Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- curl https://pastebin.com/raw/5MJJ5gr8 | base64 -d | tar xzv
- 201710CTF
- Hello All,
- I’ve been discussing setting up some hacking games for quite some time now. I’ve finally done it.
- Latest Versions: https://sites.google.com/siliconpirates.net/ctf201710/home
- https://pastebin.com/zfkYAd3X
- Connection
- There’s two ways of connecting, ssh and OpenVPN
- SSH
- ssh to ctfusers@76.182.82.206 you should have received a guest.ssh-id file with these instructions. (You can connect to this via 10.1.33.4 from inside the protected network, if that helps any).
- OpenVPN
- You also should have received a remoteclient directory, included in a ctfserver.ovpn file which defines everything to create the vpn client, with the keys and certificates in the folder with it.
- Outbound to the internet, including DNS, may (should) not work, so if you have an option to set it as “Not default route” or “limited to VPN resources”, I would strongly advise it.
- The VPN subnet is 10.1.33.0/16, and pushes routes to this. If you use those subnets in your own network, be extra careful.
- The remote VPN server is running on 76.182.82.206 port tcp/443
- Safety
- So… this net is a playground for ethical hacking where you can experiment doing things. While no one should ever target another user, accidents do occur. Protect your own computer… or better yet, fire up a virtual machine and VPN from it for added security.
- Targets:
- PLEASE limit your attacks to systems on the 10.1.33.64/26 subnet (minus 10.1.33.65, the router). That’s 10.1.33.66-10.1.33.126.
- PwnLab: init
- IP:
- Info: https://www.vulnhub.com/entry/pwnlab-init,158/
- Complete: get /root/flag.txt
- Skill level: low
- Wallaby's Nightmare (v1.0.2)
- IP:
- Info: https://www.vulnhub.com/?q=nightmare&sort=date-des&type=vm
- Complete it? I dunno how
- Skill level: beginner-intermediate
- 64base
- IP:
- Info: https://3mrgnc3.ninja/2016/12/64base/
- Complete it? There are 6 flags to collect. Each in the format of flag1{ZXhhbXBsZSBmbGFnCg==} Beat the Empire and steal the plans for the Death Star before its too late.
- Skill level: BEGINNER - INTERMEDIATE
- Unnamed
- IP:
- Info: someone deployed a box without configuring it! Just figure out the default username and password...
- Complete it? Get root.
- Skill level: pretty darned easy.
- 6day labs
- IP:
- Info: https://www.vulnhub.com/?q=6day&sort=date-des&type=vm
- Execute /flag to complete
- Skill level: unrated
- Remarks
- Which one to do first? They are all independent so it shouldn’t matter.
- Really, I’ve only done one of these so far, the 6daylabs system, I’ll be doing the rest with you.
- My advice, especially for first timers, is: do your best, and when you get stuck, talk it over. At conferences, this is always done in teams… and even with occasional spying on other teams or hints from the ref.
- If you are really stuck, these should all have walkthroughs. I always try to do it without using them, but sometimes I’m just NOT that good. Read through the walkthrough JUST enough to get moving again.
- If you somehow accidentally damage one of these (i.e. “Hmmm… the web server went away”) please let me know ASAP. I can redeploy these pretty quick.
- I may add more as I get the chance & inspiration.
- I’ll be on freenode in the channel #defcon919
- #2017CTF
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement