Emergency checkin-building flooded

This commit is contained in:
Neale Pickett 2011-02-03 07:31:42 -07:00
parent 8472583ad4
commit b2e82bfed4
44 changed files with 803 additions and 153 deletions

View File

@ -0,0 +1,71 @@
From: The Dirtbags <zephyr@dirtbags.net>
To: RECIP
Subject: WIN BIG AT CAPTURE THE FLAG!!!
Message-ID: <cG9zdGVyczp4YW5hZC1wb2xveA==@dirtbags.net>
MIME-Version: 1.0
Content-type: multipart/alternative; boundary=eJwryC8uSS0qtqpIzc1P1i3OT86vAABObgfA
X-Face: '8$#2%$m/.;29z5"5"/
There are 5 tokens hidden in this message. Can you find them all?
--eJwryC8uSS0qtqpIzc1P1i3OT86vAABObgfA
Content-type: text/plain; charset=UTF-8
CTF starts TOMORROW! Do you have sufficient stores of Mountain Dew?
This is CMU's first ever CTF, so please be ready for a couple of
hiccups. Likewise, we expect you to be totally lost for a while, as you
get your bearings. While we tried to cover everything in the
registration web page, here are some points worth repeating:
Your machine really ought to have netcat and nmap, and whatever
programming language(s) you prefer. An Ubuntu live CD has, at past
contests, not been sufficient. It's also a good idea to make sure your
computer works before you show up. Time is precious, don't spend yours
installing an operating system.
We will have a switch at each table with gobs of ports, but you should
bring your own network cable. We will *not* provide an Internet
connection, so figure out now how you're going to get onto the Internet
(you will need it).
If you have any questions, or would just like to hang out and shoot the
breeze, feel free to hop on IRC (server woozle.org, channel #ctf).
We hope you have as much fun playing this as we're going to have
watching you work!
The Dirtbags
PS: are you aware of how much data can be hidden in a single email?
--eJwryC8uSS0qtqpIzc1P1i3OT86vAABObgfA
Content-type: text/html; charset=UTF-8
<p>CTF starts TOMORROW! Do you have sufficient stores of Mountain Dew?</p>
<p>This is CMU's first ever CTF, so please be ready for a couple of
hiccups. Likewise, we expect you to be totally lost for a while, as you
get your bearings. While we tried to cover everything in the
registration web page, here are some points worth repeating:</p>
<p>Your machine really ought to have netcat and nmap, and whatever
programming language(s) you prefer. An Ubuntu live CD has, at past
contests, not been sufficient. It's also a good idea to make sure your
computer works before you show up. Time is precious, don't spend yours
installing an operating system.</p>
<p>We will have a switch at each table with gobs of ports, but you should
bring your own network cable. We will *not* provide an Internet
connection, so figure out now how you're going to get onto the Internet
(you will need it).</p>
<p>If you have any questions, or would just like to hang out and shoot the
breeze, feel free to hop on IRC (server woozle.org, channel #ctf).</p>
<p>We hope you have as much fun playing this as we're going to have
watching you work!</p>
<p><a href="http://dirtbags.net/#have_you_examined_the_email_closely?">The Dirtbags</a></p>
--eJwryC8uSS0qtqpIzc1P1i3OT86vAABObgfA--
cbfgref:krzbp-fbpbk

BIN
doc/2011-01-CMU/thanks.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 81 KiB

BIN
doc/2011-01-CMU/thanks/blob Normal file

Binary file not shown.

Binary file not shown.

After

Width:  |  Height:  |  Size: 81 KiB

BIN
doc/2011-01-CMU/thanks/thanks Executable file

Binary file not shown.

View File

@ -0,0 +1,19 @@
char *t = (
"Thank you for helping make Capture The Flag a success! We couldn't"
"have done it without you."
"As our way of saying thank you, we humbly offer this image"
"proclaiming you to be a cool person. Please feel free to print"
"off a copy of this image and post it in your window, over your"
"pannier, on your forehead, or wherever else you feel is appropriate."
"Sincerely,"
" The Dirtbags"
);
#include <stdio.h>
int main(){char*p=t;while(1){int
c=getchar();if(EOF==c)break;
putchar(c^*p);if(!*++p)p=t;}return
0;}

Binary file not shown.

