├── terminalConfig ├── dockerGDBIn ├── soft ├── pip-9.0.1.tar.gz └── setuptools-36.6.0.zip ├── dockerSources └── daemon.json ├── dockerGDBOut ├── ubuntuSources ├── 2.31 │ └── sources.list ├── 2.26 │ └── sources.list ├── 2.27 │ └── sources.list ├── 2.34 │ └── sources.list ├── 2.23 │ └── sources.list ├── 2.33 │ └── sources.list ├── 2.32 │ └── sources.list ├── 2.30 │ └── sources.list ├── 2.24 │ └── sources.list ├── 2.29 │ └── sources.list └── 2.28 │ └── sources.list ├── dockerPwnRun ├── dockerTerm ├── install.sh ├── setup.sh ├── README.md └── README_en-US.md /terminalConfig: -------------------------------------------------------------------------------- 1 | gnome-terminal -------------------------------------------------------------------------------- /dockerGDBIn: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | 3 | gdb attach `ps x | grep -v grep | grep Ss+ | awk '{print $1}'` -------------------------------------------------------------------------------- /soft/pip-9.0.1.tar.gz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PIG-007/pwnDockerAll/HEAD/soft/pip-9.0.1.tar.gz -------------------------------------------------------------------------------- /soft/setuptools-36.6.0.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/PIG-007/pwnDockerAll/HEAD/soft/setuptools-36.6.0.zip -------------------------------------------------------------------------------- /dockerSources/daemon.json: -------------------------------------------------------------------------------- 1 | { 2 | "registry-mirrors": [ 3 | "https://docker.mirrors.ustc.edu.cn", 4 | "https://hub-mirror.c.163.com" 5 | ], 6 | "insecure-registries":[ 7 | "docker.mirrors.ustc.edu.cn", 8 | "registry.docker-cn.com" 9 | ], 10 | "dns": ["8.8.8.8","8.8.4.4"] 11 | } 12 | -------------------------------------------------------------------------------- /dockerGDBOut: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | 3 | 4 | libcVersionList=(2.23 2.24 2.26 2.27 2.28 2.29 2.30 2.31 2.32 2.33 2.34) 5 | 6 | conName= 7 | for i in ${libcVersionList[*]}; 8 | do 9 | sudo docker ps -a --format "{{.Names}}" | grep -q "$i" 10 | if [ $? -ne 0 ] ;then 11 | continue 12 | else 13 | conName=$i 14 | break 15 | fi 16 | done 17 | 18 | echo $conName 19 | 20 | if [ ! $conName ]; then 21 | 22 | echo "Unkonw error" 23 | else 24 | echo "Get" 25 | sudo docker exec -it --privileged=true $conName /bin/bash -c "/usr/bin/dockerGDBIn && /bin/bash" 26 | fi 27 | 28 | -------------------------------------------------------------------------------- /ubuntuSources/2.31/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ focal main restricted universe multiverse 2 | # deb-src http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ focal main restricted universe multiverse 3 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ focal-updates main restricted universe multiverse 4 | # deb-src http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ focal-updates main restricted universe multiverse 5 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ focal-backports main restricted universe multiverse 6 | # deb-src http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ focal-backports main restricted universe multiverse 7 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ focal-security main restricted universe multiverse 8 | # deb-src http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ focal-security main restricted universe multiverse 9 | -------------------------------------------------------------------------------- /ubuntuSources/2.26/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu artful main restricted universe multiverse 2 | #deb-src https://mirrors.ustc.edu.cn/ubuntu/ artful main restricted universe multiverse 3 | 4 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu artful-security main restricted universe multiverse 5 | #deb-src https://mirrors.ustc.edu.cn/ubuntu/ artful-security main restricted universe multiverse 6 | 7 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu