= Our setup =[[Category:CTF]]* OpenVPN server 62<pre>HTTP/1.2201 301 Moved PermanentlyLocation: http://hackerspace.138fixme.151ch/mediawiki/index.php/RwthCTF_2011</pre>
CA Certificate= Quick links = * [https://grid.nimag.net/uri/URI%3ADIR2-RO%3Apn4ojukzl5wbr5qw7fumxzrlie%3Aobmcas6ttnjysvyahijofo2cumdsripjhkmqfczjxek2mvd3kghq/ Fichiers (network dumps, vm images, etc.)]* [http://10.11.0.1/#scoreboard Scoreboard]* [http://10.11.20.51/zabbix/index.php Monitoring] admin/zabbix* [[Game]]* [[Challenges]]* Secret: shohwuinikeiquop* Flag regex: <pre>^[a-zA-Z0-9]{40}$</pre> = SSH Access = Public key:
<pre>
ssh-----BEGIN CERTIFICATE-----MIIFqTCCA5GgAwIBAgIJAOSjXeaKBcRpMA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNVBAYTAkNIMQ8wDQYDVQQDFAZNb25fQ0EwHhcNMTEwOTI0MTY1OTQ2WhcNMjEwOTIxMTY1OTQ2WjAeMQswCQYDVQQGEwJDSDEPMA0GA1UEAxQGTW9uX0NBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqvKdCrsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5twrX47WdsuPX8BohNmuInE3Vjbd9XQ05gLMCjDaFaZDgt7B4BpQNfyGlvlCq3upPOwmpvFkH9+tqLLB1Yfx8gcP2enLtfLdmVHHmvnRBGQ9OpgBNZ1F5YHej7Z5y8Hnf3FuSzpYWJXprTxYFW6yK6G4FVxMF8WsyGPHzCvYoBBUAAXt5D9fh5LQAa08cCtIzIGXw6NsVnfEwteqkzXa9eT8y8er81Da8FkLQfbnpTAwa03i7jSb3NCngN358OORWAuKm3rwLh0r1N/zL/eUds8JXLJEJ4uhz3Dzlpv1IFkm3Iev+b2vV2Lh8J1eV1w4wfKhxvw2RyqL6t4csfowYlntpif5CCQ6wZqzJd+h1xFeJcTDlUHi9eVD8ew8qh4Wa2fZ1J4AdoKiYsVxHgVu2CzHGVKYSr217WuAiEg++3snuKpbGC1yEcUah0TT2SSIP2guT/a5ZaQTOQ7A9oQ7E99ZB4nRTWv8TNf4925BzsImvswNTnQjgh7h+HbicFTj/pq+zru4DncZn5EKlRJP/F+GwtnyJ8rNUJ976BGpdyna+IYOgW9BRFVWXjDkaEnpTBcoLD274rLpehDdiBBKsIGNrwqYxWIi982ilPD FIXME@rwthCTF2011iV3H7ms69WMNj7KQiavHqwkhxFsFLKSW5uUSKs5foRBosU3V5eKIS36lgMpX+jiu9lAZfDebTlR1GLyuu6R9h4P1XJCN+ARRraza+fXgvOpNs5nK2H5eIdn2pc+I0EC0hRgl0FkNSgUHg0UBLL6rcemHWMe16RbERJm3rWQZrxleT0DVPRq+CPcYdcfPTb91TM7a</0z1d1uIJ7j/b1P81pLzBi8iYo0mUYV4b/thsHiHArmD2oGlUMVX/XIxfyvYpre>hxKtJ5TjouVj/4dSToUInYIiKoRYETlQ98glHIKVcSe3wmfoxBmDT9/DU/n1DRba+5R7l4O1XNG7dWswgQeo71iDdmm5NfGHO2dNaMVjBE6sRKOvjFTFajBiCnThaWjI'''Ask info@fixme.ch for the private key!'''MCHqBnU7fmcCAwEAAaOB6TCB5jAdBgNVHQ4EFgQU1LcU8uQlperS2ANo8aW+CiMGrlYwTgYDVR0jBEcwRYAU1LcU8uQlperS2ANo8aW+CiMGrlahIqQgMB4xCzAJBgNV= Shared Git Repository =BAYTAkNIMQ8wDQYDVQQDFAZNb25fQ0GCCQDko13migXEaTAPBgNVHRMBAf8EBTADAQH/MBEGCWCGSAGG+EIBAQQEAwIBBjAJBgNVHRIEAjAAMCsGCWCGSAGG+EIBDQQe<pre>FhxUaW55Q0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMAkGA1UdEQQCMAAwDgYDVR0PAQHgit clone fixme@guest1.fixme.ch:/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4ICAQBpVrrhHjcWxoHZhome/3WJ61r5WvUCH3+op0yzZkGfixme/z498Gv4oUSErD5WfhG2K9+lV8VhRx2JSXCKv1SskHlJuPKDnWTdZbAUERSwZTrwthctf2011/LvLYwRfH+8pWxSBMQRvvHEIzkrrRBNDQl4291repo/901o7nu41UFl6nBwrwthCTF-2011819+F+lWB+fRFm0YGIR4zzhvx3bFMGWCM3475l4WyRruYbe+soHs+g4+SUFYTK594PSjVrNvR8wMKQJByez0TaffGAxjeXde74kWPBPmhwqjq78fZ8wYAjVdn2ae</xjApre>wIf+UvvntOkLwOiQWeCy2LMX3JbLvIUeirqtBeTDfgX80kcr6NHu6tDtiwY+V1/O149pewBHebrMnJl90CayqDyF34RfZI/t2Z50LdLwPw2nTFgl1IO0Cou9qmfKW4gBFancy tools, mass exploitation!RNHtfGveYaR4wL6pF0ruiKGlwnh6cHFtS4a32G3HrQ7WKjk9FVGiDJvo93TBfUMlmDjIqpq3wCCJynxGyVmQVWH65/3gtnduCDfKrmbrL2DYUJeqBWW3cyPlSxEO/ei7<pre>3Jx3qM5Jzngh9YRSUYBh5+3XB+4smsjRqpNtC3RdD074qxKhM5Acb0YcGmLJfgw4$ scoreboard.py targets | foreach.py attack1.py | upload-flags.py3/d2JXQFvPJv8bKZ/WsK5VUeTGgqvi/8j2BqZjf6TMXKQRVmJ8tvvW/SBSqPZlCJHello Team FIXME! You may now submit flags, one per line.kAslCDHslFeD6QYwMA==66c69cb0354079a1ad26e405851bc13c70964d51-----END CERTIFICATE-----Unknown flag.5b713c95c31555bb76f8e4795e8a726c289918ceUnknown flag.[...]
</pre>
[[File:network.png|450px]]
= VPN Credentials =
'''Email'''
<div style="background-color: #eee; padding:3px; border: 1px dotted black">
Hi rwthCTF Teams,
with this mail you get your VPN credentials. This includes the openvpn config
file (client.conf), your team certificate (teamX.cert) and your private key
(teamX.key). Also needed by OpenVPN and attached to this mail are the CA
certificate "rwthctfca.pem" and a TLS shared key "ta.key". These credentials can
only be used from _ONE_ machine at a time.
The X in the files you receive is your team ID. This also specifies your IP
subnet 10.11.X.0/24! Please refer to the earlier README.txt for further details.
Please connect to the VPN, set your IP addresses and bring up your routing. Also
start the Test Vulnbox and set it to 10.11.X.2.
You can view a preliminary scoreboard at http://10.11.0.1/ During the CTF we
allow flag submission at 10.11.0.1 port 1/tcp. This should already be online for
testing purposes, but you can not score any points before the CTF starts on
September 30th. The rest of the network is pretty locked down at the moment -
you may ICMP, though.
Any further questions should be asked via E-Mail or the #rwthctf IRC channel on
freenode.
One last thing: each team was assigned a unique secret passphrase (secret.txt)
that is needed for certain critical actions during the competition. Keep it
safe!
Cheers,
-rwthCTF Orga
</div>
= Thanks =
<div style="background-color: #eee; padding:3px; border: 1px dotted black">
Hi rwthCTF Teams,
thank you for participating in the rwthCTF 2011 competition. Hopefully we will meet again at another event or next year at rwthCTF.
We updated the website with some pictures taken during the CTF and some results. Give it a visit at http://ctf.itsec.rwth-aachen.de/
Thanks again,
-rwthCTF Orga
</div>
= Network =
* [[File:network-setup.pdf]]
* labo.ctrlaltdel.ch: Virtual machine host
* rwthctf.fixme.ch: OpenVPN router
'''10.11.20.0/25 DMZ'''
* 10.11.20.1 OpenVPN router
* 10.11.20.2 Vulnbox
* 10.11.20.3 Test vulnbox (dès le début de la compétition)
* 10.11.20.50 ructfe2010 vulnbox (testing purpose)
* 10.11.20.51 Monitoring
'''10.11.20.128/25 VPN clients'''
* 10.11.20.129 OpenVPN router
Une capture réseau (tcpdump) tourne en permanence et sauve le trafic à destination de la vulnbox depuis le réseau du concours. Un nouveau fichier est créé chaque heure (attention aux sessions TCP coupées).
=== Tcpdump ===
<pre>
ssh root@rwthctf.fixme.ch
root@openvpn:~# ls /srv/network-dumps/
</pre>
=== Snort ===
How to update the Snort IPS rules?
<pre>
ssh root@rwthctf.fixme.ch
root@openvpn:~# vi /usr/local/etc/snort/rules/local.rules
root@openvpn:~# sv restart snort
</pre>
== Orga Network ==
* 10.11.0.1 Scoreboard + Flag submission
* 10.11.199.1 Vidéo surveillance?
== Config OpenVPN ==
* Créer un compte utilisateur après vous être connecté sur root@rwthctf.fixme.ch
* Créer les deux fichiers suivants
* ''$ openvpn openvpn.conf'' et entrer votre nom d'utilisateur/mot de passe
'''openvpn.conf'''
<pre>
client
remote rwthctf.fixme.ch
ca ./ca.pem
auth-user-pass
dev tun
proto tcp
nobind
persist-key
persist-tun
comp-lzo
</pre>
'''ca.pem'''
<pre>
-----BEGIN CERTIFICATE-----
XXX
-----END CERTIFICATE-----
</pre>