commit fe8f638952188f7ad8cbfbd14df44b655aa1d977
Author: renil <renil@foxmail.com>
Date:   Mon Mar 4 07:16:13 2024 +0800

    first commit

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..7979f54
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,27 @@
+FROM debian:bookworm
+
+COPY _files /tmp/
+
+RUN mv /tmp/flag.sh /flag.sh \
+	&& mv /tmp/sources.list /etc/apt/sources.list \
+	&& mv /tmp/edi* /usr/local \
+	&& apt-get update \
+	&& apt-get --no-install-recommends -y install \
+	wget apt-utils sudo ca-certificates \
+	vim openssh-server file \
+	&& mv /tmp/docker-entrypoint /usr/local/bin/ \
+	&& chmod +x /usr/local/bin/* \
+	&& apt-get clean \
+	&& rm -rf /tmp/* /var/tmp/*
+
+RUN useradd -p '$y$j9T$uCHtN.yDpIqN.PioeaThD.$Cc/8vnnZj.IuNP0aJhtwRMkaAYnBojjLDFBRhz6PIQ8' ctf \
+	&& chsh -s /bin/bash ctf \
+	&& mkdir /home/ctf \
+	&& mv /usr/local/edi* /home/ctf \
+	&& chmod 4755 /home/ctf/edit \
+	&& chmod o+r /etc/sudoers /etc/apt/sources.list \
+	&& chmod 744 /home/ctf/edit.c
+
+EXPOSE 22
+
+CMD ["/bin/sh", "-c", "/usr/local/bin/docker-entrypoint"]
diff --git a/_files/docker-entrypoint b/_files/docker-entrypoint
new file mode 100644
index 0000000..9deeeab
--- /dev/null
+++ b/_files/docker-entrypoint
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+if [[ -f /flag.sh ]]; then
+source /flag.sh
+fi
+
+mkdir /run/sshd
+/usr/sbin/sshd
+
+tail -F /dev/null
diff --git a/_files/edit b/_files/edit
new file mode 100755
index 0000000..ac82fb3
Binary files /dev/null and b/_files/edit differ
diff --git a/_files/edit.c b/_files/edit.c
new file mode 100644
index 0000000..9bf195d
--- /dev/null
+++ b/_files/edit.c
@@ -0,0 +1,11 @@
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+int main()
+{
+    setuid( 0 );
+    system( "vim /etc/apt/sources.list" );
+    return 0;
+ }
diff --git a/_files/flag.sh b/_files/flag.sh
new file mode 100644
index 0000000..cfd9fb4
--- /dev/null
+++ b/_files/flag.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+
+echo "$GZCTF_FLAG" > /flag
+chown root:root /flag
+chmod o-r /flag
+
+unset GZCTF_FLAG
+
+export GZCTF_FLAG="flag in /flag!"
+GZCTF_FLAG="flag in /flag!"
+export FLAG="flag in /flag!"
+echo $FLAG > /home/ctf/flag
+chown ctf:ctf /home/ctf/flag
+rm -rf /flag.sh
diff --git a/_files/sources.list b/_files/sources.list
new file mode 100644
index 0000000..2c5d569
--- /dev/null
+++ b/_files/sources.list
@@ -0,0 +1,4 @@
+deb http://mirrors.bfsu.edu.cn/debian/ bookworm main contrib non-free non-free-firmware
+deb http://mirrors.bfsu.edu.cn/debian/ bookworm-updates main contrib non-free non-free-firmware
+deb http://mirrors.bfsu.edu.cn/debian/ bookworm-backports main contrib non-free non-free-firmware
+deb http://mirrors.bfsu.edu.cn/debian-security bookworm-security main contrib non-free non-free-firmware
diff --git a/_files/sudo_1.9.5p2-1_amd64.deb b/_files/sudo_1.9.5p2-1_amd64.deb
new file mode 100644
index 0000000..9d26289
Binary files /dev/null and b/_files/sudo_1.9.5p2-1_amd64.deb differ
diff --git a/docker-compose.yaml b/docker-compose.yaml
new file mode 100644
index 0000000..e69de29