CTF201710

1. curl https://pastebin.com/raw/5MJJ5gr8 | base64 -d | tar xzv
2.  
3. 201710CTF
4.  
5. Hello All,
6. I’ve been discussing setting up some hacking games for quite some time now. I’ve finally done it.
7.  
8. Latest Versions: https://sites.google.com/siliconpirates.net/ctf201710/home
9. https://pastebin.com/zfkYAd3X
10.  
11.  
12. Connection
13. There’s two ways of connecting, ssh and OpenVPN
14.  
15. SSH
16.  
17. ssh to ctfusers@76.182.82.206 you should have received a guest.ssh-id file with these instructions. (You can connect to this via 10.1.33.4 from inside the protected network, if that helps any).
18. OpenVPN
19. You also should have received a remoteclient directory, included in a ctfserver.ovpn file which defines everything to create the vpn client, with the keys and certificates in the folder with it.
20. Outbound to the internet, including DNS, may (should) not work, so if you have an option to set it as “Not default route” or “limited to VPN resources”, I would strongly advise it.
21.  
22. The VPN subnet is 10.1.33.0/16, and pushes routes to this. If you use those subnets in your own network, be extra careful.
23.  
24. The remote VPN server is running on 76.182.82.206 port tcp/443
25.  
26. Safety
27. So… this net is a playground for ethical hacking where you can experiment doing things. While no one should ever target another user, accidents do occur. Protect your own computer… or better yet, fire up a virtual machine and VPN from it for added security.
28. 
29.  
30. Targets:
31. PLEASE limit your attacks to systems on the 10.1.33.64/26 subnet (minus 10.1.33.65, the router). That’s 10.1.33.66-10.1.33.126.
32.  
33. PwnLab: init
34. IP:
35. Info: https://www.vulnhub.com/entry/pwnlab-init,158/
36. Complete: get /root/flag.txt
37. Skill level: low
38.  
39.  
40. Wallaby's Nightmare (v1.0.2)
41. IP:
42. Info: https://www.vulnhub.com/?q=nightmare&sort=date-des&type=vm
43. Complete it? I dunno how
44. Skill level: beginner-intermediate
45.  
46.  
47. 64base
48. IP:
49. Info: https://3mrgnc3.ninja/2016/12/64base/
50. Complete it? There are 6 flags to collect. Each in the format of flag1{ZXhhbXBsZSBmbGFnCg==} Beat the Empire and steal the plans for the Death Star before its too late.
51. Skill level: BEGINNER - INTERMEDIATE
52.  
53. Unnamed
54. IP:
55. Info: someone deployed a box without configuring it! Just figure out the default username and password...
56. Complete it? Get root.
57. Skill level: pretty darned easy.
58.  
59. 6day labs
60. IP:
61. Info: https://www.vulnhub.com/?q=6day&sort=date-des&type=vm
62. Execute /flag to complete
63. Skill level: unrated
64.  
65.  
66.  
67.  
68.  
69. Remarks
70. Which one to do first? They are all independent so it shouldn’t matter.
71. Really, I’ve only done one of these so far, the 6daylabs system, I’ll be doing the rest with you.
72.  
73. My advice, especially for first timers, is: do your best, and when you get stuck, talk it over. At conferences, this is always done in teams… and even with occasional spying on other teams or hints from the ref.
74.  
75. If you are really stuck, these should all have walkthroughs. I always try to do it without using them, but sometimes I’m just NOT that good. Read through the walkthrough JUST enough to get moving again.
76.  
77. If you somehow accidentally damage one of these (i.e. “Hmmm… the web server went away”) please let me know ASAP. I can redeploy these pretty quick.
78.  
79. I may add more as I get the chance & inspiration.
80.  
81. I’ll be on freenode in the channel #defcon919
82.  
83.  
84.  
85. #2017CTF