RwthCTF 2011

From Fixme.ch
Revision as of 09:04, 29 September 2011 by Admin (Talk | contribs) (VPN Credentials)

Jump to: navigation, search

Our setup

  • OpenVPN server rwthctf.fixme.ch
  • Autentification avec les utilisateurs/password locaux (PAM)

CA Certificate

-----BEGIN CERTIFICATE-----
MIIFqTCCA5GgAwIBAgIJAOSjXeaKBcRpMA0GCSqGSIb3DQEBBQUAMB4xCzAJBgNV
BAYTAkNIMQ8wDQYDVQQDFAZNb25fQ0EwHhcNMTEwOTI0MTY1OTQ2WhcNMjEwOTIx
MTY1OTQ2WjAeMQswCQYDVQQGEwJDSDEPMA0GA1UEAxQGTW9uX0NBMIICIjANBgkq
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqvKdC+tqLLB1Yfx8gcP2enLtfLdmVHHm
vnRBGQ9OpgBNZ1F5YHej7Z5y8Hnf3FuSzpYWJXprTxYFW6yK6G4FVxMF8WsyGPHz
CvYoBBUAAXt5D9fh5LQAa08cCtIzIGXw6NsVnfEwteqkzXa9eT8y8er81Da8FkLQ
fbnpTAwa03/eUds8JXLJEJ4+b2vV2Lh8+h1++3snuKpbGC1yEcUah0TT2SSI/a5Z
aQTOQ7A9oQ7+HbicFTj/p+/F+GwtnyJ8rNUJ976BGpdyna+IYOgW9BRFVWXjDkaE
iV3H7ms69WMNj7KQiavHqwkhxFsFLKSW5uUSKs5foRBosU3V5eKIS36lgMpX+jiu
9lAZfDebTlR1GLyuu6R9h4P1XJCN+ARRraza+fXgvOpNs5nK2H5eIdn2pc+I0EC0
hRgl0FkNSgUHg0UBLL6rcemHWMe16RbERJm3rWQZrxleT0DVPRq+CPcYdcfPTb91
TM7a/0z1d1uIJ7j/b1P81pLzBi8iYo0mUYV4b/thsHiHArmD2oGlUMVX/XIxfyvY
hxKtJ5TjouVj/4dSToUInYIiKoRYETlQ98glHIKVcSe3wmfoxBmDT9/DU/n1DRba
+5R7l4O1XNG7dWswgQeo71iDdmm5NfGHO2dNaMVjBE6sRKOvjFTFajBiCnThaWjI
MCHqBnU7fmcCAwEAAaOB6TCB5jAdBgNVHQ4EFgQU1LcU8uQlperS2ANo8aW+CiMG
rlYwTgYDVR0jBEcwRYAU1LcU8uQlperS2ANo8aW+CiMGrlahIqQgMB4xCzAJBgNV
BAYTAkNIMQ8wDQYDVQQDFAZNb25fQ0GCCQDko13migXEaTAPBgNVHRMBAf8EBTAD
AQH/MBEGCWCGSAGG+EIBAQQEAwIBBjAJBgNVHRIEAjAAMCsGCWCGSAGG+EIBDQQe
FhxUaW55Q0EgR2VuZXJhdGVkIENlcnRpZmljYXRlMAkGA1UdEQQCMAAwDgYDVR0P
AQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4ICAQBpVrrhHjcWxoHZ/3WJ61r5WvUC
H3+op0yzZkG/z498Gv4oUSErD5WfhG2K9+lV8VhRx2JSXCKv1SskHlJuPKDnWTdZ
bAUERSwZT/LvLYwRfH+8pWxSBMQRvvHEIzkrrRBNDQl4291/901o7nu41UFl6nBw
819+F+lWB+fRFm0YGIR4zzhvx3bFMGWCM3475l4WyRruYbe+soHs+g4+SUFYTK59
4PSjVrNvR8wMKQJByez0TaffGAxjeXde74kWPBPmhwqjq78fZ8wYAjVdn2ae/xjA
wIf+UvvntOkLwOiQWeCy2LMX3JbLvIUeirqtBeTDfgX80kcr6NHu6tDtiwY+V1/O
149pewBHebrMnJl90CayqDyF34RfZI/t2Z50LdLwPw2nTFgl1IO0Cou9qmfKW4gB
RNHtfGveYaR4wL6pF0ruiKGlwnh6cHFtS4a32G3HrQ7WKjk9FVGiDJvo93TBfUMl
mDjIqpq3wCCJynxGyVmQVWH65/3gtnduCDfKrmbrL2DYUJeqBWW3cyPlSxEO/ei7
3Jx3qM5Jzngh9YRSUYBh5+3XB+4smsjRqpNtC3RdD074qxKhM5Acb0YcGmLJfgw4
3/d2JXQFvPJv8bKZ/WsK5VUeTGgqvi/8j2BqZjf6TMXKQRVmJ8tvvW/SBSqPZlCJ
kAslCDHslFeD6QYwMA==
-----END CERTIFICATE-----
  • openvpn.conf
client
remote 62.220.138.151
ca /home/fixme/ca.pem
auth-user-pass
dev tun
proto tcp
nobind
auth-nocache
script-security 2
persist-key
persist-tun
comp-lzo

First Contact

Email

Hi rwthCTF Teams,

with this message, the first ever rwthCTF is officially in the "team-preparation" phase. Attached to this mail you can find the first instructional README.txt file, a rough diagram of our network setup and a second document (codewars.txt) that serves as a small appetizer for the upcoming challenges in the CTF. The appetizer (codewars documentation) only describes a small part of the CTF event - we will have lots of programming languages and skill areas covered. Also the scripts mentioned in the document will only be made available when the competition starts.

Additionally we prepared a "test-vulnbox" that can be downloaded from the link below. This is _NOT_ the final vulnbox image. Please refer to the README for further pointers. You will need this once VPN credentials are released - probably on next Monday (again see README).

This E-Mail is signed with a PGP key and sent in PGP/MIME. Please download the corresponding public key from http://ctf.itsec.rwth-aachen.de/ and verify the signature. All further mail communication from rwthCTF organizers will be signed with this key as well.

Cheers,

rwthCTF Orga

Test-Vulnbox: xxxxxxx

GPG-symmetric-passphrase: xxxxxxx


Attachments: File:README.txt File:Codewars.txt

Network.png

VPN Credentials

Email

Hi rwthCTF Teams,

with this mail you get your VPN credentials. This includes the openvpn config file (client.conf), your team certificate (teamX.cert) and your private key (teamX.key). Also needed by OpenVPN and attached to this mail are the CA certificate "rwthctfca.pem" and a TLS shared key "ta.key". These credentials can only be used from _ONE_ machine at a time.

The X in the files you receive is your team ID. This also specifies your IP subnet 10.11.X.0/24! Please refer to the earlier README.txt for further details.

Please connect to the VPN, set your IP addresses and bring up your routing. Also start the Test Vulnbox and set it to 10.11.X.2.

You can view a preliminary scoreboard at http://10.11.0.1/ During the CTF we allow flag submission at 10.11.0.1 port 1/tcp. This should already be online for testing purposes, but you can not score any points before the CTF starts on September 30th. The rest of the network is pretty locked down at the moment - you may ICMP, though.

Any further questions should be asked via E-Mail or the #rwthctf IRC channel on freenode.

One last thing: each team was assigned a unique secret passphrase (secret.txt) that is needed for certain critical actions during the competition. Keep it safe!

Cheers, -rwthCTF Orga