Pwnbox is a Docker container with tools for binary reverse engineering and exploitation. It's primarily geared towards Capture The Flag competitions.
You can grab the container from Docker Hub: docker pull superkojiman/pwnbox
- You need to have
jqinstalled. See https://stedolan.github.io/jq/ for installation details. - Optional: Create a ./rc directory. Your custom configuration files in $HOME go here. Eg: .gdbinit, .radare2rc, .bashrc, .vimrc, etc. The contents of rc gets copied into /root on the container.
- Execute
run.shscript and pass it the name of the container. Eg:sudo ./run.sh my_ctf. This will create a volume for your container drop you into atmuxsession. - If you detach or quit the container, you can re-attach to it by using
sudo docker start my_ctf && ./my_ctf-attach.sh. - You can delete the volume and container using
sudo ./my_ctf-stop.sh.
- If you need to edit anything in /proc, you must edit
run.shto use the--privilegedoption todockerinstead of--security-opt seccomp:unconfined. - The container is designed to be isolated so no directories are mounted from the host. This allows you to have multiple containers hosting files from different CTFs.
•_•)
( •_•)>⌐■-■
(⌐■_■)