Merge branch 'develop' into docs

.gitignore

@@ -12,3 +12,9 @@ vendor/*
 *.log
 docs/themes/*
 !docs/content/Katana
+teams/*
+teamcreds.txt
+lib/harbor/certs/*
+peer_configs/*
+work.txt
+

.gitmodules

@@ -1,3 +1,9 @@
 [submodule "docs/themes/hugo-geekdoc"]
 	path = docs/themes/hugo-geekdoc
 	url = https://github.com/thegeeklab/hugo-geekdoc.git
+[submodule "[email protected]:sdslabs/katana-services.git"]
+	branch = main
+[submodule "katana-services"]
+	path = katana-services
+	url = [email protected]:sdslabs/katana-services.git
+

.vscode/extensions.json

@@ -0,0 +1,5 @@
+{
+    "recommendations": [
+        "foxundermoon.shell-format"
+    ]
+}

Makefile

@@ -8,9 +8,7 @@ GOBIN := $(PROJECTROOT)/bin
 UTILDIR := $(PROJECTROOT)/scripts/utils
 SPINNER := $(UTILDIR)/spinner.sh
 BUILDIR := $(PROJECTROOT)/scripts/build
-CONTROLLER_MANIFEST:= $(PROJECTROOT)/manifests/dev/expose-controller.yml
-HELM_MANIFEST:= $(PROJECTROOT)/manifests/templates/helm-values.yml
-OPENVPN_MANIFEST:= $(PROJECTROOT)/manifests/templates/helm-values.yml
+MANIFEST:= $(PROJECTROOT)/kubernetes/manifests
 
 KEY_NAME := team
 
@@ -22,8 +20,6 @@ SERVICE_NAME_COMMAND =$(shell kubectl get svc --namespace $(OPENVPN_NAMESPACE) -
 SERVICE_IP_COMMAND=$(shell kubectl get svc --namespace $(OPENVPN_NAMESPACE) -l "app=openvpn,release=openvpn" -o jsonpath='{.items[0].status.loadBalancer.ingress[0].ip}')
 # CHALLENGE_DEPLOYER_IP :=  $(shell minikube service nginx-ingress-controller --url -n kube-system)
 
-CREATEBIN := $(shell [ ! -d ./bin ] && mkdir bin)
-
 # Make is verbose in Linux. Make it silent.
 MAKEFLAGS += --silent
 
@@ -40,7 +36,7 @@ build-cli:
 ## Lint the code
 install-golint:
 	@printf "🔨 Installing golint\n" 
-	@./scripts/install_golint.sh
+	@./scripts/install-golint.sh
 	@printf "👍 Done\n"
 
 ## Format the code
@@ -52,7 +48,7 @@ fmt:
 ## Check codebase for style mistakes
 lint: install-golint
 	@printf "🔨 Linting\n"
-	@golint ./...
+	@golangci-lint run
 	@printf "👍 Done\n"
 
 ## Clean build files
@@ -83,17 +79,23 @@ gen-certificates:
 	kubectl --namespace $(OPENVPN_NAMESPACE) exec -it $(POD_NAME) cat "/etc/openvpn/certs/pki/$(KEY_NAME)-$$n.ovpn" > $(KEY_NAME)-$$n.ovpn; \
 	done
 
-gen-vpn: set-env
-	helm install openvpn -f $(HELM_MANIFEST) stable/openvpn --namespace openvpn
-	minikube tunnel
-
-set-env:
+set-env: build
 	minikube start --driver=docker && \
 	minikube addons enable ingress  && \
-	kubectl apply -f $(CONTROLLER_MANIFEST) && \
-	sudo -- sh -c "echo \"$(minikube service nginx-ingress-controller --url -n kube-system | awk '{print substr($0,8)}' | awk '{print substr($0, 1, length($0)-6)}' | head -1)    challengedeployer.katana.local\" >> /etc/hosts" &&\
-	go build && \
-	./katana 
+	kubectl apply -f $(MANIFEST) && \
+	cp config.sample.toml config.toml && \
+	./bin/katana run
+
+set-env-prod: build
+	kubectl apply -f $(MANIFEST) && \
+	cp config.sample.toml config.toml && \
+	sudo ./bin/katana run
+
+build:
+	cd cmd && go build -o ../bin/katana
+
+run : build
+	sudo ./bin/katana run
 
 setup-docs:
 	git submodule update --init --recursive
@@ -112,5 +114,5 @@ help:
 	@echo "prepare-for-pr 	- Prepare the code for PR after fmt, lint and checking uncommitted files"
 	@echo "lint    			- Lint code using golangci-lint"
 	@echo "set-env" 		- Setup Katana environment  
-	@echo "gen-vpn"         - Generate VPN configurations
+	@echo "build"         	- Build katana binary
 

