A google/nsjail and Docker-based automated vulnerable binary isolation tool for CTFs and Cybersecurity Training; Set up an isolated environment for your next vulnerable binary in minutes!
- Who is this for?
- How to Build
- How to use
- Why PwnJail?
- Credits
- License
Anyone who wants to set up an isolated environment for their next vulnerable code deployment in minutes!
Example:
- Cybersecurity Students
- CTF Organisers
- Vulnerability Testers
- Clone this repo by
git clone https://github.com/Saket-Upadhyay/PwnJail.git
- Copy your vulnerable application in the ./chal folder
- If you have a flag, copy it in ./flag/flag
- Change your current directory to PwnJail
cd PwnJail
- Build docker image by
./BuildDockerimage.sh
,./BuildDockerimage_Windows.ps1
ordocker compose build
in the root directory of PwnJail
Note: You should have a docker image named
pwnjail_launcher
; check this bydocker images
- Run
runPWNJail.sh
orrunPWNJail_Windows.ps1
and wait for the docker shell to open - In docker's shell run
/pwnjailexec.sh
orpwnjail --config /etc/pwnjail.cfg
- To exit press
CTRL+C
Note: To run in detached mode type
pwnjail --config /etc/pwnjail.cfg -d
When I was trying to learn ROP and other binary exploits, I stumbled upon many archived CTF challenges but I was not able to set up an environment for them. It took me 2 days to set up my first docker environment for practice. I understand how painful it can be to do it every time from scratch if something goes wrong or you are setting up a new set of challenges to practice on.
So I took one more day to automate the whole process which works well in 2022 (unlike some old scrap abominations I found on GitHub) so that you can focus on your practice/challenge and leave setting up everything else on PwnJail!
- This project uses Google's opensource NSJail https://github.com/google/nsjail
- The sample challenge in ./chal/return-to-what is taken from DownUnderCTF/Challenges_2020_public
- The main banner of this project is created in photoshop using following free vectors and fonts-
- Wire fence vector created by upklyak
- Octin Prison Free by Typodermic Fonts
- Jail vector created by starline
This project is made by Saket Upadhyay and is available under MIT License.
- Ubuntu 22.04 kernel 5.15.0; Docker version 20.10.17, build 100c701
- Windows 11 Education Version 21H2 OS build 22000.739; Docker version 20.10.16, build aa7e414
Note: NSJail is used in this project is a static build of nsjail 3.1, you can replace contents of ./bin/nsjail to build your prefered version.