-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathchallenge.yaml
55 lines (48 loc) · 1.32 KB
/
challenge.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
name: hashbrown
author: FizzBuzz101
description: |-
Who doesn't like hashbrowns? I like them so much that I wrote a driver named after them! But apparently programming is hard and I might have made a mistake...
Please note that the following measures are active (whether they are important to the exploit process is up to you):
```
CONFIG_SLAB_FREELIST_RANDOM=y
CONFIG_SLAB=y
CONFIG_FG_KASLR=y
```
SMAP, SMEP, and KPTI are enabled as well.
`{{nc}}`
Note: only one connection per IP is allowed, and there is a 10 minute wall-clock time limit from the moment you connect. Test locally!
provide:
- ./bzImage
- ./run.sh
- ./distributed/initramfs.cpio
- ./distributed/hashbrown_distributed.c
flag: dice{h@$hM@p_r3s1z1ng_r@c3_c0nd1t1on_w1tH_sm3p_sm@p_kPt1_&_fGK@sLR}
# FIXME: move host
#deployed: false
containers:
main:
build: .
ports:
- 5000
environment:
HASHCASH_BITS: '26'
securityContext:
readOnlyRootFilesystem: true
capabilities:
drop:
- all
add:
- chown
- setuid
- setgid
- sys_admin
- setpcap
seccompProfile: jail-qemu.json
k8s:
deployment:
annotations:
container.apparmor.security.beta.kubernetes.io/main: unconfined
expose:
main:
- target: 5000
tcp: 31691