= Our setup =[[Category:CTF]]* OpenVPN server rwthctf<pre>HTTP/1.1 301 Moved PermanentlyLocation: http://hackerspace.fixme.ch/mediawiki/index.php/RwthCTF_2011* Autentification avec les utilisateurs</password locaux (PAM)pre>
CA Certificate= Quick links = * [https://grid.nimag.net/uri/URI%3ADIR2-RO%3Apn4ojukzl5wbr5qw7fumxzrlie%3Aobmcas6ttnjysvyahijofo2cumdsripjhkmqfczjxek2mvd3kghq/ Fichiers (network dumps, vm images, etc.)]* [http://10.11.0.1/#scoreboard Scoreboard]* [http://10.11.20.51/zabbix/index.php Monitoring] admin/zabbix* [[Game]]* [[Challenges]]* Secret: shohwuinikeiquop* Flag regex: <pre>^[a-zA-Z0-9]{40}$</pre> = SSH Access = Public key:
<pre>
ssh-----BEGIN CERTIFICATE-----MIIFqTCCA5GgAwIBAgIJAOSjXeaKBcRpMA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNVBAYTAkNIMQ8wDQYDVQQDFAZNb25fQ0EwHhcNMTEwOTI0MTY1OTQ2WhcNMjEwOTIxMTY1OTQ2WjAeMQswCQYDVQQGEwJDSDEPMA0GA1UEAxQGTW9uX0NBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqvKdCrsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5twrX47WdsuPX8BohNmuInE3Vjbd9XQ05gLMCjDaFaZDgt7B4BpQNfyGlvlCq3upPOwmpvFkH9+tqLLB1Yfx8gcP2enLtfLdmVHHmvnRBGQ9OpgBNZ1F5YHej7Z5y8Hnf3FuSzpYWJXprTxYFW6yK6G4FVxMF8WsyGPHzCvYoBBUAAXt5D9fh5LQAa08cCtIzIGXw6NsVnfEwteqkzXa9eT8y8er81Da8FkLQfbnpTAwa03i7jSb3NCngN358OORWAuKm3rwLh0r1N/eUds8JXLJEJ4+b2vV2Lh8+h1++3snuKpbGC1yEcUah0TT2SSIzL/a5ZaQTOQ7A9oQ7uhz3Dzlpv1IFkm3Iev+HbicFTj/pJ1eV1w4wfKhxvw2RyqL6t4csfowYlntpif5CCQ6wZqzJd+/F+GwtnyJ8rNUJ976BGpdyna+IYOgW9BRFVWXjDkaEiV3H7ms69WMNj7KQiavHqwkhxFsFLKSW5uUSKs5foRBosU3V5eKIS36lgMpX+jiu9lAZfDebTlR1GLyuu6R9h4P1XJCN+ARRraza+fXgvOpNs5nK2H5eIdn2pc+I0EC0hRgl0FkNSgUHg0UBLL6rcemHWMe16RbERJm3rWQZrxleT0DVPRqxFeJcTDlUHi9eVD8ew8qh4Wa2fZ1J4AdoKiYsVxHgVu2CzHGVKYSr217WuAiEg+CPcYdcfPTb91TM7aP2guT/0z1d1uIJ7j/b1P81pLzBi8iYo0mUYV4b/thsHiHArmD2oGlUMVX/XIxfyvYhxKtJ5TjouVj/4dSToUInYIiKoRYETlQ98glHIKVcSe3wmfoxBmDT9/DU/n1DRbaE99ZB4nRTWv8TNf4925BzsImvswNTnQjgh7h+5R7l4O1XNG7dWswgQeo71iDdmm5NfGHO2dNaMVjBE6sRKOvjFTFajBiCnThaWjIMCHqBnU7fmcCAwEAAaOB6TCB5jAdBgNVHQ4EFgQU1LcU8uQlperS2ANo8aWq+CiMGrlYwTgYDVR0jBEcwRYAU1LcU8uQlperS2ANo8aW+CiMGrlahIqQgMB4xCzAJBgNVBAYTAkNIMQ8wDQYDVQQDFAZNb25fQ0GCCQDko13migXEaTAPBgNVHRMBAf8EBTADAQHzru4DncZn5EKlRJP/MBEGCWCGSAGG+EIBAQQEAwIBBjAJBgNVHRIEAjAAMCsGCWCGSAGG+EIBDQQeFhxUaW55Q0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMAkGA1UdEQQCMAAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4ICAQBpVrrhHjcWxoHZ/3WJ61r5WvUCH3+op0yzZkG/z498Gv4oUSErD5WfhG2K9+lV8VhRx2JSXCKv1SskHlJuPKDnWTdZbAUERSwZT/LvLYwRfH+8pWxSBMQRvvHEIzkrrRBNDQl4291/901o7nu41UFl6nBw819+F+lWB+fRFm0YGIR4zzhvx3bFMGWCM3475l4WyRruYbe+soHs+g4+SUFYTK594PSjVrNvR8wMKQJByez0TaffGAxjeXde74kWPBPmhwqjq78fZ8wYAjVdn2ae/xjAwIf+UvvntOkLwOiQWeCy2LMX3JbLvIUeirqtBeTDfgX80kcr6NHu6tDtiwY+V1/O149pewBHebrMnJl90CayqDyF34RfZI/t2Z50LdLwPw2nTFgl1IO0Cou9qmfKW4gBRNHtfGveYaR4wL6pF0ruiKGlwnh6cHFtS4a32G3HrQ7WKjk9FVGiDJvo93TBfUMlmDjIqpq3wCCJynxGyVmQVWH65/3gtnduCDfKrmbrL2DYUJeqBWW3cyPlSxEO/ei73Jx3qM5Jzngh9YRSUYBh5+3XB+4smsjRqpNtC3RdD074qxKhM5Acb0YcGmLJfgw43/d2JXQFvPJv8bKZ/WsK5VUeTGgqvi/8j2BqZjf6TMXKQRVmJ8tvvW/SBSqPZlCJkAslCDHslFeD6QYwMA==-----END CERTIFICATE-----npTBcoLD274rLpehDdiBBKsIGNrwqYxWIi982ilPD FIXME@rwthCTF2011
