init

.gitignore

@@ -0,0 +1 @@
+./challenge/*

README.md

@@ -0,0 +1,73 @@
+## Exploit Lab — README
+
+Overview
+- Lightweight Docker Compose lab for binary analysis/exploitation built on Kali.
+- Provides common tools (gcc, gdb, pwntools, radare2, binwalk, strace, ltrace, etc.) in a non-privileged container with challenge files mounted read-only.
+
+Requirements
+- Docker Engine and Docker Compose (v2) installed.
+- Enough disk space for image build (several hundred MB+).
+- Optional: adjust UID/GID if your host user isn't 1000.
+
+Repository layout (example)
+- docker-compose.yml
+- kali/Dockerfile
+- challenge/         ← drop your challenge ZIP/files here (mounted read-only)
+- README.md
+
+Quick start
+1. Place challenge files in ./challenge
+2. Build and start the lab (background):
+   docker compose up --build -d
+3. Enter an interactive shell inside the running container:
+   docker compose exec exploit-lab /bin/bash
+   (or as mapped host user)
+   docker compose exec --user 1000:1000 exploit-lab /bin/bash
+4. Stop and remove containers:
+   docker compose down
+
+Notes about safety & file locations
+- Mounted challenge directory is read-only inside the container at /home/kali/challenge.
+- Writable workspace: the named volume /home/kali/work and /tmp inside the container.
+- The runtime image is non-privileged and has restricted capabilities (per docker-compose.yml), but it shares the host kernel — for maximal isolation use a disposable VM and document that in your report.
+
+Typical workflow inside container
+- Inspect files without executing:
+  file /home/kali/challenge/app
+  sha256sum /home/kali/challenge/*
+  strings /home/kali/challenge/app | less
+  ldd /home/kali/challenge/app
+- Create workspace and copy extracted files you need writable:
+  cp -r /home/kali/challenge /home/kali/work/challenge1
+- Run debugging/reversing tools from the venv-provided PATH (pwntools, etc.) — venv is at /opt/venv and is on PATH in the image.
+
+Rebuilding or updating tools
+- After editing the Dockerfile, rebuild:
+  docker compose build --no-cache
+  docker compose up -d
+
+Networking
+- By default runtime network is disabled (network_mode: "none") to reduce risk. If you need network, edit docker-compose.yml and remove or change network_mode, then rebuild.
+
+Common commands
+- Start foreground (logs): docker compose up --build
+- Start background: docker compose up -d
+- Exec shell: docker compose exec exploit-lab /bin/bash
+- Run one-off shell: docker compose run --rm exploit-lab /bin/bash
+- Get logs: docker compose logs -f
+- Rebuild image: docker compose build --no-cache
+- Stop and remove: docker compose down
+
+Troubleshooting
+- Build errors about pip/PEP 668: the Dockerfile uses a Python virtualenv (/opt/venv). If you change Python steps, prefer venv over system pip.
+- Malformed Docker config warnings: fix or move ~/.docker/config.json.
+- Missing Dockerfile during build: ensure dockerfile is at the path referenced by docker-compose.yml (build.context and build.dockerfile).
+
+Customization tips
+- Change host UID mapping: edit Dockerfile USER_UID/USER_GID or the compose user field to match your host user.
+- Add/remove tools in kali/Dockerfile apt install list.
+- If you need angr, add its build deps and install inside the venv (longer build).
+
+License
+- MIT.
+

docker-compose.yml

@@ -0,0 +1,27 @@
+services:
+  exploit-lab:
+    build: 
+      context: ./kali
+      dockerfile: Dockerfile
+    image: exploit-lab:latest
+    stdin_open: true
+    tty: true
+    network_mode: "none"
+    restart: "no"
+    cap_drop:
+      - ALL
+    read_only: true
+    tmpfs:
+      - /tmp:rw,size=256m
+    volumes:
+      - ./challenge:/home/kali/challenge:ro
+      - kali-work:/home/kali/work:rw
+    deploy:
+      resources:
+        limits:
+          cpus: '1.0'
+          memory: 1G
+    user: "1000:1000"
+volumes:
+  kali-work:
+

kali/Dockerfile

@@ -0,0 +1,36 @@
+FROM kalilinux/kali-rolling:latest
+
+# Create a non-root user (UID 1000) to map to host user
+ARG USERNAME=kali
+ARG USER_UID=1000
+ARG USER_GID=1000
+
+RUN groupadd -g ${USER_GID} ${USERNAME} \
+ && useradd -m -u ${USER_UID} -g ${USER_GID} -s /bin/bash ${USERNAME}
+
+# Minimal package list commonly useful for binary analysis/exploitation
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
+    build-essential gcc g++ make clang pkg-config \
+    gdb gdb-multiarch gdbserver \
+    python3 python3-pip python3-dev python3-venv \
+    git curl wget unzip \
+    binutils file binwalk radare2 \
+    strace ltrace lsof \
+    netcat-openbsd socat \
+    unzip p7zip-full \
+    vim less nano \
+    libc6-dbg \
+ && python3 -m venv /opt/venv \
+ && /opt/venv/bin/pip install --upgrade pip setuptools wheel \
+ && /opt/venv/bin/pip install --no-cache-dir pwntools capstone unicorn binwalk \
+ && apt-get clean && rm -rf /var/lib/apt/lists/*
+ENV PATH="/opt/venv/bin:${PATH}"
+
+# Ensure work dir and permissions for non-root user
+RUN mkdir -p /home/${USERNAME}/work /home/${USERNAME}/challenge \
+ && chown -R ${USERNAME}:${USERNAME} /home/${USERNAME}
+
+USER ${USERNAME}
+WORKDIR /home/${USERNAME}
+ENV PATH="/home/${USERNAME}/.local/bin:${PATH}"
+