artful-updates main restricted universe multiverse 8 | #deb-src https://mirrors.ustc.edu.cn/ubuntu/ artful-updates main restricted universe multiverse 9 | 10 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu artful-backports main restricted universe multiverse 11 | #deb-src https://mirrors.ustc.edu.cn/ubuntu/ artful-backports main restricted universe multiverse 12 | -------------------------------------------------------------------------------- /ubuntuSources/2.27/sources.list: -------------------------------------------------------------------------------- 1 | # 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释 2 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse 3 | # deb-src http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic main restricted universe multiverse 4 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse 5 | # deb-src http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-updates main restricted universe multiverse 6 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse 7 | # deb-src http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-backports main restricted universe multiverse 8 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse 9 | # deb-src http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ bionic-security main restricted universe multiverse 10 | -------------------------------------------------------------------------------- /dockerPwnRun: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | 3 | set -- `getopt g:h "$@"` 4 | 5 | if [ $# == 1 ] ; then 6 | echo "dockerPwnRun -h" 7 | exit 1; 8 | fi 9 | 10 | while [ -n "$1" ] 11 | do 12 | case "$1" in 13 | -g)sudo socat tcp-listen:"$2",reuseaddr,fork EXEC:dockerTerm,pty,raw,echo=0 & 14 | shift ;; 15 | -h)echo "Usage :dockerPwnRun [pwnfileDir] [docker_images_name]" 16 | echo "Example :dockerPwnRun PIG007 2.23" 17 | echo "Example(gdb) :dockerPwnRun PIG007 2.23 -g 30001" 18 | exit 1;; 19 | # -c) echo "found option c, no param." ;; 20 | --) ;; 21 | *) #echo "what's this?" 22 | break ;; 23 | esac 24 | shift 25 | done 26 | 27 | 28 | sudo docker run -it --network host --name "$2" --rm --privileged=true -v $(pwd)/"$1":/ctf/"$1" "$2" /bin/bash -c 'cd /ctf/ && /bin/bash' 29 | sudo ps -ef | grep dockerTerm | grep -v grep | awk '{print $2}'|sudo xargs -r kill 30 | -------------------------------------------------------------------------------- /ubuntuSources/2.34/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.ustc.edu.cn/ubuntu/ jammy main restricted universe multiverse 2 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ jammy main restricted universe multiverse 3 | 4 | deb http://mirrors.ustc.edu.cn/ubuntu/ jammy-security main restricted universe multiverse 5 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ jammy-security main restricted universe multiverse 6 | 7 | deb http://mirrors.ustc.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse 8 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ jammy-updates main restricted universe multiverse 9 | 10 | deb http://mirrors.ustc.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse 11 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ jammy-backports main restricted universe multiverse 12 | 13 | ## Not recommended 14 | # deb http://mirrors.ustc.edu.cn/ubuntu/ jammy-proposed main restricted universe multiverse 15 | # deb-src http://mirrors.ustc.edu.cn/ubuntu/ jammy-proposed main restricted universe multiverse 16 | -------------------------------------------------------------------------------- /ubuntuSources/2.23/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.ustc.edu.cn/ubuntu/ xenial main restricted universe multiverse 2 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial main restricted universe multiverse 3 | 4 | deb http://mirrors.ustc.edu.cn/ubuntu/ xenial-security main restricted universe multiverse 5 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial-security main restricted universe multiverse 6 | 7 | deb http://mirrors.ustc.edu.cn/ubuntu/ xenial-updates main restricted universe multiverse 8 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial-updates main restricted universe multiverse 9 | 10 | deb http://mirrors.ustc.