WIP

Signed-off-by: Shay Nehmad <[email protected]>

Author: TheCoreMan

Dockerfile

@@ -1,13 +1,15 @@
-FROM ubuntu:latest
+FROM ubuntu:focal
 
 # Users will log into this machine, so we need to unminimize it.
 # See https://wiki.ubuntu.com/Minimal
 RUN yes | unminimize
 
 # Install dependencies.
 RUN apt update -y
+RUN apt clean -y
 RUN DEBIAN_FRONTEND="noninteractive" apt install -y tzdata
-RUN apt install -y \
+RUN apt clean -y
+RUN apt update -y && apt install -y \
     git-all \
     vim \
     nano \
@@ -69,7 +71,6 @@ RUN chmod 770 /home/tester/.zshrc
 # Copy the test files to the tester account
 COPY levels/tests /home/tester/tests
 RUN chown --recursive tester:tester /home/tester
-RUN chmod 770 --recursive tester:tester /home/tester/tests
 
 # Set up SSH
 RUN mkdir /var/run/sshd

README.md

@@ -2,28 +2,27 @@
 
 Git CTF 🚩 but good this time.
 
-- [make-git-better-2](#make-git-better-2)
-  - [Dependencies](#dependencies)
-  - [Build](#build)
-    - [Ansible](#ansible)
-    - [How to build the challenge Docker manually](#how-to-build-the-challenge-docker-manually)
-      - [Create the hook script](#create-the-hook-script)
-        - [powershell](#powershell)
-        - [sh](#sh)
-      - [Build and run docker image](#build-and-run-docker-image)
-        - [Build docker](#build-docker)
-        - [Run docker](#run-docker)
-        - [Copy ssh key (for outside cloning)](#copy-ssh-key-for-outside-cloning)
-        - [Useful oneliner](#useful-oneliner)
-        - [Connect to the running instance](#connect-to-the-running-instance)
-    - [How to build the web content](#how-to-build-the-web-content)
-      - [Build the level browser](#build-the-level-browser)
-    - [Set up docker-tcp-switchboard](#set-up-docker-tcp-switchboard)
-  - [Test](#test)
-    - [Unit tests](#unit-tests)
-    - [Test levels](#test-levels)
-  - [Develop](#develop)
-    - [Add a new stage](#add-a-new-stage)
+* [Dependencies](#dependencies)
+* [Build](#build)
+  * [Ansible](#ansible)
+  * [How to build the challenge Docker manually](#how-to-build-the-challenge-docker-manually)
+    * [Create the hook script](#create-the-hook-script)
+      * [powershell](#powershell)
+      * [sh](#sh)
+    * [Build and run docker image](#build-and-run-docker-image)
+      * [Build docker](#build-docker)
+      * [Run docker](#run-docker)
+      * [Copy ssh key (for outside cloning)](#copy-ssh-key-for-outside-cloning)
+      * [Useful oneliner](#useful-oneliner)
+      * [Connect to the running instance](#connect-to-the-running-instance)
+  * [How to build the web content](#how-to-build-the-web-content)
+    * [Build the level browser](#build-the-level-browser)
+  * [Set up docker-tcp-switchboard](#set-up-docker-tcp-switchboard)
+* [Test](#test)
+  * [Unit tests](#unit-tests)
+  * [Test levels](#test-levels)
+* [Develop](#develop)
+  * [Add a new stage](#add-a-new-stage)
 
 ## Dependencies
 
@@ -45,6 +44,12 @@ ansible-playbook -v -i hosts build.yaml
 ```
 
 Make sure that you have Ansible configured correctly with your SSH keys.
+[Here's the docs](https://docs.ansible.com/ansible/latest/inventory_guide/connection_details.html).
+
+> Note: Remember to expose 22 to your IP. If you're like me with AWS EC2, you
+> need to add a rule to the security group. Like this:
+>
+> `aws ec2 authorize-security-group-ingress --group-id PUT_HERE --protocol tcp --port 22 --cidr "$(curl -s https://wtfismyip.com/json | jq -r '.YourFuckingIPAddress')/32"`
 
 ### How to build the challenge Docker manually
 

build/ansible/build.yaml

@@ -13,7 +13,7 @@
         chdir: /home/{{ ansible_facts['user_id'] }}/make-git-better-2/scripts
 
     - name: Build Docker image
-      shell: docker build --tag mgb:0.1 --build-arg CACHE_DATE=$(date +%Y-%m-%d:%H:%M:%S) .
+      shell: docker build --tag mgb:0.1 --build-arg CACHE_DATE=$(date +%Y-%m-%d:%H:%M:%S%z) --build-arg OWASP_FLAG_1="AppSec-IL{g1t_d035_P3rM1t_T0_c0mm1T}" --build-arg OWASP_FLAG_2="AppSec-IL{1f_y0u_w4n7_17_c0m3_4nd_917_17}" .
       args:
         chdir: /home/{{ ansible_facts['user_id'] }}/make-git-better-2
 

build/ansible/hosts

@@ -1,3 +1,2 @@
 [ctfservers]
 [email protected]
-