mirror of https://github.com/dirtbags/moth.git
A couple fixes made during NSM
This commit is contained in:
Neale Pickett
parent
7fba5155b1
commit
4c4656ede0
|
|
@ -1,6 +1,5 @@
|
|||
Ideas for puzzles
|
||||
=================
|
||||
* Hide something in a .docx zip file
|
||||
* Bootable image with FreeDOS, Linux, Inferno? HURD?
|
||||
* Bury puzzles in various weird locations within each OS
|
||||
* Maybe put some in the boot loader, too
|
||||
|
|
@ -9,7 +8,16 @@ Ideas for puzzles
|
|||
* DHCP option
|
||||
* Single TCP RST with token in payload
|
||||
* Multiple TCP RST with different payloads
|
||||
* http://10.0.0.2/token
|
||||
* PXE boot some sort of points-gathering client
|
||||
* Init asks for a team hash, and starts awarding points
|
||||
* Broken startup scripts, when fixed award more points
|
||||
* Lots of remote exploits
|
||||
* "qemu -net socket" vpn thingy and then...
|
||||
|
||||
|
||||
Capture the Packet
|
||||
------------------
|
||||
|
||||
* Jim Meilander could teach a class about Bro
|
||||
* Use qemu -net socket,connect=10.0.0.2:5399 for capture the packet
|
||||
|
|
|
|||
|
|
@ -49,7 +49,7 @@ main(int argc, char *argv[])
|
|||
char *p;
|
||||
|
||||
for (p = category; *p; p += 1) {
|
||||
if (! isalnum(*p)) {
|
||||
if ((! isalnum(*p)) && ('-' != *p)) {
|
||||
cgi_page("Invalid category", "");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -162,4 +162,6 @@ table.pollster thead {
|
|||
font-weight: bold;
|
||||
}
|
||||
|
||||
|
||||
table.scoreboard {
|
||||
height: 400px;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,14 +1,15 @@
|
|||
#! /bin/sh
|
||||
|
||||
port=8888
|
||||
host=10.0.0.10
|
||||
|
||||
blooper=$(tempfile)
|
||||
trap "rm $blooper" 0
|
||||
|
||||
echo foo | socat -t 0.01 STDIO UDP:127.0.0.1:8888 | tail -n +4 > $blooper
|
||||
echo foo | socat -t 0.01 STDIO UDP:$host:$port | tail -n +4 > $blooper
|
||||
|
||||
for i in $(seq 8); do
|
||||
result=$(socat -t 0.01 STDIO UDP:127.0.0.1:$port < $blooper | awk -F': ' '(NF > 1) {print $2; exit;}')
|
||||
result=$(socat -t 0.01 STDIO UDP:$host:$port < $blooper | awk -F': ' '(NF > 1) {print $2; exit;}')
|
||||
port=$(echo "ibase=8; $result" | bc)
|
||||
echo $port
|
||||
done
|
||||
|
|
|
|||
|
|
@ -1,8 +1,10 @@
|
|||
#! /bin/sh
|
||||
|
||||
if ! [ -d /opt/mcp ]; then
|
||||
hostname pwnables
|
||||
ifconfig eth0 10.0.0.10 netmask 255.0.0.0
|
||||
if [ -d /opt/mcp ]; then
|
||||
sv d .
|
||||
exit
|
||||
fi
|
||||
|
||||
hostname pwnables
|
||||
ifconfig eth0 10.0.0.10 netmask 255.0.0.0
|
||||
exec inotifyd true $(pwd):x
|
||||
|
|
|
|||
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
exec logger -t sshd
|
||||
Binary file not shown.
|
|
@ -0,0 +1,10 @@
|
|||
#! /bin/sh
|
||||
|
||||
exec 2>&1
|
||||
|
||||
if [ -d /opt/mcp ]; then
|
||||
sv d .
|
||||
exit
|
||||
fi
|
||||
|
||||
exec dropbear -r ./rsa.key -E -F
|
||||
Loading…
Reference in New Issue