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse 11 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial-backports main restricted universe multiverse 12 | 13 | ## Not recommended 14 | # deb http://mirrors.ustc.edu.cn/ubuntu/ xenial-proposed main restricted universe multiverse 15 | # deb-src http://mirrors.ustc.edu.cn/ubuntu/ xenial-proposed main restricted universe multiverse 16 | -------------------------------------------------------------------------------- /ubuntuSources/2.33/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.ustc.edu.cn/ubuntu/ hirsute main restricted universe multiverse 2 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ hirsute main restricted universe multiverse 3 | 4 | deb http://mirrors.ustc.edu.cn/ubuntu/ hirsute-security main restricted universe multiverse 5 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ hirsute-security main restricted universe multiverse 6 | 7 | deb http://mirrors.ustc.edu.cn/ubuntu/ hirsute-updates main restricted universe multiverse 8 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ hirsute-updates main restricted universe multiverse 9 | 10 | deb http://mirrors.ustc.edu.cn/ubuntu/ hirsute-backports main restricted universe multiverse 11 | deb-src http://mirrors.ustc.edu.cn/ubuntu/ hirsute-backports main restricted universe multiverse 12 | 13 | ## Not recommended 14 | # deb http://mirrors.ustc.edu.cn/ubuntu/ hirsute-proposed main restricted universe multiverse 15 | # deb-src http://mirrors.ustc.edu.cn/ubuntu/ hirsute-proposed main restricted universe multiverse 16 | -------------------------------------------------------------------------------- /dockerTerm: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | 3 | terminalList=(gnome-terminal xterm xfce4-terminal) 4 | 5 | 6 | for terminal in `cat ~/pwnDockerAll/terminalConfig` 7 | do 8 | for i in ${terminalList[*]}; 9 | do 10 | if [ $i == ${terminal} ];then 11 | if [ "${terminal}" == "gnome-terminal" ];then 12 | #echo "gnome-terminal" 13 | sudo gnome-terminal -- bash -c "~/pwnDockerAll/dockerGDBOut;exec bash" 14 | exit 1; 15 | fi 16 | if [ "${terminal}" == "xterm" ];then 17 | #echo "xterm" 18 | sudo xterm -e "~/pwnDockerAll/dockerGDBOut && /bin/bash" 19 | exit 1; 20 | #${terminal} -- bash -c "~/pwnDockerAll/dockerGDBOut;exec bash" 21 | fi 22 | if [ "${terminal}" == "xfce4-terminal" ];then 23 | #echo "gnome-terminal" 24 | sudo xfce4-terminal -x bash -c "~/pwnDockerAll/dockerGDBOut;exec bash" 25 | exit 1; 26 | fi 27 | 28 | else 29 | continue 30 | fi 31 | done 32 | done 33 | 34 | echo "No such terminal!" -------------------------------------------------------------------------------- /ubuntuSources/2.32/sources.list: -------------------------------------------------------------------------------- 1 | # 默认注释了源码镜像以提高 apt update 速度,如有需要可自行取消注释 2 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy main restricted universe multiverse 3 | # deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy main restricted universe multiverse 4 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy-updates main restricted universe multiverse 5 | # deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy-updates main restricted universe multiverse 6 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy-backports main restricted universe multiverse 7 | # deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy-backports main restricted universe multiverse 8 | deb http://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy-security main restricted universe multiverse 9 | # deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy-security main restricted universe multiverse 10 | 11 | # 预发布软件源,不建议启用 12 | # deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy-proposed main restricted