diff --git a/checker/src/checker.py b/checker/src/checker.py index 752f2e9..0d9cc6e 100644 --- a/checker/src/checker.py +++ b/checker/src/checker.py @@ -69,7 +69,7 @@ async def putflag0( except ConnectionClosedError: raise MumbleException("Connection was closed") except InvalidStatusCode: - raise MumbleException("Connection was closed") + raise MumbleException("Invalid status code") return username @@ -98,7 +98,7 @@ async def getflag0( except ConnectionClosedError: raise MumbleException("Connection was closed") except InvalidStatusCode: - raise MumbleException("Connection was closed") + raise MumbleException("Invalid status code") @checker.exploit(0) @@ -137,7 +137,7 @@ async def exploit0( except ConnectionClosedError: raise MumbleException("Connection was closed") except InvalidStatusCode: - raise MumbleException("Connection was closed") + raise MumbleException("Invalid status code") match = re.findall(r"FLAG\s*([A-Za-z0-9\+\=\/]+)\s*OK", response) if len(match) == 0: @@ -172,7 +172,7 @@ async def putnoise0( except ConnectionClosedError: raise MumbleException("Connection was closed") except InvalidStatusCode: - raise MumbleException("Connection was closed") + raise MumbleException("Invalid status code") await db.set("noise_id", i) @@ -207,7 +207,7 @@ async def getnoise0( except ConnectionClosedError: raise MumbleException("Connection was closed") except InvalidStatusCode: - raise MumbleException("Connection was closed") + raise MumbleException("Invalid status code") @checker.havoc(0) @@ -283,7 +283,7 @@ async def getflag1( except ConnectionClosedError: raise MumbleException("Connection was closed") except InvalidStatusCode: - raise MumbleException("Connection was closed") + raise MumbleException("Invalid Status Code") @checker.exploit(1) @@ -334,7 +334,7 @@ async def exploit1( except ConnectionClosedError: raise MumbleException("Connection was closed") except InvalidStatusCode: - raise MumbleException("Connection was closed") + raise MumbleException("Invalid status code") if __name__ == "__main__": diff --git a/service/Dockerfile.backend b/service/Dockerfile.backend index de24e81..cfc9d59 100644 --- a/service/Dockerfile.backend +++ b/service/Dockerfile.backend @@ -12,5 +12,5 @@ COPY ./image ./image EXPOSE 6969/tcp -ENTRYPOINT ["./backend/out/main", "-i", "./image", "-k", "/apikey/key.txt", "-f", "/devenvs", "-t", "/devenvs-tmp"] +ENTRYPOINT ["./backend/out/main", "-i", "./image"] diff --git a/service/backend/controller/devenv.go b/service/backend/controller/devenv.go index 7875ad3..b1d8565 100644 --- a/service/backend/controller/devenv.go +++ b/service/backend/controller/devenv.go @@ -3,6 +3,7 @@ package controller import ( "fmt" "io" + "log" "net/http" "os" "path/filepath" @@ -27,6 +28,18 @@ type DevenvController struct { } func NewDevenvController(docker *service.DockerService, devenvFilesPath string, devenvFilesTmpPath string) DevenvController { + + err := util.MakeDirIfNotExists(devenvFilesPath) + + if err != nil { + log.Fatal(err) + } + + err = util.MakeDirIfNotExists(devenvFilesTmpPath) + if err != nil { + log.Fatal(err) + } + return DevenvController{ Docker: docker, Upgrader: websocket.Upgrader{ diff --git a/service/backend/database/init.go b/service/backend/database/init.go index a1cb514..b835cf7 100644 --- a/service/backend/database/init.go +++ b/service/backend/database/init.go @@ -2,7 +2,6 @@ package