README.md

@@ -1,2 +1,9 @@
 # katana
 An advanced yet simple attack/defence CTF infrastructure in Go
+
+## Setup
+- To start, you must have the following installed:
+  - Go 1.18+
+  - Minikube & kubectl
+- Run `make set-env` to setup the environment
+- To start katana, run `./bin/katana run`

challenges-sample/knock/challenge-checker/Dockerfile

@@ -0,0 +1,11 @@
+FROM ubuntu:20.04
+
+RUN apt-get update
+RUN apt-get install -y python3 python3-pip curl
+
+WORKDIR /opt/kissaki/
+COPY . .
+
+RUN pip3 install -r requirements.txt
+
+CMD ["/bin/bash", "-c", "python3 /opt/kissaki/app.py" ]

challenges-sample/knock/challenge-checker/app.py

@@ -0,0 +1,94 @@
+import requests
+import time
+from flask import Flask, jsonify
+import os
+from kubernetes import client, config
+import logging
+
+# app = Flask(__name__)
+
+# Set up logging
+logging.basicConfig(level=logging.INFO)
+
+try:
+    config.load_incluster_config()
+except config.config_exception.ConfigException:
+    try:
+        config.load_kube_config()
+    except config.config_exception.ConfigException:
+        raise
+
+v1 = client.CoreV1Api()
+service = v1.read_namespaced_service(name="kissaki-svc", namespace="katana")
+cluster_ip = service.spec.cluster_ip
+ports = service.spec.ports
+port = ports[0].port
+
+
+# @app.route("/")
+def hello():
+    return "Hello, world!"
+
+
+# @app.route("/test")
+def test_challenge_checker():
+    res = (
+        "making request to "
+        + "http://"
+        + str(cluster_ip)
+        + ":"
+        + str(port)
+        + "/register "
+    )
+    return res
+
+
+# @app.route("/register")
+def register_challenge_checker():
+    logging.info(
+        "making request to "
+        + "http://"
+        + str(cluster_ip)
+        + ":"
+        + str(port)
+        + "/register "
+    )
+
+    # Register with kissaki
+    checker_info = {
+        "name": "knock-challenge-checker",
+        "challenge": "knock",
+    }  # Example info
+
+    response = requests.post(
+        "http://" + str(cluster_ip) + ":" + str(port) + "/register",
+        json=checker_info,
+    )
+    message = response.json().get("message")
+
+    logging.info(f"Received message from kissaki: {message}")
+
+    return "challenge_checker registered in kissaki"
+
+
+# @app.route("/check")
+def check_challenge():
+    for i in range(10):
+        # TODO: Implement challenge checking logic
+        challenge_status = {"status": "OK"}  # Example status
+
+        # Send status to kissaki service
+        response = requests.post(
+            "http://" + str(cluster_ip) + ":" + str(port) + "/status",
+            json=challenge_status,
+        )
+        message = response.json().get("message")
+        logging.info(f"Received message from kissaki: {message}")
+
+        time.sleep(10)  # Check every 10 seconds
+
+    return jsonify(challenge_status)
+
+
+# if __name__ == "__main__":
+#     app.run(host="0.0.0.0", port=8080)

challenges-sample/knock/challenge-checker/challenge-checker.txt

@@ -0,0 +1 @@
+challenge checker

challenges-sample/knock/challenge-checker/requirements.txt

@@ -0,0 +1,3 @@
+kubernetes
+flask
+requests

challenges-sample/knock/challenge-checker/scheduler.txt

@@ -0,0 +1 @@
+contains informations about schedules

challenges-sample/knock/challenge/Dockerfile

@@ -0,0 +1,15 @@
+FROM node:17.4.0-buster-slim
+
+RUN mkdir -p /app
+
+WORKDIR /app
+
+COPY package.json .
+
+RUN yarn
+
+COPY . .
+
+USER node
+
+CMD ["node", "index.js"]

challenges-sample/knock/challenge/challenge.yaml

@@ -0,0 +1,26 @@
+name: knock-knock
+author: BrownieInMotion
+description: |-
+  Knock knock? Who's there? Another pastebin!!
+
+  ${link_main_0}
+
+flag: dice{1_d00r_y0u_d00r_w3_a11_d00r_f0r_1_d00r}
+
+provide:
+  - ./index.js
+  - ./Dockerfile
+
+containers:
+  main:
+    build: .
+    ports:
+      - 3000
+    environment:
+      FLAG: "dice{1_d00r_y0u_d00r_w3_a11_d00r_f0r_1_d00r}"
+
+expose:
+  main:
+    - target: 3000
+      http: knock-knock
+      healthContent: Create Paste