更新权限限制，以及新的BANNER

CTF-Archives · Sep 30, 2023 · c421525 · c421525
1 parent 1b9ccae
commit c421525
Show file tree

Hide file tree

Showing 6 changed files with 42 additions and 24 deletions.
diff --git a/crypto-python_3.10-with_socket/Dockerfile b/crypto-python_3.10-with_socket/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.10.12-slim-bullseye
+FROM python:3.10.13-slim-bullseye
 
 # 制作者信息
 LABEL auther_template="CTF-Archives"
@@ -15,11 +15,16 @@ RUN python3 -m pip install -i https://pypi.tuna.tsinghua.edu.cn/simple \
 
 # 拷贝源码和启动脚本至根目录
 COPY ./src/ /app
-COPY ./service/docker-entrypoint.sh /docker-entrypoint.sh
-RUN chmod +x /docker-entrypoint.sh
+COPY ./service/docker-entrypoint.sh /app/docker-entrypoint.sh
+RUN chmod +x /app/docker-entrypoint.sh
+
+# 新建用户，并进行账户改变
+RUN useradd -m ctf
+RUN chown ctf:ctf /app
+USER ctf
 
 # [可选]指定对外暴露端口，对于GZCTF等平台，强制EXPOSE可能会造成非预期端口泄露，请酌情启用
 # EXPOSE 9999
 
 # 指定容器入口点
-ENTRYPOINT ["/bin/bash","/docker-entrypoint.sh"]
+ENTRYPOINT ["/bin/bash","/app/docker-entrypoint.sh"]
diff --git a/crypto-python_3.10-with_socket/service/docker-entrypoint.sh b/crypto-python_3.10-with_socket/service/docker-entrypoint.sh
@@ -1,4 +1,7 @@
 #!/bin/sh
 
+# 删除启动脚本，以防非预期
+rm -f /app/docker-entrypoint.sh
+
 # 容器启动后，运行项目
 python3 /app/main.py
diff --git a/crypto-python_3.10-with_socket/src/main.py b/crypto-python_3.10-with_socket/src/main.py
@@ -13,13 +13,14 @@
 此文件做到当选手连接服务，按照说明输入"ctf"之后，输出flag
 """
 
-banner = br'''
- __        ___             ____          ____            _                 
- \ \      / / |__  _   _  / ___|  ___   / ___|  ___ _ __(_) ___  _   _ ___ 
-  \ \ /\ / /| '_ \| | | | \___ \ / _ \  \___ \ / _ \ '__| |/ _ \| | | / __|
-   \ V  V / | | | | |_| |  ___) | (_) |  ___) |  __/ |  | | (_) | |_| \__ \
-    \_/\_/  |_| |_|\__, | |____/ \___/  |____/ \___|_|  |_|\___/ \__,_|___/
-                   |___/                                                                  
+BANNER = br'''
+       ____ _____ _____       _             _     _                
+      / ___|_   _|  ___|     / \   _ __ ___| |__ (_)_   _____  ___ 
+     | |     | | | |_ _____ / _ \ | '__/ __| '_ \| \ \ / / _ \/ __|
+     | |___  | | |  _|_____/ ___ \| | | (__| | | | |\ V /  __/\__ \
+      \____| |_| |_|      /_/   \_\_|  \___|_| |_|_| \_/ \___||___/
+                                                               
+
 '''
 
 table = string.ascii_letters+string.digits
@@ -54,7 +55,7 @@ def recv(self, prompt=b'SERVER <INPUT>: '):
 
     def handle(self):
         signal.alarm(30)
-        self.send(banner)
+        self.send(BANNER)
         self.send(b"\nPlease input the \"ctf\":")
         string = self.recv().decode()
         if string == "ctf":

diff --git a/crypto-python_3.8-with_socket/Dockerfile b/crypto-python_3.8-with_socket/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.8.17-slim-bullseye
+FROM python:3.8.18-slim-bullseye
 
 # 制作者信息
 LABEL auther_template="CTF-Archives"
@@ -15,11 +15,16 @@ RUN python3 -m pip install -i https://pypi.tuna.tsinghua.edu.cn/simple \
 
 # 拷贝源码和启动脚本至根目录
 COPY ./src/ /app
-COPY ./service/docker-entrypoint.sh /docker-entrypoint.sh
-RUN chmod +x /docker-entrypoint.sh
+COPY ./service/docker-entrypoint.sh /app/docker-entrypoint.sh
+RUN chmod +x /app/docker-entrypoint.sh
+
+# 新建用户，并进行账户改变
+RUN useradd -m ctf
+RUN chown ctf:ctf /app
+USER ctf
 
 # [可选]指定对外暴露端口，对于GZCTF等平台，强制EXPOSE可能会造成非预期端口泄露，请酌情启用
 # EXPOSE 9999
 
 # 指定容器入口点
-ENTRYPOINT ["/bin/bash","/docker-entrypoint.sh"]
+ENTRYPOINT ["/bin/bash","/app/docker-entrypoint.sh"]
diff --git a/crypto-python_3.8-with_socket/service/docker-entrypoint.sh b/crypto-python_3.8-with_socket/service/docker-entrypoint.sh
@@ -1,4 +1,7 @@
 #!/bin/sh
 
+# 删除启动脚本，以防非预期
+rm -f /app/docker-entrypoint.sh
+
 # 容器启动后，运行项目
 python3 /app/main.py
diff --git a/crypto-python_3.8-with_socket/src/main.py b/crypto-python_3.8-with_socket/src/main.py
@@ -13,13 +13,14 @@
 此文件做到当选手连接服务，按照说明输入"ctf"之后，输出flag
 """
 
-banner = br'''
- __        ___             ____          ____            _                 
- \ \      / / |__  _   _  / ___|  ___   / ___|  ___ _ __(_) ___  _   _ ___ 
-  \ \ /\ / /| '_ \| | | | \___ \ / _ \  \___ \ / _ \ '__| |/ _ \| | | / __|
-   \ V  V / | | | | |_| |  ___) | (_) |  ___) |  __/ |  | | (_) | |_| \__ \
-    \_/\_/  |_| |_|\__, | |____/ \___/  |____/ \___|_|  |_|\___/ \__,_|___/
-                   |___/                                                                  
+BANNER = br'''
+       ____ _____ _____       _             _     _                
+      / ___|_   _|  ___|     / \   _ __ ___| |__ (_)_   _____  ___ 
+     | |     | | | |_ _____ / _ \ | '__/ __| '_ \| \ \ / / _ \/ __|
+     | |___  | | |  _|_____/ ___ \| | | (__| | | | |\ V /  __/\__ \
+      \____| |_| |_|      /_/   \_\_|  \___|_| |_|_| \_/ \___||___/
+                                                               
+
 '''
 
 table = string.ascii_letters+string.digits
@@ -54,7 +55,7 @@ def recv(self, prompt=b'SERVER <INPUT>: '):
 
     def handle(self):
         signal.alarm(30)
-        self.send(banner)
+        self.send(BANNER)
         self.send(b"\nPlease input the \"ctf\":")
         string = self.recv().decode()
         if string == "ctf":