FROM ubuntu:22.04
ENV DEBIAN_FRONTEND=noninteractive

RUN apt-get update && apt-get install -y \
    openssh-server \
    python3 \
    net-tools \
    iproute2 \
    iputils-ping \
    sudo \
    findutils \
    && rm -rf /var/lib/apt/lists/*

# ── SSH ──
RUN mkdir -p /var/run/sshd
RUN useradd -m -s /bin/bash webadmin && echo 'webadmin:w3badm1n!' | chpasswd
RUN echo 'root:R00t_F1ag_2024!' | chpasswd
RUN sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config
RUN sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config

# ── Flag ──
RUN echo "FLAG{SQLi_pivot_pwn3d_eJPT_pr0!}" > /root/flag.txt
RUN chmod 600 /root/flag.txt

# ── SUID en python3 (vector de escalada) ──
RUN chmod u+s /usr/bin/python3.10

# ── Hint para webadmin ──
RUN echo "Escala privilegios para leer /root/flag.txt" > /home/webadmin/hint.txt
RUN echo "Pista: busca binarios con SUID" >> /home/webadmin/hint.txt
RUN chown webadmin:webadmin /home/webadmin/hint.txt

# ── Web app ──
COPY webapp.py /opt/webapp.py

COPY start.sh /start.sh
RUN chmod +x /start.sh

EXPOSE 22 80

CMD ["/start.sh"]
