Update README.md

Containerfile

@@ -0,0 +1,29 @@
+# Adapted from https://github.com/deadbeefmonster/docker-binaryexploitation
+# Bootstrapped from bitnami/minideb
+# Maintained for software security tasks at university
+
+FROM bitnami/minideb:latest
+ENV LC_CTYPE C.UTF-8
+ENV DEBIAN_FRONTEND=noninteractive
+
+# Copy custom configuration files
+COPY dot_rizinrc /root/.rizinrc
+
+# Install dependencies and tools, including Neovim
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    build-essential jq strace ltrace curl wget rubygems gcc dnsutils \
+    netcat-traditional gcc-multilib net-tools neovim gdb gdb-multiarch \
+    python3-full python3-pip python3-dev libssl-dev libffi-dev wget git make \
+    procps libpcre3-dev libdb-dev libxt-dev libxaw7-dev tmux && \
+    pip3 install --break-system-packages capstone requests pwntools r2pipe keystone-engine \
+    unicorn ropper meson ninja && \
+    mkdir /tools && \
+    cd /tools && git clone https://github.com/JonathanSalwan/ROPgadget && \
+    cd /tools && git clone https://github.com/niklasb/libc-database && \
+    cd /tools && git clone https://github.com/hugsy/gef && \
+    wget -O /root/.gdbinit-gef.py -q https://raw.githubusercontent.com/hugsy/gef/main/gef.py && \
+    echo source /root/.gdbinit-gef.py >> /root/.gdbinit && \
+    cd /tools && git clone --recurse-submodules https://github.com/rizinorg/rizin && \
+    cd rizin && meson build && ninja -C build && ninja -C build install && \
+    apt-get clean && rm -rf /var/lib/apt/lists/*
+

Dockerfile

@@ -1,26 +0,0 @@
-# Bootstrapped from https://github.com/LiveOverflow/pwn_docker_example/blob/master/ctf/Dockerfile
-# Thanks, LiveOverflow!
-###
-
-
-# Build the docker container -> build.sh
-# Run the docker container -> run.sh
-# Get a shell in the container -> shell.sh
-
-FROM ubuntu:23.04
-ENV LC_CTYPE C.UTF-8
-ENV DEBIAN_FRONTEND=noninteractive
-COPY dot_rizinrc /root/.rizinrc
-RUN apt-get update && \
-apt-get install -y build-essential jq strace ltrace curl wget rubygems gcc dnsutils netcat-traditional gcc-multilib net-tools \
-  vim gdb gdb-multiarch python3-full python3-pip python3-dev libssl-dev libffi-dev wget git make procps \
-  libpcre3-dev libdb-dev libxt-dev libxaw7-dev emacs-nox tmux && \
-pip3 install --break-system-packages capstone requests pwntools r2pipe keystone-engine unicorn ropper meson ninja && \
-mkdir /tools && \
-cd /tools && git clone https://github.com/JonathanSalwan/ROPgadget && \
-cd /tools && git clone https://github.com/niklasb/libc-database && \
-cd /tools && git clone https://github.com/hugsy/gef && \
-wget -O /root/.gdbinit-gef.py -q https://raw.githubusercontent.com/hugsy/gef/main/gef.py && \
-echo source /root/.gdbinit-gef.py >> /root/.gdbinit && \ 
-cd /tools && git clone --recurse-submodules https://github.com/rizinorg/rizin && \
-cd rizin && meson build && ninja -C build && ninja -C build install

README.md

@@ -1,10 +1,10 @@
-# docker-binaryexploitation
+# podman-binexp
-Create a docker container that is purpose-built for binary exploitation using Linux CLI tooling. It is a repeatable build process and I don't need to provision a virtual machine to have all this. It ticks off Docker purists too, which is an added bonus. 
+Create a docker podman that is purpose-built for binary exploitation using Linux CLI tooling. It is a repeatable build process and I don't need to provision a virtual machine to have all this. It ticks off Docker purists too, which is an added bonus. 
 
