CTF4FUN
CTF4FUN is a CTF intended for training: we will replay an old CTF.
Organized by CDA and CCCHH.
Here's some technical details:
Start time: 4PM CEST, June 14th 2009.
Mailing list for questions, discussion et al.: http://mail-1.ramdrive.org/cgi-bin/mailman/listinfo/ctf4fun
Each team needs to configure two machines: A VPN gateway and a vulnerable image.
VPN Gateway
The VPN gateway routes between your teams' machines, your vulnerable image, and the rest of the CTF VPN. You must use OpenVPN to connect to the CTF VPN; the configuration file is supplied. Certificates and Keys are mailed out to each team.
There's an illustration of a typical CTF network (and we'll use exactly that setup):
Vulnerable Image
The vulnerable image can be downloaded; when the CTF begins, we will give you the password. The decryption command is:
openssl aes-256-cbc -d -in $(FILE).tar.bz2.aes | tar xvfj -
There is a test vmware image which you can use to test the connectivity; the gameserver statuspage updates regularily. Note that while the test image is a FreeBSD, the real CTF image will be some mainstream linux. Also note that while the test vmware image originally was for the da-op3n CTF contest, it also works perfectly fine for the ctf4fun.
Gameserver
The gameserver can be reached from within the VPN network via
telnet 10.100.23.100 8080You usually do not connect to the gameserver directly; there is a flag reporting script and an advisory reporting script available (both need python2.5). The flag reporting script can also be imported as a module from other python scripts.
Your current rank, service stati as well as all reported advisories can be viewed on the status page (only from within the VPN). Note that there is an RSS feed for advisories.
Bewertung der MRMCD-Vorträge
