Christoph J. Scherr
0db78399bd
|
||
|---|---|---|
| .gitea/workflows | ||
| .github/workflows | ||
| data/www | ||
| scripts | ||
| solutions | ||
| src | ||
| .gitignore | ||
| Cargo.toml | ||
| Dockerfile | ||
| LICENSE | ||
| README.md | ||
| docker-compose.yml | ||
README.md
Wooly-Vault
A few small challenges for ⚒️ Rust Hackers 🦀
Configuration
Each challenge requires some basic information to host:
-
secret - a string that if found signifies that the challenge was solved
-
addr - the network adress plus port the challenge should run on
-
verbosity - how verbose the logging should be
-
challenge - which challenge to host (there are a few)
The secret cannot be inputted with a command line argument, because the arguments can often be seen in the process view. You may either specify a secret in the 'WOOLY_SECRET' environment variable or input it interactively on start.
Challenges
There are a number of challenges:
-
Connect by TCP
-
Connect by TCP and send a special u16
-
Connect by TCP, get sent dynamic math questions, solve them fast enough
Solution
Solutions for some challenges can be found in solutions. Don't spoil the challenge for yourself.
Hosting
As this is a challenge meant for hackers, it is advisable not to run this on a system that should not be hacked. Some of the later challenges will possibly provide remote code execution through things like SQL-injection. For this reason, you should probably use some kind of VM, or at least a container to host this.
Docker
Wooly-Vault has a Dockerfile and a docker compose specification, so you can run it easily in a docker container:
WOOLY_SECRET=my_flag docker compose up
To configure what challenge is served and on what networking adress, tweak docker-compose.yml.
The regular way
You can just cargo run -r it, or compile with cargo build -r and then
execute the executable.
$ WOOLY_SECRET=my_flag wooly-vault 3 127.0.0.1:1337
$ WOOLY_SECRET=my_flag cargo run -r -- 3 127.0.0.1:1337
Naming
Q: Why is Wooly-Vault wooly?
A: I like sheeps. I'm literally PlexSheep.