database import ( "log" - "os" "replme/model" @@ -12,15 +11,9 @@ import ( var DB *gorm.DB -func Connect() { - sqlitePath := os.Getenv("REPL_SQLITE") - - if sqlitePath == "" { - log.Fatal("No Sqlitepath") - } - +func Connect(dbPath string) { var err error - DB, err = gorm.Open(sqlite.Open(sqlitePath), &gorm.Config{}) + DB, err = gorm.Open(sqlite.Open(dbPath), &gorm.Config{}) if err != nil { log.Fatal("Failed to connect to DB:", err) diff --git a/service/backend/main.go b/service/backend/main.go index 3428866..5d93c8e 100644 --- a/service/backend/main.go +++ b/service/backend/main.go @@ -11,27 +11,88 @@ import ( func main() { var imagePath string + var imageTag string + var dbPath string var apiKeyPath string - var devenvFiles string - var devenvFilesTmp string + var devenvsPath string + var devenvsTmpPath string + var containerLogsPath string - flag.StringVar(&imagePath, "i", "", "Image directory (required)") - flag.StringVar(&apiKeyPath, "k", "", "Apikey file (required)") - flag.StringVar(&devenvFiles, "f", "", "Devenv files (required)") - flag.StringVar(&devenvFilesTmp, "t", "", "Devenv files tmp (required)") + flag.StringVar(&imagePath, "i", "", "Image dir (required)") + flag.StringVar(&imagePath, "n", "", "Image tag (required), env: REPL_IMG_TAG") + flag.StringVar(&dbPath, "d", "", "Database file (required), env: REPL_SQLITE") + flag.StringVar(&apiKeyPath, "k", "", "Apikey file (required), env: REPL_API_KEY") + flag.StringVar(&devenvsPath, "f", "", "Devenv files dir (required), env: REPL_DEVENVS") + flag.StringVar(&devenvsTmpPath, "t", "", "Tmp devenv files dir (required), env: REPL_DEVENVS_TMP") + flag.StringVar(&containerLogsPath, "l", "", "Container logs dir (required), env: REPL_CONTAINER_LOGS") flag.Parse() - if imagePath == "" || apiKeyPath == "" { + if imagePath == "" { flag.Usage() os.Exit(1) } + if imageTag == "" { + imageTagEnv := os.Getenv("REPL_IMG_TAG") + if imageTagEnv == "" { + flag.Usage() + os.Exit(1) + } + imageTag = imageTagEnv + } + + if dbPath == "" { + dbPathEnv := os.Getenv("REPL_SQLITE") + if dbPathEnv == "" { + flag.Usage() + os.Exit(1) + } + dbPath = dbPathEnv + } + + if apiKeyPath == "" { + apiKeyPathEnv := os.Getenv("REPL_API_KEY") + if apiKeyPathEnv == "" { + flag.Usage() + os.Exit(1) + } + apiKeyPath = apiKeyPathEnv + } + + if devenvsPath == "" { + devenvsPathEnv := os.Getenv("REPL_DEVENVS") + if devenvsPathEnv == "" { + flag.Usage() + os.Exit(1) + } + devenvsPath = devenvsPathEnv + } + + if devenvsTmpPath == "" { + devenvsTmpPathEnv := os.Getenv("REPL_DEVENVS_TMP") + if devenvsTmpPathEnv == "" { + flag.Usage() + os.Exit(1) + } + devenvsTmpPath = devenvsTmpPathEnv + } + + // REPL_CONTAINER_LOGS + + if containerLogsPath == "" { + containerLogsPathTmp := os.Getenv("REPL_CONTAINER_LOGS") + if containerLogsPathTmp == "" { + flag.Usage() + os.Exit(1) + } + containerLogsPath = containerLogsPathTmp + } + apiKey := util.ApiKey(apiKeyPath) - imageTag := "ptwhy" - docker := service.Docker(apiKey) - docker.BuildImage(imagePath, imageTag) + docker := service.Docker(apiKey, imagePath, imageTag, containerLogsPath) + docker.BuildImage() - server.Init(&docker, devenvFiles, devenvFilesTmp) + server.Init(&docker, dbPath, devenvsPath, devenvsTmpPath) } diff --git a/service/backend/server/router.go b/service/backend/server/router.go index 9177799..33ee770 100644 --- a/service/backend/server/router.go +++ b/service/backend/server/router.go @@ -16,7 +16,7 @@ import ( "github.com/gin-gonic/gin" ) -func NewRouter(docker *service.DockerService, devenvFilesPath string, devenvFilesTmpPath string) *gin.Engine { +func NewRouter(docker *service.DockerService, dbPath string, devenvFilesPath string, devenvFilesTmpPath string) *gin.Engine { logLevel, exists := os.LookupEnv("REPL_LOG") if !exists { @@ -26,7 +26,7 @@ func NewRouter(docker *service.DockerService, devenvFilesPath string, devenvFile util.LoggerInit(logLevel) util.SLogger.Info("Connecting to DB ..") - database.Connect() + database.Connect(dbPath) util.SLogger.Info("Migrating DB ..") database.Migrate() diff --git a/service/backend/server/server.go b/service/backend/server/server.go index 97bfcbd..f5901aa 100644 --- a/service/backend/server/server.go +++ b/service/backend/server/server.go @@ -5,8 +5,8 @@ import ( "replme/util" ) -func Init(docker *service.DockerService, devenvFilesPath string, devenvFilesTmpPath string) { - engine := NewRouter(docker, devenvFilesPath, devenvFilesTmpPath) +func Init(docker *service.DockerService, dbPath string, devenvFilesPath string, devenvFilesTmpPath string) { + engine := NewRouter(docker, dbPath, devenvFilesPath, devenvFilesTmpPath) util.SLogger.Infof("Server is running on port 6969") engine.Run(":6969") } diff --git a/service/backend/service/cleanup.go b/service/backend/service/cleanup.go index 81b481a..db1a384 100644 --- a/service/backend/service/cleanup.go +++ b/service/backend/service/cleanup.go @@ -24,7 +24,7 @@ func Cleanup(docker *DockerService, replState *ReplStateService, devenvFilesPath } func (cleanup *CleanupService) DoCleanup() { - containers, err := cleanup.Docker.GetContainers("ptwhy") + containers, err := cleanup.Docker.GetContainers(cleanup.Docker.ImgTag) if err != nil { return diff --git a/service/backend/service/docker.go b/service/backend/service/docker.go index 1c409cc..aed14bb 100644 --- a/service/backend/service/docker.go +++ b/service/backend/service/docker.go @@ -10,6 +10,7 @@ import ( "net" "os" "path" + "path/filepath" "strings" "time" @@ -29,14 +30,17 @@ import ( ) type DockerService struct { - Context context.Context - Client *client.Client - HostIP string - ApiKey string - MutexMap util.MutexMap + Context context.Context + Client *client.Client + HostIP string + ImgPath string + ImgTag string + ApiKey string + ContainerLogsPath string + MutexMap util.MutexMap } -func Docker(apiKey string) DockerService { +func Docker(apiKey string, imgPath string, imgTag string, containerLogsPath string) DockerService { ctx := context.Background() opts := []client.Opt{ @@ -60,29 +64,38 @@ func Docker(apiKey string) DockerService { defer cli.Close() + err = util.MakeDirIfNotExists(containerLogsPath) + + if err != nil { + log.Fatal(err) + } + return DockerService{ - Context: ctx, - Client: cli, - HostIP: ip, - ApiKey: apiKey, - MutexMap: *util.MutexMapNew(), + Context: ctx, + Client: cli, + HostIP: ip, + ImgPath: imgPath, + ImgTag: imgTag, + ApiKey: apiKey, + ContainerLogsPath: containerLogsPath, + MutexMap: *util.MutexMapNew(), } } -func (docker *DockerService) BuildImage(imageDir string, tag string) { +func (docker *DockerService) BuildImage() { var buf bytes.Buffer tw := tar.NewWriter(&buf) defer tw.Close() ExcludePatterns := []string{} - exclude, err := os.ReadFile(path.Join(imageDir, ".dockerignore")) + exclude, err := os.ReadFile(path.Join(docker.ImgPath, ".dockerignore")) if err == nil { ExcludePatterns = strings.Split(string(exclude), "\n") } - tar, err := archive.TarWithOptions(imageDir, &archive.TarOptions{ + tar, err := archive.TarWithOptions(docker.ImgPath, &archive.TarOptions{ ExcludePatterns: ExcludePatterns, }) @@ -92,7 +105,7 @@ func (docker *DockerService) BuildImage(imageDir string, tag string) { opts := dockerTypes.ImageBuildOptions{ Dockerfile: "Dockerfile", - Tags: []string{tag}, + Tags: []string{docker.ImgTag}, Remove: true, // ForceRemove: true, // NoCache: true, @@ -200,9 +213,9 @@ func (docker *DockerService) CreateDevenvContainer( Target: mountPath, }, }, - LogConfig: container.LogConfig{ - Type: "none", - }, + // LogConfig: container.LogConfig{ + // Type: "none", + // }, }, nil, nil, @@ -306,6 +319,24 @@ func (docker *DockerService) KillContainerByName(name string) { } func (docker *DockerService) RemoveContainerById(id string) error { + + out, err := docker.Client.ContainerLogs(docker.Context, id, container.LogsOptions{ + ShowStdout: true, + ShowStderr: true, + Follow: false, + Timestamps: false, + }) + + if err == nil { + logFilePath := filepath.Join(docker.ContainerLogsPath, id) + logFile, err := os.Create(logFilePath) + if err == nil { + io.Copy(logFile, out) + logFile.Close() + } + out.Close() + } + return docker.Client.ContainerRemove(docker.Context, id, container.RemoveOptions{ RemoveVolumes: true, Force: true, @@ -363,7 +394,7 @@ func (docker *DockerService) EnsureReplContainerStarted( id = container.ID } else { response, err := docker.CreateReplContainer(types.RunContainerOptions{ - ImageTag: "ptwhy", + ImageTag: docker.ImgTag, ContainerName: name, Ports: nat.PortMap{ nat.Port("3000/tcp"): []nat.PortBinding{ @@ -411,7 +442,7 @@ func (docker *DockerService) EnsureDevenvContainerStarted( devenvPath, mountPath, types.RunContainerOptions{ - ImageTag: "ptwhy", + ImageTag: docker.ImgTag, ContainerName: uuid.NewString(), Ports: nat.PortMap{ nat.Port("3000/tcp"): []nat.PortBinding{ diff --git a/service/docker-compose.yml b/service/docker-compose.yml index f51c3cc..61a08d8 100644 --- a/service/docker-compose.yml +++ b/service/docker-compose.yml @@ -17,16 +17,19 @@ services: dockerfile: Dockerfile.backend volumes: - docker-cert:/cert - - api-key:/apikey - - devenvs:/devenvs - - devenvs-tmp:/devenvs-tmp - - db-data:/dbdata + - replme-data:/data + - devenvs-tmp:/devenvs environment: - DOCKER_CERT_PATH=/cert/client - DOCKER_TLS_VERIFY=true - GIN_MODE=release - REPL_LOG=debug - - REPL_SQLITE=/dbdata/replme.db + - REPL_IMG_TAG=ptwhy + - REPL_SQLITE=/data/replme.db + - REPL_API_KEY=/data/apikey + - REPL_DEVENVS=/data/devenvs + - REPL_DEVENVS_TMP=/devenvs + - REPL_CONTAINER_LOGS=/data/logs restart: "unless-stopped" dind: @@ -36,8 +39,8 @@ services: environment: - DOCKER_TLS_CERTDIR=/certs restart: "unless-stopped" - logging: - driver: none + # logging: + # driver: none ulimits: nproc: 79830 nofile: @@ -46,8 +49,8 @@ services: volumes: - docker-cert:/certs - docker-data:/var/lib/docker - - app-data:/app/data/ - - devenvs-tmp:/devenvs-tmp + - docker-app-data:/app/data/ + - devenvs-tmp:/devenvs nginx: container_name: replme-nginx @@ -63,11 +66,9 @@ services: volumes: + replme-data: + devenvs-tmp: docker-cert: docker-data: - app-data: - api-key: - devenvs: - devenvs-tmp: - db-data: + docker-app-data: