Home

Awesome

DEF CON 30 Workshop Mainframe Container

DEFCON MAINFRAME

The scripts here are used to build the MVS 3.8j virtual mainframe for the DEFCON 30 workshop.

Thank you for taking a look at the DEFCON 30 Mainframe Buffer Overflow workshop.

Use docker

This docker container has everything you need to learn how to do MVS buffer overflows!

To start the class run the container and go to http://localhost:8080

To run the container use the below commands, make sure to change $(pwd)/docker to a folder for your system. The $(pwd) puts the docker volumes in your current working folder.

Minimal Container

Use this command if you just want to run it self contained. :warning: If you remove and relaunch the container you will lose any and all changes you made to the mainframe environment.

docker run -d \
  --name=defcon30 \
  -e HUSER=defcon \
  -e HPASS=defcon \
  -p 2323:3223 \
  -p 8888:8888 \
  -p 2121-2141:2121-2141 \
  -p 8443:8443 \
  -p 8080:8080 \
  -p 31337-31347:31337-31347 \
  -v ~/dumps:/printers \
  --restart unless-stopped \
  mainframed767/defcon30:latest

Ports explained:

Python scripts mentioned can be found here: https://github.com/mainframed/DC30_Workshop/tree/main/extra

Expert Container

This exposes more ports and allows you to have volumes with permanence. Gives access to the hercules and MVS consoles, the card readers/writers, etc.

docker run -d \
  --name=defcon30 \
  -e HUSER=docker \
  -e HPASS=docker \
  -p 3221:3221 \
  -p 2323:3223 \
  -p 3270:3270 \
  -p 3505:3505 \
  -p 3506:3506 \
  -p 8888:8888 \
  -p 2121:2121 \
  -p 8443:8443 \
  -p 8080:8080 \
  -p 31337-31347:31337-31347 \
  -v $(pwd)/docker/config:/config \
  -v $(pwd)/docker/printers:/printers \
  -v $(pwd)/docker/punchcards:/punchcards \
  -v $(pwd)/docker/logs:/logs \
  -v $(pwd)/docker/dasd:/dasd \
  -v $(pwd)/docker/certs:/certs \
  --restart unless-stopped \
  mainframed767/defcon30:latest

Ports

PortDescription
2323TLS Encrypted TN3270 Server Port
3270Unencrypted TN3270 Server Port
3221Encrypted FTPD server
2121Unencrypted FTP Server Port
8443Web based 3270 client which auto connects to lab mainframe https://localhost:8443
8080The class Wiki https://localhost:8080
8888Hercules Web Server/MVS Console. User/pass = docker
3505Punch card reader. Converts ASCII to EBCDIC.
3506Punch card reader. Only accepts EBCDIC files.
31337-32337FTP Server passive port range

Volumes

FolderDescription
/configContains the Hercules and web3270 config files
/printersContains the output of the printers on CLASS=A
/punchcardsContains the output of the puncard writer on CLASS=B
/logsContains Hercules logs
/dasdContains the MVS/CE disk images
/certsContains the certificates used for TLS encryption

Users

UsernamePasswordDescription
IBMUSERSYS1Adminstrative User with access to everything
MVSCE01CUL8TRAdminstrative User with access to everything
MVSCE02PASS4UGeneric User
DC0DC0DEFCON Workshop User
DC1DC1DEFCON Workshop User
DC2DC2DEFCON Workshop User
DC3DC3DEFCON Workshop User
DC4DC4DEFCON Workshop User
DC5DC5DEFCON Workshop User
DC6DC6DEFCON Workshop User
DC7DC7DEFCON Workshop User
DC8DC8DEFCON Workshop User
DC9DC9DEFCON Workshop User
DC10DC10DEFCON Workshop User
DC11DC11DEFCON Workshop User
DC12DC12DEFCON Workshop User
DC13DC13DEFCON Workshop User
DC14DC14DEFCON Workshop User
DC15DC15DEFCON Workshop User
DC16DC16DEFCON Workshop User
DC17DC17DEFCON Workshop User
DC18DC18DEFCON Workshop User
DC19DC19DEFCON Workshop User
DC20DC20DEFCON Workshop User
DC21DC21DEFCON Workshop User
DC22DC22DEFCON Workshop User
DC23DC23DEFCON Workshop User

:warning: With the current setup the maximum number of concurrent users is 24. If a 25th user logs on you get the following error message IKT00203I ADDRESS SPACE CREATION FAILED.

Building from scratch

Files