After

Width:  |  Height:  |  Size: 81 KiB

View File

@ -0,0 +1,371 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) -->
<svg
xmlns:dc="http://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
width="765"
height="990"
id="svg6189"
sodipodi:version="0.32"
inkscape:version="0.46"
sodipodi:docname="thanks.svg"
inkscape:output_extension="org.inkscape.output.svg.inkscape"
version="1.0"
inkscape:export-filename="/home/neale/src/ctf/doc/2011-01-CMU/thanks.png"
inkscape:export-xdpi="150.14934"
inkscape:export-ydpi="150.14934">
<defs
id="defs6191">
<inkscape:perspective
sodipodi:type="inkscape:persp3d"
inkscape:vp_x="0 : 526.18109 : 1"
inkscape:vp_y="0 : 1000 : 0"
inkscape:vp_z="744.09448 : 526.18109 : 1"
inkscape:persp3d-origin="372.04724 : 350.78739 : 1"
id="perspective6197" />
</defs>
<sodipodi:namedview
id="base"
pagecolor="#ffffff"
bordercolor="#666666"
borderopacity="1.0"
gridtolerance="10000"
guidetolerance="10"
objecttolerance="10"
inkscape:pageopacity="1"
inkscape:pageshadow="2"
inkscape:zoom="0.98994949"
inkscape:cx="422.51351"
inkscape:cy="616.26542"
inkscape:document-units="px"
inkscape:current-layer="layer1"
showgrid="false"
inkscape:window-width="700"
inkscape:window-height="1006"
inkscape:window-x="0"
inkscape:window-y="14"
inkscape:window-maximized="0" />
<metadata
id="metadata6194">
<rdf:RDF>
<cc:Work
rdf:about="">
<dc:format>image/svg+xml</dc:format>
<dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
</cc:Work>
</rdf:RDF>
</metadata>
<g
inkscape:label="Layer 1"
inkscape:groupmode="layer"
id="layer1">
<text
xml:space="preserve"
style="font-size:20px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:start;line-height:125%;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Nimbus Mono L;-inkscape-font-specification:Nimbus Mono L"
x="180.31223"
y="241.71477"
id="text6815"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
id="tspan6817"
x="180.31223"
y="241.71477" /></text>
<text
xml:space="preserve"
style="font-size:40px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:start;line-height:100%;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;font-family:URW Gothic L;-inkscape-font-specification:URW Gothic L"
x="166.99641"
y="77.913406"
id="text2833"
sodipodi:linespacing="100%"><tspan
sodipodi:role="line"
id="tspan2835"
x="166.99641"
y="77.913406">Capture the Flag 2011</tspan></text>
<text
xml:space="preserve"
style="font-size:20px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:start;line-height:125%;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Nimbus Mono L;-inkscape-font-specification:Nimbus Mono L"
x="501.03568"
y="132.38049"
id="text2533"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
x="501.03568"
y="132.38049"
id="tspan2537" /></text>
<text
sodipodi:linespacing="125%"
id="text2545"
y="114.27893"
x="368.68829"
