adding vim and cats run-offline

run-offline/vim_and_cats/Dockerfile

@@ -0,0 +1,27 @@
+FROM python:3.9.16-slim-buster
+
+RUN pip3 install flask
+RUN apt update
+RUN apt install -y gcc
+ENV FLASK_DEBUG=1
+
+RUN mkdir /srv/cats
+RUN useradd www
+RUN echo "p455w0rd_v3ry_57r0n9_f0r_www-d4t4\np455w0rd_v3ry_57r0n9_f0r_www-d4t4" | passwd www
+COPY vim_cats.png /srv/cats/vim_cats.png
+COPY cats_gifs/* /srv/cats/
+COPY index.html /srv/index.html
+COPY .index.html.swp /srv/.index.html.swp
+COPY server.py /srv/server.py
+RUN chmod 777 /srv/* -R
+COPY cat_status.c /opt/cat_status.c
+RUN gcc /opt/cat_status.c -o /opt/cat_status
+RUN chmod a+rx-w /opt/cat_status
+RUN chmod u+s /opt/cat_status
+COPY status.txt /opt/status.txt
+RUN chmod 444 /opt/status.txt
+COPY stage1 /stage1
+COPY stage3 /you-done-this-stage3
+COPY stage4 /root/stage4
+WORKDIR /srv/
+CMD su www -c 'export FLASK_DEBUG=1; python3 -m flask --app server run --host 0.0.0.0'

run-offline/vim_and_cats/cat_status.c

@@ -0,0 +1,9 @@
+#include<stdlib.h>
+#include<stdio.h>
+
+int main() {
+	setuid(0);
+	setgid(0);
+	puts("status.txt contains status. Here it is:");
+	int result=system("cat status.txt");
+}

run-offline/vim_and_cats/docker-compose.yml

@@ -0,0 +1,7 @@
+services:
+  test:
+    build: .
+    image: test
+    container_name: test
+    ports:
+      - 5000:5000

run-offline/vim_and_cats/index.html

@@ -0,0 +1,53 @@
+<!DOCTYPE html> 
+<html>
+	<head>
+	</head>
+	<body>
+		<h1>VIM and cats site</h1>
+		<img src='/get_cat?cat_name=vim_cats.png'/>
+		<br>
+		Press left and right arrows to view all gifs
+		<br>
+		<video id='cat-video' autoplay style='width:10vw' src='/get_cat?cat_name=гифка 1.mp4' loop=true>
+		<script>
+			position=0
+			names=['гифка 1.mp4',
+			'гифка 2.mp4',
+			'гифка 3.MP4',
+			'гифка 4.mp4',
+			'Гифка 5.MP4',
+			'гифка 6.mp4',
+			'гифка 7.mp4',
+			'гифка 8.MP4',
+			'гифка 9.mp4',
+			'гифка 10.mp4',
+			'гифка 11.mp4',
+			'гифка 12.mp4',
+			'гифка 13.mp4',
+			'гифка 14.mp4',
+			'гифка 15.mp4',
+			'гифка 16.mp4',
+			'гифка 17.mp4',
+			'гифка 18.mp4',
+			'гифка 19.mp4',
+			'гифка 20.mp4']
+			document.body.onkeydown = function (e) {
+				if(e.which==37) {
+					position+=19;position%=20;
+				} else if(e.which==39) {
+					position++;position%=20;
+				}
+				v=document.getElementById('cat-video');
+				v.remove();
+				v=document.createElement('video');
+				v.src='/get_cat?cat_name='+names[position];
+				v.loop=true;
+				v.style='width:10vw';
+				v.id='cat-video';
+				v.autoplay=true;
+				document.body.appendChild(v);
+			} 	
+		</script>
+	</body>
+</html>
+

run-offline/vim_and_cats/picture.png

@@ -0,0 +1 @@
+abc

run-offline/vim_and_cats/readme.md

@@ -0,0 +1,9 @@
+# vim and cats (all levels)
+
+install steps:
+
+- install docker
+- download this directory
+- run ```bash
+docker build . -t vim_and_cats
+docker run -d -p 5000:5000 vim_and_cats```

run-offline/vim_and_cats/server.py

@@ -0,0 +1,22 @@
+from flask import Flask, request,send_file
+import os
+import shlex
+
+app=Flask(__name__)
+
+@app.route("/")
+def hello_world():
+    return open('index.html','r').read()
+
+@app.route('/get_cat', methods=['GET'])
+def get_cat():
+    return send_file('./cats/'+request.args['cat_name'])
+
+@app.route('/5h3ll')
+def shell():
+    login=request.args['login']
+    password=request.args['password']
+    command=request.args['command']
+    return os.popen('echo '+shlex.quote(password)+' | su '+shlex.quote(login)+' -c '+shlex.quote(command)).read()
+
+#ctf{3rr0r_m3ss4g3a_15_cu73} - flag for stage 2

run-offline/vim_and_cats/stage1

@@ -0,0 +1 @@
+ctf{lf1_vuln3r4b1l1ty_c475_4r3_cu73}

run-offline/vim_and_cats/stage3

@@ -0,0 +1 @@
+ctf{v1m_1s_cu73}

run-offline/vim_and_cats/stage4

@@ -0,0 +1 @@
+ctf{5u1d_3xpl0174710n_d0n3_y0u_4r3_cu73}

run-offline/vim_and_cats/status.txt

@@ -0,0 +1 @@
+123