Create "beautiful" version of RFI challenge

2025-01-31 15:55:35 +01:00 · 2025-01-31 15:55:35 +01:00 · 4bb232c3ce
commit 4bb232c3ce
parent fd6123e72c
9 changed files with 95 additions and 0 deletions
--- a/beautiful_vuln_rfi/Dockerfile
+++ b/beautiful_vuln_rfi/Dockerfile
@ -0,0 +1,3 @@
+FROM php:8-apache-bullseye
+COPY src /var/www/html
+EXPOSE 80
--- a/beautiful_vuln_rfi/README.md
+++ b/beautiful_vuln_rfi/README.md
@ -0,0 +1,8 @@
+# Unsafe gallery challenge
+You need to set the `FLAG` environment variable for this challenge to work!
+
+
+## Run the image
+```bash
+docker run --rm --name unsafe_login --env FLAG='FLAG{UNSAFE_RFI}' -p 3578:80 -it pierre42100/gns3-appliance-beautiful-vuln-rfi
+```
--- a/beautiful_vuln_rfi/build.sh
+++ b/beautiful_vuln_rfi/build.sh
@ -0,0 +1,2 @@
+#!/bin/sh
+sudo docker build -t pierre42100/gns3-appliance-beautiful-vuln-rfi .
--- a/beautiful_vuln_rfi/src/about.txt
+++ b/beautiful_vuln_rfi/src/about.txt
@ -0,0 +1 @@
+I am an old and accustomed developer who wrote too much source code in his life...
--- a/beautiful_vuln_rfi/src/bootstrap.bundle.min.js
+++ b/beautiful_vuln_rfi/src/bootstrap.bundle.min.js
--- a/beautiful_vuln_rfi/src/bootstrap.min.css
+++ b/beautiful_vuln_rfi/src/bootstrap.min.css
--- a/beautiful_vuln_rfi/src/home.txt
+++ b/beautiful_vuln_rfi/src/home.txt
@ -0,0 +1,3 @@
+Welcome to this strong and almost secure website!
+
+Please use the menu below to access the different parts of the application...
--- a/beautiful_vuln_rfi/src/index.php
+++ b/beautiful_vuln_rfi/src/index.php
@ -0,0 +1,58 @@
+<?php
+/**
+ * My home page
+ */
+
+$page = "home.txt";
+
+if (isset($_GET["page"]))
+    $page = $_GET["page"];
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title><?= $page ?> - Beautiful RFI</title>
+    <link rel="stylesheet" href="/bootstrap.min.css">
+</head>
+
+<body>
+    <nav class="navbar navbar-expand-lg bg-dark" data-bs-theme="dark">
+        <div class="container-fluid">
+            <a class="navbar-brand" href="/">Beautiful VULN RFI</a>
+            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarColor02"
+                aria-controls="navbarColor02" aria-expanded="false" aria-label="Toggle navigation">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+            <div class="collapse navbar-collapse" id="navbarColor02">
+                <ul class="navbar-nav me-auto">
+                    <li class="nav-item">
+                        <a class="nav-link <?= $page === "home.txt" ? "active" : "" ?>" href="/?page=home.txt">Home</a>
+                    </li>
+                    <li class="nav-item">
+                        <a class="nav-link <?= $page === "about.txt" ? "active" : "" ?>" href="/?page=about.txt">About</a>
+                    </li>
+                    <li class="nav-item">
+                        <a class="nav-link <?= $page === "privacy.txt" ? "active" : "" ?>" href="/?page=privacy.txt">Privacy</a>
+                    </li>
+                </ul>
+            </div>
+        </div>
+    </nav>
+
+    <h1 class="display-4 fw-normal text-body-emphasis" style="color: white !important; text-align: center;">
+        <?= str_replace(".txt", "", $page) ?>
+    </h1>
+
+    <pre style="max-width: 700px; margin: auto;">
+<?php echo file_get_contents($page); ?>
+    </pre>
+
+    <script src="/bootstrap.bundle.min.js"></script>
+</body>
+
+</html>
--- a/beautiful_vuln_rfi/src/privacy.txt
+++ b/beautiful_vuln_rfi/src/privacy.txt
@ -0,0 +1 @@
+Privacy policy: TODO
				`@ -0,0 +1 @@`
				`I am an old and accustomed developer who wrote too much source code in his life...`