DARPA 在2016年举办过一次自动化的网络攻防比赛,缩写叫CGC。比赛用的测试程序还挺有价值的。本文主要介绍如何安装CGC 比赛的测试程序。
CGC 程序运行在一种类似linux系统的系统上。所以直接用ubuntu这类linux系统是无法运行的。有幸在github的issue里看到有个人给了CGC的vagrant file。也就是可以用vagrant安装CGC的虚拟环境。
由于之前我也没有接触过这个vagrant,所以这篇文章也将包含vagrant 的安装,已经安装好这部分的可以直接跳过。
安装vagrant
vagrant是一种管理虚拟机的软件,比如virtual box,vmware等。由于vmware 需要付费,这里先用virtual box凑合凑合。
sudo apt-get install virtualbox
关于vagrant的介绍可以看wiki:https://zh.wikipedia.org/zh-hans/Vagrant
然后使用官网给出的三行命令让ubuntu自动安装vagrant。如果是其他系统,可以看官网链接给出的安装方式:https://www.vagrantup.com/downloads
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
sudo apt-get update && sudo apt-get install vagrant
稍等一会就安装好了。判断安装是否完成可以输入命令vagrant -h
验证一下,应该会出现下面的结果。
Usage: vagrant [options] <command> [<args>]
-h, --help Print this help.
Common commands:
autocomplete manages autocomplete installation on host
box manages boxes: installation, removal, etc.
cloud manages everything related to Vagrant Cloud
destroy stops and deletes all traces of the vagrant machine
global-status outputs status Vagrant environments for this user
halt stops the vagrant machine
help shows the help for a subcommand
init initializes a new Vagrant environment by creating a Vagrantfile
login
package packages a running vagrant environment into a box
plugin manages plugins: install, uninstall, update, etc.
port displays information about guest port mappings
powershell connects to machine via powershell remoting
provision provisions the vagrant machine
push deploys code in this environment to a configured destination
rdp connects to machine via RDP
reload restarts vagrant machine, loads new Vagrantfile configuration
resume resume a suspended vagrant machine
snapshot manages snapshots: saving, restoring, etc.
ssh connects to machine via SSH
ssh-config outputs OpenSSH valid configuration to connect to the machine
status outputs status of the vagrant machine
suspend suspends the machine
up starts and provisions the vagrant environment
upload upload to machine via communicator
validate validates the Vagrantfile
version prints current and latest Vagrant version
winrm executes commands on a machine via WinRM
winrm-config outputs WinRM configuration to connect to the machine
For help on any individual command run `vagrant COMMAND -h`
Additional subcommands are available, but are either more advanced
or not commonly used. To see all subcommands, run the command
`vagrant list-commands`.
--[no-]color Enable or disable color output
--machine-readable Enable machine readable output
-v, --version Display Vagrant version
--debug Enable debug output
--timestamp Enable timestamps on log output
--debug-timestamp Enable debug output with timestamps
--no-tty Enable non-interactive output
安装CGC 的虚拟机
发现github上这个仓库里有CGC的vagrant file:https://github.com/funemy/binary-study/tree/master/vm
可以直接下他的vagrant file,或者clone他的仓库。这里我看他库里蛮多有用的东西,就直接clone下来了。下面的三条命令就是用vagrant自动安装CGC的虚拟环境。
git clone git@github.com:funemy/binary-study.git
cd binary-study/vm
vagrant up
在漫长的等待后,我们终于安装好了。输入下面的命令进入CGC环境
vagrant ssh
进去之后,可以看到这样的提示:
然后,就茫然了,ls一下啥都没有。看起来还需要把外面的CGC challenge拷进来。
搜索了一通,有用scp拷贝进来的,有装vagrant插件的。不过感觉最简单的还是,直接把文件放到Vagrantfile文件所在的目录下,该目录会自动挂载到虚拟机里的**/vagrant 目录下**。类似自带的共享文件夹功能。
然后把CGC 语料库拷贝进去。随便挑一个make看看能不能编译。经过若干时间,可以发现出现了一个bin目录,里头有编译好的二进制,还有带补丁的二进制。