Create "beautiful" version of RFI challenge

2025-01-31 15:55:35 +01:00 · 2025-01-31 15:55:35 +01:00 · 4bb232c3ce
commit 4bb232c3ce
parent fd6123e72c
9 changed files with 95 additions and 0 deletions
--- a/beautiful_vuln_rfi/Dockerfile
+++ b/beautiful_vuln_rfi/Dockerfile
@ -0,0 +1,3 @@
 FROM php:8-apache-bullseye
 COPY src /var/www/html
 EXPOSE 80
--- a/beautiful_vuln_rfi/README.md
+++ b/beautiful_vuln_rfi/README.md
@ -0,0 +1,8 @@
 # Unsafe gallery challenge
 You need to set the `FLAG` environment variable for this challenge to work!
 ## Run the image
 ```bash
 docker run --rm --name unsafe_login --env FLAG='FLAG{UNSAFE_RFI}' -p 3578:80 -it pierre42100/gns3-appliance-beautiful-vuln-rfi
 ```
--- a/beautiful_vuln_rfi/build.sh
+++ b/beautiful_vuln_rfi/build.sh
@ -0,0 +1,2 @@
 #!/bin/sh
 sudo docker build -t pierre42100/gns3-appliance-beautiful-vuln-rfi .
--- a/beautiful_vuln_rfi/src/about.txt
+++ b/beautiful_vuln_rfi/src/about.txt
@ -0,0 +1 @@
 I am an old and accustomed developer who wrote too much source code in his life...
--- a/beautiful_vuln_rfi/src/bootstrap.bundle.min.js
+++ b/beautiful_vuln_rfi/src/bootstrap.bundle.min.js
--- a/beautiful_vuln_rfi/src/bootstrap.min.css
+++ b/beautiful_vuln_rfi/src/bootstrap.min.css
--- a/beautiful_vuln_rfi/src/home.txt
+++ b/beautiful_vuln_rfi/src/home.txt
@ -0,0 +1,3 @@
 Welcome to this strong and almost secure website!
 Please use the menu below to access the different parts of the application...
--- a/beautiful_vuln_rfi/src/index.php
+++ b/beautiful_vuln_rfi/src/index.php
@ -0,0 +1,58 @@
 <?php
 /**
 * My home page
 */
 $page = "home.txt";
 if (isset($_GET["page"]))
    $page = $_GET["page"];
 ?>
 <!DOCTYPE html>
 <html lang="en">
 <head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title><?= $page ?> - Beautiful RFI</title>
    <link rel="stylesheet" href="/bootstrap.min.css">
 </head>
 <body>
    <nav class="navbar navbar-expand-lg bg-dark" data-bs-theme="dark">
        <div class="container-fluid">
            <a class="navbar-brand" href="/">Beautiful VULN RFI</a>
            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarColor02"
                aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation">
                <span class="navbar-toggler-icon"></span>
            </button>
            <div class="collapse navbar-collapse" id="navbarColor02">
                <ul class="navbar-nav me-auto">
                    <li class="nav-item">
                        <a class="nav-link <?= $page === "home.txt" ? "active" : "" ?>" href="/?page=home.txt">Home</a>
                    </li>
                    <li class="nav-item">
                        <a class="nav-link <?= $page === "about.txt" ? "active" : "" ?>" href="/?page=about.txt">About</a>
                    </li>
                    <li class="nav-item">
                        <a class="nav-link <?= $page === "privacy.txt" ? "active" : "" ?>" href="/?page=privacy.txt">Privacy</a>
                    </li>
                </ul>
            </div>
        </div>
    </nav>
    <h1 class="display-4 fw-normal text-body-emphasis" style="color: white !important; text-align: center;">
        <?= str_replace(".txt", "", $page) ?>
    </h1>
    <pre style="max-width: 700px; margin: auto;">
 <?php echo file_get_contents($page); ?>
    </pre>
    <script src="/bootstrap.bundle.min.js"></script>
 </body>
 </html>
--- a/beautiful_vuln_rfi/src/privacy.txt
+++ b/beautiful_vuln_rfi/src/privacy.txt
@ -0,0 +1 @@
 Privacy policy: TODO
		`@ -0,0 +1,2 @@`
							`#!/bin/sh`
							`sudo docker build -t pierre42100/gns3-appliance-beautiful-vuln-rfi .`
		`@ -0,0 +1 @@`
							`I am an old and accustomed developer who wrote too much source code in his life...`
		`@ -0,0 +1,3 @@`
							`Welcome to this strong and almost secure website!`

							`Please use the menu below to access the different parts of the application...`