导语:首先,我们将利用vagrant软件来规范学习环境,这样,读者就可以在一致的环境中学习后续课程了。虽然Vagrantfile规定了需要安装的软件,但是,读者不妨仔细阅读一下本文档,以更好地了解搭建测试环境的具体步骤。
首先,我们将利用vagrant软件来规范学习环境,这样,读者就可以在一致的环境中学习后续课程了。虽然Vagrantfile规定了需要安装的软件,但是,读者不妨仔细阅读一下本文档,以更好地了解搭建测试环境的具体步骤。
必须安装的软件
首先,我们需要安装的是vagrant和virtualbox,两者的下载地址分别是https://www.vagrantup.com/downloads.html和https://www.virtualbox.org/wiki/Downloads。
接下来,将存储库克隆到我们的主机上。如果我们在学习课程的过程中遇到了麻烦,想把系统恢复到原来的存储库状态,只要删除整个目录,并重新执行这个步骤即可。
[email protected]:~$ git clone https://github.com/nnamon/linux-exploitation-course.git Cloning into 'linux-exploitation-course'... remote: Counting objects: 19, done. remote: Compressing objects: 100% (14/14), done. remote: Total 19 (delta 2), reused 15 (delta 1), pack-reused 0 Unpacking objects: 100% (19/19), done. Checking connectivity... done. [email protected]:~$
现在,让我们来运行vagrant。
[email protected]:~/sproink/linux-exploitation-course$ vagrant up Bringing machine 'default' up with 'virtualbox' provider... ==> default: Importing base box 'ubuntu/xenial64'... ==> default: Matching MAC address for NAT networking... ==> default: Checking if box 'ubuntu/xenial64' is up to date... ==> default: Setting the name of the VM: linux-exploitation-course_default_1483872823092_95278 ==> default: Clearing any previously set network interfaces... ==> default: Preparing network interfaces based on configuration... default: Adapter 1: nat ==> default: Forwarding ports... default: 22 (guest) => 2222 (host) (adapter 1) ==> default: Running 'pre-boot' VM customizations... ==> default: Booting VM... ==> default: Waiting for machine to boot. This may take a few minutes... default: SSH address: 127.0.0.1:2222 default: SSH username: ubuntu default: SSH auth method: password default: default: Inserting generated public key within guest... default: Removing insecure key from the guest if it's present... default: Key inserted! Disconnecting and reconnecting using new SSH key... ... snip ...
一旦配置完成,我们就可以通过ssh进入vagrant系统了。
[email protected]:~/linux-exploitation-course$ vagrant ssh Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-57-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Get cloud support with Ubuntu Advantage Cloud Guest: http://www.ubuntu.com/business/services/cloud 0 packages can be updated. 0 updates are security updates. [email protected]:~$ ls -la total 28 drwxr-xr-x 4 ubuntu ubuntu 4096 Jan 8 10:54 . drwxr-xr-x 3 root root 4096 Jan 8 10:54 .. -rw-r--r-- 1 ubuntu ubuntu 220 Aug 31 2015 .bash_logout -rw-r--r-- 1 ubuntu ubuntu 3771 Aug 31 2015 .bashrc drwx------ 2 ubuntu ubuntu 4096 Jan 8 10:54 .cache -rw-r--r-- 1 ubuntu ubuntu 655 Jun 24 2016 .profile drwx------ 2 ubuntu ubuntu 4096 Jan 8 10:54 .ssh -rw-r--r-- 1 ubuntu ubuntu 0 Jan 8 10:54 .sudo_as_admin_successful [email protected]:~$
我们前面克隆的repository目录将被安装在/vagrant下面,因此,我们可以从这里寻找自己喜欢的文本编辑器。
现在,我们需要启动Docker容器,以便进行后面的练习。为此,我们需要执行以下命令:
[email protected]:/vagrant$ ./builddocker.sh Building lessons/3_intro_to_tools/services/gdbreversing Sending build context to Docker daemon 16.38 kB Step 1 : FROM ubuntu:latest ---> 104bec311bcd ... snip ... Step 17 : CMD /usr/sbin/xinetd -d ---> Using cache ---> 257fc44d2439 Successfully built 257fc44d2439 [email protected]:/vagrant$ ./deploydocker.sh Stopping all docker containers. b70d9d49b7b9 ... snip ... 432be332c15e037a3b0c2bc7465db673e8777bce0b0fe823cfbc8161eeeaf066 [email protected]:/vagrant$
对于这些Docker容器来说,只需构建一次即可,之后就无需重新构建了,但是,如果重新启动了计算机的话,则需要重新部署Docker容器。
Windows用户
对于Windows用户来说,他们有两种选择:
· 启动一个包含Ubuntu 16.04的虚拟机并运行下面的配置脚本。然后,手动将本课程的存储库克隆到机器中。请注意,如果使用这种方式的话,这个课程的存储库的目录位置可能与后面课程代码中的相应存储库的位置有所不同。这主要取决于您选择的虚拟化软件。
· 为Windows安装Vagrant和Virtualbox。具体安装方法,请参考前面的相关说明,它们基本没有任何区别。
对于第二种选择来说,有一点需要注意,那就是安装的Windows版本可能没有提供SSH。这样的话,当您调用vagrant ssh时,就会收到如下消息:
D:linux-exploitation-course>vagrant ssh `ssh` executable not found in any directories in the %PATH% variable. Is an SSH client installed? Try installing Cygwin, MinGW or Git, all of which contain an SSH client. Or use your favorite SSH client with the following authentication information shown below: Host: 127.0.0.1 Port: 2222 Username: ubuntu Private key: D:/linux-exploitation-course/.vagrant/machines/default/virtualbox/private_key
在这种情况下,只需按照说明使用您选择的SSH客户端(例如Putty或SmarTTY)进入刚配置的系统即可。
安装了哪些软件?
下面是完整的配置脚本:
#!/bin/bash dpkg --add-architecture i386 cp /etc/apt/sources.list /etc/apt/sources.list.old sed -i -e 's/archive.ubuntu.com/mirror.0x.sg/g' /etc/apt/sources.list apt-get update apt-get install -y libc6:i386 libncurses5:i386 libstdc++6:i386 gdb python python-pip libssl-dev gcc git binutils socat apt-transport-https ca-certificates libc6-dev-i386 python-capstone libffi-dev pip install --upgrade pip pip install ropgadget pip install pwntools pip install ipython pip install ropper git clone https://github.com/longld/peda.git /home/ubuntu/peda echo "source ~/peda/peda.py" >> /home/ubuntu/.gdbinit git clone https://github.com/niklasb/libc-database.git /home/ubuntu/libc-database cd /home/ubuntu/libc-database /home/ubuntu/libc-database/add /lib/i386-linux-gnu/libc.so.6 /home/ubuntu/libc-database/add /lib/x86_64-linux-gnu/libc.so.6 apt-key adv --keyserver hkp://ha.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D echo "deb https://apt.dockerproject.org/repo ubuntu-xenial main" | tee /etc/apt/sources.list.d/docker.list apt-get update apt-get install -y linux-image-extra-$(uname -r) linux-image-extra-virtual apt-get install -y docker-engine groupadd docker usermod -aG docker ubuntu service docker start
如果你用vagrant来启动机器的话,上面脚本中列出的,就是已经安装好的软件。