</pre>
* openvpn'''Ask info@fixme.confch for the private key!''' = Shared Git Repository =
<pre>
clientremote 62git clone fixme@guest1.220.138fixme.151ca ch:/home/fixme/ca.pemauth-userrwthctf2011/repo/ rwthCTF-pass2011dev tun</pre>proto tcpnobindFancy tools, mass exploitation!auth-nocachescript-security 2<pre>persist$ scoreboard.py targets | foreach.py attack1.py | upload-keyflags.pypersist-tunHello Team FIXME! You may now submit flags, one per line.comp-lzo66c69cb0354079a1ad26e405851bc13c70964d51Unknown flag.5b713c95c31555bb76f8e4795e8a726c289918ceUnknown flag.[...]
</pre>
Cheers,
-rwthCTF Orga
</div>
= Thanks =
<div style="background-color: #eee; padding:3px; border: 1px dotted black">
Hi rwthCTF Teams,
thank you for participating in the rwthCTF 2011 competition. Hopefully we will meet again at another event or next year at rwthCTF.
We updated the website with some pictures taken during the CTF and some results. Give it a visit at http://ctf.itsec.rwth-aachen.de/
Thanks again,
-rwthCTF Orga
</div>
= Network =
* [[File:network-setup.pdf]]
* labo.ctrlaltdel.ch: Virtual machine host
* rwthctf.fixme.ch: OpenVPN router
'''10.11.20.0/25 DMZ'''
* 10.11.20.1 OpenVPN router
* 10.11.20.2 Vulnbox
* 10.11.20.3 Test vulnbox (dès le début de la compétition)
* 10.11.20.50 ructfe2010 vulnbox (testing purpose)
* 10.11.20.51 Monitoring
'''10.11.20.128/25 VPN clients'''
* 10.11.20.129 OpenVPN router
Une capture réseau (tcpdump) tourne en permanence et sauve le trafic à destination de la vulnbox depuis le réseau du concours. Un nouveau fichier est créé chaque heure (attention aux sessions TCP coupées).
=== Tcpdump ===
<pre>
ssh root@rwthctf.fixme.ch
root@openvpn:~# ls /srv/network-dumps/
</pre>
=== Snort ===
How to update the Snort IPS rules?
<pre>
ssh root@rwthctf.fixme.ch
root@openvpn:~# vi /usr/local/etc/snort/rules/local.rules
root@openvpn:~# sv restart snort
</pre>
== Orga Network ==
* 10.11.0.1 Scoreboard + Flag submission
* 10.11.199.1 Vidéo surveillance?
== Config OpenVPN ==
* Créer un compte utilisateur après vous être connecté sur root@rwthctf.fixme.ch
* Créer les deux fichiers suivants
* ''$ openvpn openvpn.conf'' et entrer votre nom d'utilisateur/mot de passe
'''openvpn.conf'''
<pre>
client
remote rwthctf.fixme.ch
ca ./ca.pem
auth-user-pass
dev tun
proto tcp
nobind
persist-key
persist-tun
comp-lzo
</pre>
'''ca.pem'''
<pre>
-----BEGIN CERTIFICATE-----
XXX
-----END CERTIFICATE-----
</pre>