style="font-size:20px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:start;line-height:125%;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;font-family:URW Gothic L;-inkscape-font-specification:URW Gothic L"
xml:space="preserve"><tspan
y="114.27893"
x="368.68829"
sodipodi:role="line"
id="tspan2553">at</tspan></text>
<g
id="g7134"
transform="matrix(-1,0,0,1,251.1405,-389.69456)">
<path
style="fill:#f1e06b;fill-opacity:1;stroke:none"
d="m 137.85847,492.90822 c 0,3.4517 0.37818,26.7723 1.09535,30.00926 1.76377,8.88016 7.47321,13.99286 16.04706,15.93879 3.98502,0.74326 8.51783,-15.55472 13.43722,-15.64555 4.91939,-0.0908 10.22535,16.0255 15.75668,16.0255 5.55727,0 10.88704,-16.12546 15.82585,-16.0506 4.9388,0.0749 9.48664,16.35005 13.48001,15.57939 9.04184,-1.50027 13.76948,-7.68418 15.99884,-16.13965 0.67582,-3.14707 1.03162,-26.36915 1.03162,-29.71714 0,-25.57306 -20.75867,-46.328 -46.33632,-46.328 -25.57764,0 -46.33631,20.75494 -46.33631,46.328 z"
id="path4877"
sodipodi:nodetypes="cccsssccssc"
inkscape:connector-curvature="0" />
<path
style="fill:#ececec;fill-opacity:1;stroke:none"
d="m 230.72045,434.68054 -7.07106,-9.19239 0,37.47666 7.07106,0 0,-28.28427 z"
id="path4879"
sodipodi:nodetypes="ccccc"
inkscape:connector-curvature="0" />
<path
style="fill:#00003f;fill-opacity:1;stroke:none"
d="m 232.29339,460.559 -9.25,0 0,57.75 9.25,-3.50001 0,-54.24999 z"
id="path4881"
sodipodi:nodetypes="ccccc"
inkscape:connector-curvature="0" />
<path
style="fill:#2b1100;fill-opacity:1;stroke:none"
d="m 184.18776,446.57997 c 25.57765,0 46.34376,20.7661 46.34375,46.34375 0,3.34859 -0.35543,26.57111 -1.03125,29.71875 -2.22935,8.457 -6.95816,14.62446 -16,16.125 -3.99338,0.77079 -8.56119,-15.48763 -13.5,-15.5625 -4.93881,-0.0749 -10.25524,16.03125 -15.8125,16.03125 -5.53133,0 -10.83062,-16.12209 -15.75,-16.03125 -4.91938,0.0909 -9.45248,16.39964 -13.4375,15.65625 -8.57385,-1.94628 -14.29873,-7.05576 -16.0625,-15.9375 -0.71716,-3.23754 -1.09374,-26.54769 -1.09375,-30 0,-25.57765 20.7661,-46.34374 46.34375,-46.34375 z m -26.5,24.0625 c -8.39444,-10e-6 -18.05691,4.89815 -18.17896,11.91762 -0.1329,7.51837 9.53454,14.26988 17.92896,14.26988 5.93958,10e-6 11.30965,-3.1877 13.8125,-8.15625 2.2337,5.62139 7.46096,9.34375 13.875,9.34375 8.39442,-10e-6 30.84979,-8.1589 30.5766,-14.53977 -0.18827,-4.3975 -21.93218,-11.61648 -30.3266,-11.61648 -5.94605,0 -12.06269,3.92892 -14.5625,8.90625 -2.23266,-5.62356 -6.7094,-10.125 -13.125,-10.125 z"
id="path4883"
sodipodi:nodetypes="csccsssccsccsscssscc"
inkscape:connector-curvature="0" />
<path
style="fill:#ff0000;fill-rule:evenodd;stroke:none"
d="m 240.04339,480.05901 c 0,0 -10.25,-16 -11.25,-9.5 -1,6.5 8,7.5 11.25,9.5 z"
id="path4885"
inkscape:connector-curvature="0" />
<path
id="path4887"
d="m 244.20661,472.0655 c 0,0 -18.96174,-1.23088 -13.75664,-5.25046 5.2051,-4.01957 10.43404,3.37354 13.75664,5.25046 z"
