基于Cardinal搭建的AWD平台
仓库:https://github.com/vidar-team/Cardinal
仓库:https://github.com/glzjin/20190511_awd_docker
0x01-平台安装
下载
https://github.com/vidar-team/Cardinal/releases Cardinal_v0.7.3_linux_amd64.tar.gz
1
| tar -zxvf Cardinal_v0.7.3_linux_amd64.tar.gz
|
创建数据库cardinal
1 2 3
| service mysqld start mysql -u root -p CREATE DATABASE `cardinal` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
|
后台启动
访问
1
| xxx.xxx.xxx.xxx:19999/manager
|
0x02-靶机配置
https://github.com/glzjin/20190511_awd_docker
这里启动不了pwn靶机,只启动了2个队伍相同web4靶机
修改一下docker-compose.yaml
1 2 3 4 5 6 7 8 9 10 11 12
| version: "2" services: b4: build: ./b4 ports: - "18894:80" - "18895:22" b5: build: ./b4 ports: - "18896:80" - "18897:22"
|
更改以下dockerfile文件内容为下面的部分【远程ssh登录下发flag配置权限】
1 2 3
| RUN useradd -g group glzjin -m && \ password=$(openssl passwd -1 -salt 'abcdefg' '123456') && \ sed -i 's/^glzjin:!/glzjin:'$password'/g' /etc/shadow
|
1
| RUN echo "root:123456" | chpasswd
|
启动
0x03-平台配置题目
![image-20230531200631782](/../images/24%E5%9F%BA%E4%BA%8ECardinal%E6%90%AD%E5%BB%BA%E7%9A%84AWD%E5%B9%B3%E5%8F%B0/image-20230531200631782.png)
![image-20230531200457955](/../images/24%E5%9F%BA%E4%BA%8ECardinal%E6%90%AD%E5%BB%BA%E7%9A%84AWD%E5%B9%B3%E5%8F%B0/image-20230531200457955.png)
![image-20230531200526598](/../images/24%E5%9F%BA%E4%BA%8ECardinal%E6%90%AD%E5%BB%BA%E7%9A%84AWD%E5%B9%B3%E5%8F%B0/image-20230531200526598.png)
![image-20230531200547548](/../images/24%E5%9F%BA%E4%BA%8ECardinal%E6%90%AD%E5%BB%BA%E7%9A%84AWD%E5%B9%B3%E5%8F%B0/image-20230531200547548.png)
![image-20230531200709466](/../images/24%E5%9F%BA%E4%BA%8ECardinal%E6%90%AD%E5%BB%BA%E7%9A%84AWD%E5%B9%B3%E5%8F%B0/image-20230531200709466.png)
0x04-问题和解决方案
- 忘记了管理员密码,删库
- flag更新不了,ssh加root权限
- flag提交不正确,题目设置可见