Add readme lab detail and change gitignore

Author: Pongsakorn Sommalai

.env.example

@@ -1 +1,2 @@
-FLAG=flag{ILoveYou}
+FLAG=flag{ILoveYou}
+PORT=1337

.gitignore

@@ -1,138 +1 @@
-# Byte-compiled / optimized / DLL files
-__pycache__/
-*.py[cod]
-*$py.class
-
-# C extensions
-*.so
-
-# Distribution / packaging
-.Python
-build/
-develop-eggs/
-dist/
-downloads/
-eggs/
-.eggs/
-lib/
-lib64/
-parts/
-sdist/
-var/
-wheels/
-share/python-wheels/
-*.egg-info/
-.installed.cfg
-*.egg
-MANIFEST
-
-# PyInstaller
-#  Usually these files are written by a python script from a template
-#  before PyInstaller builds the exe, so as to inject date/other infos into it.
-*.manifest
-*.spec
-
-# Installer logs
-pip-log.txt
-pip-delete-this-directory.txt
-
-# Unit test / coverage reports
-htmlcov/
-.tox/
-.nox/
-.coverage
-.coverage.*
-.cache
-nosetests.xml
-coverage.xml
-*.cover
-*.py,cover
-.hypothesis/
-.pytest_cache/
-cover/
-
-# Translations
-*.mo
-*.pot
-
-# Django stuff:
-*.log
-local_settings.py
-db.sqlite3
-db.sqlite3-journal
-
-# Flask stuff:
-instance/
-.webassets-cache
-
-# Scrapy stuff:
-.scrapy
-
-# Sphinx documentation
-docs/_build/
-
-# PyBuilder
-.pybuilder/
-target/
-
-# Jupyter Notebook
-.ipynb_checkpoints
-
-# IPython
-profile_default/
-ipython_config.py
-
-# pyenv
-#   For a library or package, you might want to ignore these files since the code is
-#   intended to run in multiple environments; otherwise, check them in:
-# .python-version
-
-# pipenv
-#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
-#   However, in case of collaboration, if having platform-specific dependencies or dependencies
-#   having no cross-platform support, pipenv may install dependencies that don't work, or not
-#   install all needed dependencies.
-#Pipfile.lock
-
-# PEP 582; used by e.g. github.com/David-OConnor/pyflow
-__pypackages__/
-
-# Celery stuff
-celerybeat-schedule
-celerybeat.pid
-
-# SageMath parsed files
-*.sage.py
-
-# Environments
-.env
-.venv
-env/
-venv/
-ENV/
-env.bak/
-venv.bak/
-
-# Spyder project settings
-.spyderproject
-.spyproject
-
-# Rope project settings
-.ropeproject
-
-# mkdocs documentation
-/site
-
-# mypy
-.mypy_cache/
-.dmypy.json
-dmypy.json
-
-# Pyre type checker
-.pyre/
-
-# pytype static type analyzer
-.pytype/
-
-# Cython debug symbols
-cython_debug/
+.env

README.md

@@ -1,2 +1,73 @@
 # Stack Buffer Overflow 101 Lab
 
+The very basic stack buffer overflow lab
+
+## Let Play
+
+Review source code [chall.c](/chall.c) and find a bug. Please hack this lab on your own environment. And then, get a real flag [ws://stack-buf-overflow-101-lab.herokuapp.com/](ws://stack-buf-overflow-101-lab.herokuapp.com/).
+
+## WebSocket PWN
+
+In heroku platform, we can deploy only web application. Thus, we deployed the PWN challenge using WebSocket protocol. Enjoy WebSocket below !
+
+### netcat to wscat
+
+Connect to lab app with wscat instead. To install wscat, NPM is required.
+
+```
+$ npm install -g wscat
+$ wscat -c ws://echo.websocket.org
+Connected (press CTRL+C to quit)
+> hi there
+< hi there
+> are you a happy parrot?
+< are you a happy parrot?
+```
+
+### pwnlib.tubes.remote.remote to sock_websocket.WebSock
+
+Connect to lab app with sock_websocket.WebSock instead.
+
+```
+$ pip install sock-websocket
+[...]
+$ cat echo.py
+from pwn import *
+from sock_websocket import WebSock
+
+# s = process("chall")
+# s = remote("1.3.3.7", 1337)
+s = WebSock("ws://echo.websocket.org")
+s.sendline(b"Hello World !"))
+s.interactive()
+
+$ python echo.py                                 
+Hello World !
+<3
+<3
+```
+
+## Running Locally
+
+Make sure you have Python 3.7 [installed locally](http://install.python-guide.org). To push to Heroku, you'll need to install the [Heroku CLI](https://devcenter.heroku.com/articles/heroku-cli).
+
+```sh
+$ git clone https://github.com/suam-team/stack-buf-overflow-101-lab.git
+$ cd stack-buf-overflow-101-lab
+$ docker build -t stack-buf-overflow-101-lab .
+$ docker run -d --rm -p 1337:1337 -e PORT=1337 -e FLAG=flag{ILoveU} stack-buf-overflow-101-lab
+```
+
+Your app should now be running on [ws://localhost:1337](ws://localhost:1337).
+
+## Deploying to Heroku
+
+```sh
+$ heroku create
+$ heroku config:set FLAG=flag{ILoveU}
+$ git push heroku main
+$ heroku open
+```
+or
+
+[![Deploy](https://www.herokucdn.com/deploy/button.svg)](https://heroku.com/deploy)

app.json

@@ -1,7 +1,7 @@
 {
     "name": "Stack Buffer Overflow 101 Lab",
-    "description": "",
-    "repository": "",
+    "description": "The very basic stack buffer overflow lab",
+    "repository": "https://github.com/suam-team/stack-buf-overflow-101-lab",
     "logo": "https://suam.wtf/favicon-32x32.png",
     "keywords": ["hacking", "lab", "pwn"],
     "stack": "container"

lab.json

@@ -2,6 +2,6 @@
     "name": "Stack Buffer Overflow 101 Lab",
     "category": "PWN",
     "author": "bongtrop",
-    "flag": "",
-    "detail": ""
+    "flag": "237265834d5d5a8a85db6667378bbce0,f940d2439d16c0a1073677aeb093b2a8,a5dc574f3e46a52866178c79605fe925,5d407d4c125bf2e668c04138dccf0e51ed1f45f09a5feb58cb9caee0386d493ccb42088f5b4077a56ea95b477ce73f3f09821f860ded87cf17f70e94,c59d74b787aba8b557a9ea969c519cd1",
+    "detail": "The very basic stack buffer overflow lab"
 }