universe multiverse 13 | # deb-src https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ groovy-proposed main restricted universe multiverse 14 | 15 | -------------------------------------------------------------------------------- /ubuntuSources/2.30/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan main restricted universe multiverse 2 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan main restricted universe multiverse 3 | 4 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan-security main restricted universe multiverse 5 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan-security main restricted universe multiverse 6 | 7 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan-updates main restricted universe multiverse 8 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan-updates main restricted universe multiverse 9 | 10 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan-backports main restricted universe multiverse 11 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan-backports main restricted universe multiverse 12 | 13 | ## Not recommended 14 | # deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan-proposed main restricted universe multiverse 15 | # deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ eoan-proposed main restricted universe multiverse 16 | -------------------------------------------------------------------------------- /ubuntuSources/2.24/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty main restricted universe multiverse 2 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty main restricted universe multiverse 3 | 4 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty-security main restricted universe multiverse 5 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty-security main restricted universe multiverse 6 | 7 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty-updates main restricted universe multiverse 8 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty-updates main restricted universe multiverse 9 | 10 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty-backports main restricted universe multiverse 11 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty-backports main restricted universe multiverse 12 | 13 | ## Not recommended 14 | # deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty-proposed main restricted universe multiverse 15 | # deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ zesty-proposed main restricted universe multiverse 16 | -------------------------------------------------------------------------------- /ubuntuSources/2.29/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco main restricted universe multiverse 2 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco main restricted universe multiverse 3 | 4 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco-security main restricted universe multiverse 5 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco-security main restricted universe multiverse 6 | 7 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco-updates main restricted universe multiverse 8 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco-updates main restricted universe multiverse 9 | 10 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco-backports main restricted universe multiverse 11 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco-backports main restricted universe multiverse 12 | 13 | ## Not recommended 14 | # deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco-proposed main restricted universe multiverse 15 | # deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ disco-proposed main restricted universe multiverse 16 | -------------------------------------------------------------------------------- /ubuntuSources/2.28/sources.list: -------------------------------------------------------------------------------- 1 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic main restricted universe multiverse 2 