Skip to content

Latest commit

 

History

History
75 lines (63 loc) · 2.32 KB

README.md

File metadata and controls

75 lines (63 loc) · 2.32 KB

PWNVM

This is an attempt to make it super easy to get set up with a VM you can use to play CTFs.

Installation

  1. Install a hypervisor. The following hypervisors are supported:
    • VirtualBox (default, recommended)
    • libvirt (requires vagrant-libvirt provider, which can be found here)
  2. Install Vagrant:
    • OSX: brew cask install vagrant
    • Linux: sudo apt-get install vagrant
  3. Clone this project and cd to clone dir.
  4. Build VM and provision:
    • If using VirtualBox: vagrant up
    • If using libvirt: vagrant up --provider=libvirt

Note

If you're on a Debian-based system and receive a "no usable providers" error, uninstall vagrant, download the .deb package from the official website and install it.

sudo apt-get remove vagrant

wget https://releases.hashicorp.com/vagrant/1.9.1/vagrant_1.9.1_x86_64.deb && sudo dpkg -i vagrant*

Usage

vagrant ssh

File sharing

By default the directory that contains the Vagrantfile is shared with the vm and is mounted at /vagrant, so you can move files between the host and guest by simply moving files to/from there.

Services

The VM exposes its IP on a private network on ip 10.10.10.10. That means that you can run whatever services you like on the VM and they will be accessible from the host through that IP.

Managing VMs

You should never have to open VirtualBox to manage the VMs. Everything can be done through vagrant, but must be done from the directory where the Vagrantfile lives.

  • See VMs: vagrant global-status
  • Reprovision: vagrant provision [<vm>]
  • SSH: vagrant ssh [<vm>]
  • Adopt changes to Vagrantfile: vagrant reload [<vm>]
  • Bring down VM: vagrant halt [<vm>]
  • Bring up VM: vagrant up [<vm>]
  • Scrap VM: vagrant destroy [<vm>]

32 bit VM

Although the 64-bit linux vm should be able to do whatever you need, you can also set up a 32 bit version. To do this, simply do vagrant up pwn32. The 64-bit (default) VM is named simply "pwn".

Tools Installed

  • python3-pip
  • screen
  • gdb, gdb-multiarch
  • unzip
  • build-essential
  • unrar
  • foremost
  • htop
  • QEMU with MIPS/ARM
  • 32 Bit Tools
  • ARM Binutils
  • Pwntools
  • pwndbg
  • radare2
  • binwalk
  • capstone
  • angr
  • oh-my-zsh
  • tmux
  • fzf
  • gdb-peda
  • gdb-pwndbg
  • gdb-gef
  • gdb-voltron
  • fixenv
  • AFL Fuzzer
  • z3
  • Zeratool