= Our setup =
* OpenVPN server rwthctf.fixme.ch
* Autentification avec les utilisateurs/password locaux (PAM)
CA Certificate
<pre>
-----BEGIN CERTIFICATE-----MIIFqTCCA5GgAwIBAgIJAOSjXeaKBcRpMA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNVBAYTAkNIMQ8wDQYDVQQDFAZNb25fQ0EwHhcNMTEwOTI0MTY1OTQ2WhcNMjEwOTIxMTY1OTQ2WjAeMQswCQYDVQQGEwJDSDEPMA0GA1UEAxQGTW9uX0NBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqvKdC+tqLLB1Yfx8gcP2enLtfLdmVHHmvnRBGQ9OpgBNZ1F5YHej7Z5y8Hnf3FuSzpYWJXprTxYFW6yK6G4FVxMF8WsyGPHzCvYoBBUAAXt5D9fh5LQAa08cCtIzIGXw6NsVnfEwteqkzXa9eT8y8er81Da8FkLQfbnpTAwa03HTTP/eUds8JXLJEJ4+b2vV2Lh8+h1++3snuKpbGC1yEcUah0TT2SSI/a5Z1.1 301 Moved PermanentlyaQTOQ7A9oQ7+HbicFTjLocation: http:/p+/F+GwtnyJ8rNUJ976BGpdyna+IYOgW9BRFVWXjDkaEiV3H7ms69WMNj7KQiavHqwkhxFsFLKSW5uUSKs5foRBosU3V5eKIS36lgMpX+jiu9lAZfDebTlR1GLyuu6R9h4P1XJCN+ARRraza+fXgvOpNs5nK2H5eIdn2pc+I0EC0hRgl0FkNSgUHg0UBLL6rcemHWMe16RbERJm3rWQZrxleT0DVPRq+CPcYdcfPTb91TM7ahackerspace.fixme.ch/0z1d1uIJ7jmediawiki/b1P81pLzBi8iYo0mUYV4bindex.php/thsHiHArmD2oGlUMVX/XIxfyvYhxKtJ5TjouVj/4dSToUInYIiKoRYETlQ98glHIKVcSe3wmfoxBmDT9/DU/n1DRba+5R7l4O1XNG7dWswgQeo71iDdmm5NfGHO2dNaMVjBE6sRKOvjFTFajBiCnThaWjIMCHqBnU7fmcCAwEAAaOB6TCB5jAdBgNVHQ4EFgQU1LcU8uQlperS2ANo8aW+CiMGrlYwTgYDVR0jBEcwRYAU1LcU8uQlperS2ANo8aW+CiMGrlahIqQgMB4xCzAJBgNVBAYTAkNIMQ8wDQYDVQQDFAZNb25fQ0GCCQDko13migXEaTAPBgNVHRMBAf8EBTADAQH/MBEGCWCGSAGG+EIBAQQEAwIBBjAJBgNVHRIEAjAAMCsGCWCGSAGG+EIBDQQeFhxUaW55Q0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMAkGA1UdEQQCMAAwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4ICAQBpVrrhHjcWxoHZ/3WJ61r5WvUCH3+op0yzZkG/z498Gv4oUSErD5WfhG2K9+lV8VhRx2JSXCKv1SskHlJuPKDnWTdZbAUERSwZT/LvLYwRfH+8pWxSBMQRvvHEIzkrrRBNDQl4291/901o7nu41UFl6nBw819+F+lWB+fRFm0YGIR4zzhvx3bFMGWCM3475l4WyRruYbe+soHs+g4+SUFYTK594PSjVrNvR8wMKQJByez0TaffGAxjeXde74kWPBPmhwqjq78fZ8wYAjVdn2ae/xjAwIf+UvvntOkLwOiQWeCy2LMX3JbLvIUeirqtBeTDfgX80kcr6NHu6tDtiwY+V1/O149pewBHebrMnJl90CayqDyF34RfZI/t2Z50LdLwPw2nTFgl1IO0Cou9qmfKW4gBRNHtfGveYaR4wL6pF0ruiKGlwnh6cHFtS4a32G3HrQ7WKjk9FVGiDJvo93TBfUMlmDjIqpq3wCCJynxGyVmQVWH65/3gtnduCDfKrmbrL2DYUJeqBWW3cyPlSxEO/ei73Jx3qM5Jzngh9YRSUYBh5+3XB+4smsjRqpNtC3RdD074qxKhM5Acb0YcGmLJfgw43/d2JXQFvPJv8bKZ/WsK5VUeTGgqvi/8j2BqZjf6TMXKQRVmJ8tvvW/SBSqPZlCJkAslCDHslFeD6QYwMA==-----END CERTIFICATE-----RwthCTF_2011
</pre>
* openvpn.conf
<pre>
client
remote 62.220.138.151
ca /home/fixme/ca.pem
auth-user-pass
dev tun
proto tcp
nobind
auth-nocache
script-security 2
persist-key
persist-tun
comp-lzo
</pre>
= First Contact =
'''Email'''
<div style="background-color: #eee; padding:3px; border: 1px dotted black">
Hi rwthCTF Teams,
with this message, the first ever rwthCTF is officially in the "team-preparation" phase. Attached to this mail you can find the first instructional README.txt file, a rough diagram of our network setup and a second document (codewars.txt) that serves as a small appetizer for the upcoming challenges in the CTF. The appetizer (codewars documentation) only describes a small part of the CTF event - we will have lots of programming languages and skill areas covered. Also the scripts mentioned in the document will only be made available when the competition starts.
Additionally we prepared a "test-vulnbox" that can be downloaded from the link below. This is _NOT_ the final vulnbox image. Please refer to the README for further pointers. You will need this once VPN credentials are released - probably on next Monday (again see README).
This E-Mail is signed with a PGP key and sent in PGP/MIME. Please download the corresponding public key from http://ctf.itsec.rwth-aachen.de/ and verify the signature. All further mail communication from rwthCTF organizers will be signed with this key as well.
Cheers,
rwthCTF Orga
Test-Vulnbox: xxxxxxx
GPG-symmetric-passphrase: xxxxxxx
</div>
'''Attachments: ''' [[File:README.txt]] [[File:codewars.txt]]
[[File:network.png|450px]]
= VPN Credentials =
'''Email'''
<div style="background-color: #eee; padding:3px; border: 1px dotted black">
Hi rwthCTF Teams,
with this mail you get your VPN credentials. This includes the openvpn config
file (client.conf), your team certificate (teamX.cert) and your private key
(teamX.key). Also needed by OpenVPN and attached to this mail are the CA
certificate "rwthctfca.pem" and a TLS shared key "ta.key". These credentials can
only be used from _ONE_ machine at a time.
The X in the files you receive is your team ID. This also specifies your IP
subnet 10.11.X.0/24! Please refer to the earlier README.txt for further details.
Please connect to the VPN, set your IP addresses and bring up your routing. Also
start the Test Vulnbox and set it to 10.11.X.2.
You can view a preliminary scoreboard at http://10.11.0.1/ During the CTF we
allow flag submission at 10.11.0.1 port 1/tcp. This should already be online for
testing purposes, but you can not score any points before the CTF starts on
September 30th. The rest of the network is pretty locked down at the moment -
you may ICMP, though.
Any further questions should be asked via E-Mail or the #rwthctf IRC channel on
freenode.
One last thing: each team was assigned a unique secret passphrase (secret.txt)
that is needed for certain critical actions during the competition. Keep it
safe!
Cheers,
-rwthCTF Orga
</div>