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic main restricted universe multiverse 3 | 4 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic-security main restricted universe multiverse 5 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic-security main restricted universe multiverse 6 | 7 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic-updates main restricted universe multiverse 8 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic-updates main restricted universe multiverse 9 | 10 | deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic-backports main restricted universe multiverse 11 | deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic-backports main restricted universe multiverse 12 | 13 | ## Not recommended 14 | # deb http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic-proposed main restricted universe multiverse 15 | # deb-src http://mirrors.ustc.edu.cn/ubuntu-old-releases/ubuntu/ cosmic-proposed main restricted universe multiverse 16 | -------------------------------------------------------------------------------- /install.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | 3 | apt-get -y update 4 | apt-get -y install tzdata 5 | apt-get -y install vim 6 | apt-get -y install libxml2-dev 7 | apt-get -y install libxslt-dev 8 | apt-get -y install libmysqlclient-dev 9 | apt-get -y install libsqlite3-dev 10 | apt-get -y install zlib1g-dev 11 | apt-get -y install python-dev 12 | apt-get -y install libffi-dev 13 | apt-get -y install libssl-dev 14 | apt-get -y install wget 15 | apt-get -y install gcc 16 | apt-get -y install make 17 | apt-get -y install zip 18 | apt-get -y install build-essential python-setuptools python-pip python-smbus 19 | apt-get -y install libncursesw5-dev libgdbm-dev libc6-dev 20 | apt-get -y install tk-dev 21 | apt-get -y install openssl 22 | apt-get -y install virtualenv 23 | 24 | 25 | 26 | unzip setuptools-36.6.0.zip 27 | cd setuptools-36.6.0 28 | python2 setup.py install 29 | python3 setup.py install 30 | cd ../ 31 | tar -zxvf pip-9.0.1.tar.gz 32 | cd pip-9.0.1 33 | python2 setup.py install 34 | python3 setup.py install 35 | 36 | python2 -m pip install --upgrade pip 37 | python3 setup.py install 38 | python3 -m pip install --upgrade pip 39 | pip2 config set global.index-url https://pypi.douban.com/simple/ 40 | pip3 config set global.index-url https://pypi.douban.com/simple/ 41 | 42 | cd ../ 43 | pip2 install pathlib2 44 | pip2 install pwntools 45 | pip3 install pwntools 46 | 47 | 48 | 49 | cat >> ~/.vimrc << EOF 50 | syntax on 51 | set number 52 | set scrolloff=6 53 | EOF 54 | 55 | apt-get -y install git 56 | git clone https://gitee.com/Piggy007/pwndbg.git 57 | cd pwndbg 58 | ./setup.sh 59 | cd ../ 60 | git clone https://gitee.com/Piggy007/Pwngdb.git 61 | cp ~/Pwngdb/.gdbinit ~/ 62 | sed -i 'N;2 i source ~/pwndbg/gdbinit.py' ~/.gdbinit 63 | #git clone https://gitee.com/Piggy007/peda.git 64 | apt -y autoremove -------------------------------------------------------------------------------- /setup.sh: -------------------------------------------------------------------------------- 1 | #! /bin/bash 2 | 3 | if [ $# != 1 ] ; then 4 | echo "Usage:./setup.sh [glibc-version]" 5 | echo "Example:./setup.sh 2.23" 6 | exit 1; 7 | fi 8 | 9 | 10 | 11 | declare -A dic 12 | dic=([2.23]="16.04" [2.24]="17.04" [2.26]="17.10" 13 | [2.27]="18.04" [2.28]="18.10" [2.29]="19.04" 14 | [2.30]="19.10" [2.31]="20.04" [2.32]="20.10" 15 | [2.33]="21.04" [2.34]="22.04") 16 | 17 | 18 | if [ ! ${dic["$1"]} ]; then 19 | 20 | echo "Unkonw error" 21 | exit 1; 22 | else 23 | echo "Get" 24 | fi 25 | 26 | 27 | version_glibc="$1" 28 | version_ubuntu="ubuntu:${dic["$1"]}" 29 | conName="con$version_glibc" 30 | 31 | #creat docker and previous work 32 | mkdir -p /etc/docker 33 | sudo cp ./dockerSources/daemon.json /etc/docker/ 34 | systemctl restart docker 35 | docker pull $version_ubuntu 36 | docker run -d --name $conName $version_ubuntu /bin/bash -c 'cd && ./install.sh' 37 | 38 | version_images=$version_glibc 39 | 40 | #add something to docker 41 | docker cp ./ubuntuSources/$version_glibc/sources.list $conName:/etc/apt 42 | docker cp ./install.sh $conName:/root/ 43 | docker cp ./soft/setuptools-36.6.0.zip $conName:/root/ 44 | docker cp ./soft/pip-9.0.1.tar.gz $conName:/root/ 45 | docker cp ./dockerGDBIn $conName:/usr/bin/ 46 | 47 | 48 | ##gdb sources---------------------------------------- 49 | # wget -P ./glibcFile/$version_images/ http://ftp.gnu.org/gnu/glibc/glibc-$version_images.tar.gz 50 | # tar -zxvf ./glibcFile/$version_images/glibc-$version_images.tar.gz -C ./glibcFile/$version_images/ 51 | # docker cp ./glibcFile/$version_images/glibc-$version_images/ $conName:/root/glibc-src/ 52 | ##-----when use docker gdb need to add: 53 | ##dir /root/glibc-src/malloc 54 | 55 | 56 | #start download 57 | docker start $conName 58 | docker logs -f $conName 59 | 60 | 61 | ##add your own thing here---------------------------- 62 | #docker exec $conName /bin/bash -c "sed -i 'N;6 i dir ~/glibc-src/malloc' ~/.gdbinit" 63 | 64 | 65 | docker commit -m "pwn" -a "PIG-007" $conName $version_images 66 | docker stop $conName 67 | 68 | 69 | #create dir and copy libc&ld file 70 | mkdir -p $(pwd)/dockerLibc/$version_glibc/64 71 | mkdir -p $(pwd)/dockerLibc/$version_glibc/32 72 | docker cp $conName:/lib/x86_64-linux-gnu/libc-$version_glibc.so $(pwd)/dockerLibc/$version_glibc/64/ 73 | docker cp $conName:/lib/x86_64-linux-gnu/ld-$version_glibc.so $(pwd)/dockerLibc/$version_glibc/64/ 74 | 75 | docker cp $conName:/lib/i386-linux-gnu/libc-$version_glibc.so $(pwd)/dockerLibc/$version_glibc/32/ 76 | docker cp $conName:/lib/i386-linux-gnu/ld-$version_glibc.so $(pwd)/dockerLibc/$version_glibc/32/ 77 | 78 | #free space 79 | docker rm $conName 80 | docker rmi $version_ubuntu 81 | 82 | #get command 83 | chmod a+x install.sh 84 | chmod a+x dockerPwnRun 85 | chmod a+x dockerTerm 86 | chmod a+x dockerGDBIn 87 | chmod a+x dockerGDBOut 88 | 89 | cp dockerPwnRun /usr/bin/ 90 | cp dockerTerm /usr/bin/ 91 | # cp dockerGDBOut /usr/bin/ 92 | 93 | 94 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # pwnDockerAll 2 | 3 | Language: [English](https://github.com/PIG-007/pwnDockerAll/blob/master/README_en-US.md) | [中文简体](https://github.com/PIG-007/pwnDockerAll/blob/master/README.md) 4 | 5 | 只用几个命令建立PWN环境,只需要Docker! 6 | 7 | ## Docker镜像包含 8 | 9 | + `pwndbg`:[pwndbg/pwndbg: Exploit Development and Reverse Engineering with GDB Made Easy (github.com)](https://github.com/pwndbg/pwndbg) 10 | + `Pwngdb`:[scwuaptx/Pwngdb: gdb for pwn (github.com)](https://github.com/scwuaptx/Pwngdb) 11 | + `peda`:[longld/peda: PEDA - Python Exploit Development Assistance for GDB (github.com)](https://github.com/longld/peda) 12 | + `pwntools`:[Gallopsled/pwntools: CTF framework and exploit development library (github.com)](https://github.com/Gallopsled/pwntools) 13 | + `other essential`:ROPgadget..and so on 14 | 15 | ## 安装 16 | 17 | 需要先安装 `docker.io`,并且确保你的容器能够连上网络。 18 | 19 | ```bash 20 | cd ~/ 21 | git clone https://github.com/PIG-007/pwnDockerAll.git 22 | #git clone https://gitee.com/Piggy007/pwnDockerAll.git 23 | cd pwnDockerAll 24 | chmod a+x setup.sh 25 | sudo ./setup.sh [libc_version] 26 | #such as this: 27 | #sudo ./setup.sh 2.33 28 | ``` 29 | 30 | ## 使用方法 31 | 32 | 终端改变路径到需要的PWN题处 33 | 34 | ```bash 35 | dockerPwnRun [pwnfileDir] [docker_images_name] 36 | dockerPwnRun [pwnfileDir] [docker_images_name] -g [port] 37 | ``` 38 | 39 | 映射的PWN文件目录在/ctf/下 40 | 41 | ![Snipaste_2021-08-27_21-58-42](https://pig-007.oss-cn-beijing.aliyuncs.com/img/20210827215851.png) 42 | 43 | 由于PWN文件目录是从宿主机映射到容器中的,所以你可以在宿主机中修改文件`exp.py`。 44 | 45 | 除此之外,当从容器中退出时,容器会自动删除,不会占用空间,即开即用。 46 | 47 | 可以用以下命令查看`Docker`镜像: 48 | 49 | ```bash 50 | docker images 51 | ``` 52 | 53 | ## 其他功能 54 | 55 | ### 获取其他版本Libc环境 56 | 57 | 理论上,只要提供了该Libc版本对应ubuntu的`sources.list `,并且`Docker hub`也有该版本的ubuntu就可以创建。