# Wooly-Vault Managing Platform for Hacking challenges, written in Rust 🦀. Wooly-Vault is a small platform for hosting CTF-like hacking challenges. It is currently in the early stages of development. ## Configuration Each challenge requires some basic information to host: * secret - a string that if found signifies that the challenge was solved * addr - the network adress plus port the challenge should run on * verbosity - how verbose the logging should be * challenge - which challenge to host (there are a few) The secret cannot be inputted with a command line argument, because the arguments can often be seen in the process view. You may either specify a secret in the 'WOOLY_SECRET' environment variable or input it interactively on start. ## Challenges There are a number of challenges: 1. Connect by TCP 2. Connect by TCP and send a special u16 3. Connect by TCP, get sent dynamic math questions, solve them fast enough ## Solution Solutions for some challenges can be found in [solutions](./solutions/). Don't spoil the challenge for yourself. ## Hosting As this is a challenge meant for hackers, it is advisable not to run this on a system that should not be hacked. Some of the later challenges will possibly provide remote code execution through things like SQL-injection. For this reason, you should probably use some kind of VM, or at least a container to host this. ### Docker Wooly-Vault has a [Dockerfile](./Dockerfile) and a [docker compose specification](./docker-compose.yml), so you can run it easily in a docker container: ```bash WOOLY_SECRET=my_flag docker compose up ``` To configure what challenge is served and on what networking adress, tweak [docker-compose.yml](./docker-compose.yml). ### The regular way You can just `cargo run -r` it, or compile with `cargo build -r` and then execute the executable. ```bash $ WOOLY_SECRET=my_flag wooly-vault 3 127.0.0.1:1337 $ WOOLY_SECRET=my_flag cargo run -r -- 3 127.0.0.1:1337 ``` ## Naming Q: Why is Wooly-Vault wooly? A: I like sheeps. I'm literally PlexSheep.