 
 ## Packages / Features
-- Ubuntu 23.04
+- bitnami/minideb
-- emacs-nox, vim, jq, strace, ltrace
+- neovim, jq, strace, ltrace
 - rizin with a .rizinrc
 - gdb + gef
 - libc database
@@ -15,10 +15,22 @@ Create a docker container that is purpose-built for binary exploitation using Li
 
 ## Usage
 Build the docker container: `./build.sh`
+To build and push to the registry: `PUSH=true ./build.sh`
 
 Run the docker container: `./run.sh`
 
 Get a shell in the container: `./shell.sh`
 
+### Push to registry
+Adapt the script `push.sh` to a registry you're logged into and can push to.
+Then, to push to with tag "latest":
+```base
+./push.sh
+```
+or, you can add any tag you like
+```bash
+./push 2025-pwn-time
+```
+
 ## Thanks
-Thanks to @LiveOverflow for the video and idea. You rock!
+Thanks to https://github.com/deadbeefmonster/docker-binaryexploitation. Your docker repository helped a lot! 

build.sh

@@ -1,2 +1,40 @@
 #!/bin/sh
-docker build -t docker-binaryexploitation:ubuntu23.04 .
+
+# Static configuration
+REGISTRY="gitea.slebba.net"
+REPO="seb/podman-binexp-img"
+TAG=$(date -u +%Y-%m-%d-%H%M)
+PUSH=true # Set to 'true' to push the image after build
+
+IMAGE="$REGISTRY/$REPO:$TAG"
+LATEST_IMAGE="$REGISTRY/$REPO:latest"
+echo "Building image: $IMAGE"
+
+# Ensure Containerfile exists
+if [ ! -f Containerfile ]; then
+  echo "Error: Containerfile not found!" >&2
+  exit 1
+fi
+
+# Build the image
+if podman build -t "$IMAGE" -f Containerfile .; then
+  echo "Build successful: $IMAGE"
+
+  # Tag the image as latest
+  podman tag "$IMAGE" "$LATEST_IMAGE"
+  echo "Tagged $IMAGE as $LATEST_IMAGE"
+
+  # Push the image if PUSH is enabled
+  if [ "$PUSH" = "true" ]; then
+    echo "Pushing image: $IMAGE and $LATEST_IMAGE"
+    if podman push "$IMAGE" && podman push "$LATEST_IMAGE"; then
+      echo "Images pushed successfully: $IMAGE, $LATEST_IMAGE"
+    else
+      echo "Failed to push images!" >&2
+      exit 1
+    fi
+  fi
+else
+  echo "Build failed!" >&2
+  exit 1
+fi

push.sh

@@ -0,0 +1,24 @@
+#!/bin/sh
+
+# Static configuration
+REGISTRY="gitea.slebba.net"
+REPO="seb/podman-binexp-img"
+TAG=${1:-latest} # Default to 'latest' if no tag is provided
+
+IMAGE="$REGISTRY/$REPO:$TAG"
+
+echo "Pushing image: $IMAGE"
+
+# Check if the image exists locally
+if ! podman images | grep -q "$IMAGE"; then
+  echo "Error: Image '$IMAGE' not found locally!" >&2
+  exit 1
+fi
+
+# Push the image to the registry
+if podman push "$IMAGE"; then
+  echo "Image pushed successfully: $IMAGE"
+else
+  echo "Failed to push image: $IMAGE" >&2
+  exit 1
+fi

run.sh

@@ -1,2 +1,20 @@
 #!/bin/sh
-docker run --rm -v "$(pwd)/host:/host" -v "$(pwd)/logs:/logs" --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -d --name docker-binaryexploitation -i docker-binaryexploitation:ubuntu23.04
+
+# Static configuration
+IMAGE="gitea.slebba.net/seb/podman-binexp-img:latest" # Adjust to the desired image tag
+CONTAINER_NAME="pwner"
+HOST_DIR="$(pwd)/host"
+LOGS_DIR="$(pwd)/logs"
+
+# Ensure host and logs directories exist
+mkdir -p "$HOST_DIR" "$LOGS_DIR"
+
+# Run the container
+podman run --rm \
+  -v "$HOST_DIR:/host:z" \
+  -v "$LOGS_DIR:/logs:z" \
+  --cap-add=SYS_PTRACE \
+  --security-opt seccomp=unconfined \
+  -d \
+  --name "$CONTAINER_NAME" \
+  -i "$IMAGE"

shell.sh

@@ -1,2 +1,15 @@
 #!/bin/sh
-docker exec -it docker-binaryexploitation /bin/bash
+
+# Name of the running container
+CONTAINER_NAME="pwner"
+
+# Check if the container is running
+if podman ps --filter "name=$CONTAINER_NAME" --format "{{.Names}}" | grep -q "^$CONTAINER_NAME$"; then
+  # Attach interactively to the container
+  podman exec -it "$CONTAINER_NAME" /bin/bash
+else
+  echo "Error: Container '$CONTAINER_NAME' is not running." >&2
+  echo "You can start the container with ./run.sh"
+
+  exit 1
+fi