但是需要修改以下配置文件: 58 | 59 | ```bash 60 | #the configuration is in setup.sh 61 | 62 | dic=([2.23]="16.04" [2.24]="17.04" [2.26]="17.10" 63 | [2.27]="18.04" [2.28]="18.10" [2.29]="19.04" 64 | [2.30]="19.10" [2.31]="20.04" [2.32]="20.10" 65 | [2.33]="21.04" [2.34]="22.04") 66 | ``` 67 | 68 | 添加对应Libc版本的ubuntu,如下: 69 | 70 | ```bash 71 | #the configuration is in setup.sh 72 | 73 | dic=([2.19]="14.04" [2.23]="16.04" [2.24]="17.04" [2.26]="17.10" 74 | [2.27]="18.04" [2.28]="18.10" [2.29]="19.04" 75 | [2.30]="19.10" [2.31]="20.04" [2.32]="20.10" 76 | [2.33]="21.04" [2.34]="22.04") 77 | ``` 78 | 79 | 比如这里新建 `[2.19]="14.04"` 80 | 81 | ### 支持GDB attach功能 82 | 83 | 使用时加入-g参数,并指定端口即可使用类似 `gdb.attach(p)` 的功能,这个功能需要安装`socat` 84 | 85 | ``` 86 | apt-get install socat 87 | ``` 88 | 89 | 然后就类似如下启动语句: 90 | 91 | ```bash 92 | dockerPwnRun [pwnfileDir] [docker_images_name] -g 30001 93 | ``` 94 | 95 | `exp.py`中设置如下: 96 | 97 | ```python 98 | #In exp.py 99 | 100 | def dockerDbg(): 101 | myGdb = remote("127.0.0.1",30001) 102 | myGdb.close() 103 | pause() 104 | ``` 105 | 106 | 这个功能是基于Docker的host网络的 107 | 108 | ### 其他终端添加 109 | 110 | 默认的终端是`gnome-terminal`。但是可以自己设置自己的终端,在`terminalConfig`文件下设置,默认支持的终端如下: 111 | 112 | + `gnome-terminal` 113 | + `xterm` 114 | + `xfce4-terminal` 115 | 116 | 同样可以添加其他终端,在文件`dockerTerm`中设置,添加对应语句,比如添加`terminator` : 117 | 118 | ```bash 119 | terminalList=(gnome-terminal xterm xfce4-terminal terminator) 120 | 121 | if [ "${terminal}" == "terminator" ];then 122 | #echo "gnome-terminal" 123 | sudo terminator -x bash -c "~/pwnDockerAll/dockerGDBOut;exec bash" bash" 124 | exit 1; 125 | fi 126 | ``` 127 | 128 | ### 用Glibc源码来调试 129 | 130 | 在安装对应版本的Docker镜像之前可以去掉在文件 `setup.sh` 中以下语句的注释来获得源码调试功能。 131 | 132 | ```bash 133 | ##gdb sources---------------------------------------- 134 | 135 | wget -P ./glibcFile/$version_images/ http://ftp.gnu.org/gnu/glibc/glibc-$version_images.tar.gz 136 | tar -zxvf ./glibcFile/$version_images/glibc-$version_images.tar.gz -C ./glibcFile/$version_images/ 137 | docker cp ./glibcFile/$version_images/glibc-$version_images/ $conName:/root/glibc-src/ 138 | ``` 139 | 140 | ```bash 141 | ##add your own thing here---------------------------- 142 | 143 | docker exec $conName /bin/bash -c "sed -i 'N;6 i dir ~/glibc-src/malloc' ~/.gdbinit" 144 | ``` 145 | 146 | ### 添加自己的东西 147 | 148 | 创建镜像之前可以在文件 `setup.sh`下列语句中添加自己的东西 149 | 150 | ```bash 151 | ##add your own thing here---------------------------- 152 | docker cp file $version_images:/root/ 153 | ``` 154 | 155 | ### 安装其他软件 156 | 157 | 可以在文件`install.sh`安装其他软件来实现其他功能 158 | 159 | -------------------------------------------------------------------------------- /README_en-US.md: -------------------------------------------------------------------------------- 1 | # pwnDockerAll 2 | 3 | Language: [English](https://github.com/PIG-007/pwnDockerAll/blob/master/README_en-US.md) | [中文简体](https://github.com/PIG-007/pwnDockerAll/blob/master/README.md) 4 | 5 | Construct all pwn enviroment for just a few commands,only need docker! 6 | 7 | ## All docker include 8 | 9 | + `pwndbg`:[pwndbg/pwndbg: Exploit Development and Reverse Engineering with GDB Made Easy (github.com)](https://github.com/pwndbg/pwndbg) 10 | + `Pwngdb`:[scwuaptx/Pwngdb: gdb for pwn (github.com)](https://github.com/scwuaptx/Pwngdb) 11 | + `peda`:[longld/peda: PEDA - Python Exploit Development Assistance for GDB (github.com)](https://github.com/longld/peda) 12 | + `pwntools`:[Gallopsled/pwntools: CTF framework and exploit development library (github.com)](https://github.com/Gallopsled/pwntools) 13 | + `other essential`:ROPgadget..and so on 14 | 15 | ## Installation 16 | 17 | Before that,you have to download `docker.io`!And make sure your container could connect to network! 18 | 19 | ```bash 20 | cd ~/ 21 | git clone https://github.com/PIG-007/pwnDockerAll.git 22 | #git clone https://gitee.com/Piggy007/pwnDockerAll.git 23 | cd pwnDockerAll 24 | chmod a+x setup.sh 25 | sudo ./setup.sh [libc_version] 26 | #such as this: 27 | #sudo ./setup.sh 2.33 28 | ``` 29 | 30 | ## Usages 31 | 32 | Change path to the pwn topic 33 | 34 | ```bash 35 | dockerPwnRun [pwnfileDir] [docker_images_name] 36 | dockerPwnRun [pwnfileDir] [docker_images_name] -g [port] 37 | ``` 38 | 39 | And the pwnfileDir is on /ctf/ 40 | 41 | ![](https://pig-007.oss-cn-beijing.aliyuncs.com/img/20210827215910.png) 42 | 43 | The pwnfileDir is mapped to the docker from host machine.So,you could change it just under the host machine. 