DARPA 在2016年举办过一次自动化的网络攻防比赛,缩写叫CGC。比赛用的测试程序还挺有价值的。本文主要介绍如何安装CGC 比赛的测试程序。
CGC 程序运行在一种类似linux系统的系统上。所以直接用ubuntu这类linux系统是无法运行的。有幸在github的issue里看到有个人给了CGC的vagrant file。也就是可以用vagrant安装CGC的虚拟环境。
由于之前我也没有接触过这个vagrant,所以这篇文章也将包含vagrant 的安装,已经安装好这部分的可以直接跳过。
安装vagrantvagrant是一种管理虚拟机的软件,比如virtual box,vmware等。由于vmware 需要付费,这里先用virtual box凑合凑合。
sudo apt-get install virtualbox
关于vagrant的介绍可以看wiki:https://zh.wikipedia.org/zh-hans/Vagrant
然后使用官网给出的三行命令让ubuntu自动安装vagrant。如果是其他系统,可以看官网链接给出的安装方式:https://www.vagrantup.com/downloads
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add - sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main" sudo apt-get update && sudo apt-get install vagrant
稍等一会就安装好了。判断安装是否完成可以输入命令vagrant -h验证一下,应该会出现下面的结果。
Usage: vagrant [options]安装CGC 的虚拟机[] -h, --help Print this help. Common commands: autocomplete manages autocomplete installation on host box manages boxes: installation, removal, etc. cloud manages everything related to Vagrant Cloud destroy stops and deletes all traces of the vagrant machine global-status outputs status Vagrant environments for this user halt stops the vagrant machine help shows the help for a subcommand init initializes a new Vagrant environment by creating a Vagrantfile login package packages a running vagrant environment into a box plugin manages plugins: install, uninstall, update, etc. port displays information about guest port mappings powershell connects to machine via powershell remoting provision provisions the vagrant machine push deploys code in this environment to a configured destination rdp connects to machine via RDP reload restarts vagrant machine, loads new Vagrantfile configuration resume resume a suspended vagrant machine snapshot manages snapshots: saving, restoring, etc. ssh connects to machine via SSH ssh-config outputs OpenSSH valid configuration to connect to the machine status outputs status of the vagrant machine suspend suspends the machine up starts and provisions the vagrant environment upload upload to machine via communicator validate validates the Vagrantfile version prints current and latest Vagrant version winrm executes commands on a machine via WinRM winrm-config outputs WinRM configuration to connect to the machine For help on any individual command run `vagrant COMMAND -h` Additional subcommands are available, but are either more advanced or not commonly used. To see all subcommands, run the command `vagrant list-commands`. --[no-]color Enable or disable color output --machine-readable Enable machine readable output -v, --version Display Vagrant version --debug Enable debug output --timestamp Enable timestamps on log output --debug-timestamp Enable debug output with timestamps --no-tty Enable non-interactive output
发现github上这个仓库里有CGC的vagrant file:https://github.com/funemy/binary-study/tree/master/vm
可以直接下他的vagrant file,或者clone他的仓库。这里我看他库里蛮多有用的东西,就直接clone下来了。下面的三条命令就是用vagrant自动安装CGC的虚拟环境。
git clone git@github.com:funemy/binary-study.git cd binary-study/vm vagrant up
在漫长的等待后,我们终于安装好了。输入下面的命令进入CGC环境
vagrant ssh
进去之后,可以看到这样的提示:
然后,就茫然了,ls一下啥都没有。看起来还需要把外面的CGC challenge拷进来。
搜索了一通,有用scp拷贝进来的,有装vagrant插件的。不过感觉最简单的还是,直接把文件放到vagrant file目录下,该目录会自动挂载到虚拟机里的/vagrant 目录下。然后就可以直接copy过去了。类似自带的共享文件夹功能。
然后把CGC 语料库拷贝进去。随便挑一个make看看能不能编译。经过若干时间,可以发现出现了一个bin目录,里头有编译好的二进制,还有带补丁的二进制。