44 | 45 | Besides,when you exit from the docker,the container will be removed,it won't occupy the space. 46 | 47 | You could check the images: 48 | 49 | ```bash 50 | docker images 51 | ``` 52 | 53 | ## Other function 54 | 55 | ### For gadget 56 | 57 | Copy the ld.so and libc.so to `dockerLibc` after finishing the docker image. 58 | 59 | ### Get other version libc 60 | 61 | In theory,if you could provide the corresponding version sources.list and the docker hub has corresponding version ubuntu.Any glibc version could be created!But before that,you should change some configuration: 62 | 63 | ```bash 64 | #the configuration is in setup.sh 65 | 66 | dic=([2.23]="16.04" [2.24]="17.04" [2.26]="17.10" 67 | [2.27]="18.04" [2.28]="18.10" [2.29]="19.04" 68 | [2.30]="19.10" [2.31]="20.04" [2.32]="20.10" 69 | [2.33]="21.04" [2.34]="22.04") 70 | ``` 71 | 72 | Add some corresponding version,such as follow: 73 | 74 | ```bash 75 | #the configuration is in setup.sh 76 | 77 | dic=([2.19]="14.04" [2.23]="16.04" [2.24]="17.04" [2.26]="17.10" 78 | [2.27]="18.04" [2.28]="18.10" [2.29]="19.04" 79 | [2.30]="19.10" [2.31]="20.04" [2.32]="20.10" 80 | [2.33]="21.04" [2.34]="22.04") 81 | ``` 82 | 83 | Add the `[2.19]="14.04"` just for that! 84 | 85 | ### New terminal GDB attach 86 | 87 | Add the following statements could realize `gdb.attach(p)` function! 88 | 89 | ```bash 90 | dockerPwnRun [pwnfileDir] [docker_images_name] -g 30001 91 | ``` 92 | 93 | The port could be set up as for yourself! 94 | 95 | ```python 96 | #In exp.py 97 | 98 | def dockerDbg(): 99 | myGdb = remote("127.0.0.1",30001) 100 | myGdb.close() 101 | pause() 102 | ``` 103 | 104 | This function is base on docker host network. 105 | 106 | ### The other terminal 107 | 108 | The default terminal is gnome-terminal.But you could reset it by your own terminal.The configuration of terminal is in the file `terminalConfig`.You could change it to other terminal. 109 | 110 | And the supported terminal are: 111 | 112 | + `gnome-terminal` 113 | + `xterm` 114 | + `xfce4-terminal` 115 | 116 | You could also add some other terminal.And chang the terminalConfig.Such as the `terminator`: 117 | 118 | ```bash 119 | terminalList=(gnome-terminal xterm xfce4-terminal terminator) 120 | 121 | if [ "${terminal}" == "terminator" ];then 122 | #echo "gnome-terminal" 123 | sudo terminator -x bash -c "~/pwnDockerAll/dockerGDBOut;exec bash" bash" 124 | exit 1; 125 | fi 126 | ``` 127 | 128 | ### Debug progress with glibc-sources 129 | 130 | You could uncomment the follow statement in the file `setup.sh` before creating docker image. 131 | 132 | ```bash 133 | ##gdb sources---------------------------------------- 134 | 135 | wget -P ./glibcFile/$version_images/ http://ftp.gnu.org/gnu/glibc/glibc-$version_images.tar.gz 136 | tar -zxvf ./glibcFile/$version_images/glibc-$version_images.tar.gz -C ./glibcFile/$version_images/ 137 | docker cp ./glibcFile/$version_images/glibc-$version_images/ $conName:/root/glibc-src/ 138 | ``` 139 | 140 | ```bash 141 | ##add your own thing here---------------------------- 142 | 143 | docker exec $conName /bin/bash -c "sed -i 'N;6 i dir ~/glibc-src/malloc' ~/.gdbinit" 144 | ``` 145 | 146 | ### Add your own thing 147 | 148 | Under the statment,you could add your own thing to the image!In file `setup.sh` 149 | 150 | ```bash 151 | ##add your own thing here---------------------------- 152 | docker cp file $version_images:/root/ 153 | ``` 154 | 155 | ### Install other software 156 | 157 | You could install other software to the image!In the end of the file `install.sh` 158 | 159 | --------------------------------------------------------------------------------