style="fill:#ff0000;fill-rule:evenodd;stroke:none"
inkscape:connector-curvature="0" />
<path
sodipodi:type="arc"
style="fill:#ffffff;fill-opacity:1;stroke:none"
id="path4889"
sodipodi:cx="239.5"
sodipodi:cy="417.86218"
sodipodi:rx="15.5"
sodipodi:ry="15.5"
d="m 255,417.86218 c 0,8.56042 -6.93959,15.5 -15.5,15.5 -8.56041,0 -15.5,-6.93958 -15.5,-15.5 0,-8.56041 6.93959,-15.5 15.5,-15.5 8.56041,0 15.5,6.93959 15.5,15.5 z"
transform="matrix(-0.7128664,0,0,0.7128664,326.76806,186.37608)" />
<path
sodipodi:type="arc"
style="fill:#000000;fill-opacity:1;stroke:none"
id="path4891"
sodipodi:cx="239.5"
sodipodi:cy="417.86218"
sodipodi:rx="15.5"
sodipodi:ry="15.5"
d="m 255,417.86218 c 0,8.56042 -6.93959,15.5 -15.5,15.5 -8.56041,0 -15.5,-6.93958 -15.5,-15.5 0,-8.56041 6.93959,-15.5 15.5,-15.5 8.56041,0 15.5,6.93959 15.5,15.5 z"
transform="matrix(-0.4369181,0,0,0.4369181,257.11412,302.3973)" />
<path
transform="matrix(-0.7128664,0,0,0.7128664,355.28271,186.37608)"
d="m 255,417.86218 c 0,8.56042 -6.93959,15.5 -15.5,15.5 -8.56041,0 -15.5,-6.93958 -15.5,-15.5 0,-8.56041 6.93959,-15.5 15.5,-15.5 8.56041,0 15.5,6.93959 15.5,15.5 z"
sodipodi:ry="15.5"
sodipodi:rx="15.5"
sodipodi:cy="417.86218"
sodipodi:cx="239.5"
id="path4893"
style="fill:#ffffff;fill-opacity:1;stroke:none"
sodipodi:type="arc" />
<path
transform="matrix(-0.4369181,0,0,0.4369181,285.62877,302.3973)"
d="m 255,417.86218 c 0,8.56042 -6.93959,15.5 -15.5,15.5 -8.56041,0 -15.5,-6.93958 -15.5,-15.5 0,-8.56041 6.93959,-15.5 15.5,-15.5 8.56041,0 15.5,6.93959 15.5,15.5 z"
sodipodi:ry="15.5"
sodipodi:rx="15.5"
sodipodi:cy="417.86218"
sodipodi:cx="239.5"
id="path4895"
style="fill:#000000;fill-opacity:1;stroke:none"
sodipodi:type="arc" />
<path
sodipodi:type="star"
style="fill:#999999;fill-opacity:1;stroke:none"
id="path4897"
sodipodi:sides="4"
sodipodi:cx="458"
sodipodi:cy="437.5"
sodipodi:r1="7.3527207"
sodipodi:r2="2.9098985"
sodipodi:arg1="0.95449939"
sodipodi:arg2="1.1053447"
inkscape:flatsided="false"
inkscape:rounded="0"
inkscape:randomized="0"
d="M 462.25,443.5 459.30604,440.10034 452,441.75 455.39966,438.80604 453.75,431.5 456.69396,434.89966 464,433.25 l -3.39966,2.94396 z"
transform="matrix(-1.3125,0,0,1.3125,744.79339,-67.03474)" />
<path
transform="matrix(-1.3125,0,0,1.3125,759.04339,-63.28474)"
d="M 462.25,443.5 459.30604,440.10034 452,441.75 455.39966,438.80604 453.75,431.5 456.69396,434.89966 464,433.25 l -3.39966,2.94396 z"
inkscape:randomized="0"
inkscape:rounded="0"
inkscape:flatsided="false"
sodipodi:arg2="1.1053447"
sodipodi:arg1="0.95449939"
sodipodi:r2="2.9098985"
sodipodi:r1="7.3527207"
sodipodi:cy="437.5"
sodipodi:cx="458"
sodipodi:sides="4"
id="path4899"
style="fill:#999999;fill-opacity:1;stroke:none"
sodipodi:type="star" />
<path
style="fill:#ff0000;fill-opacity:1;stroke:none"
d="m 223.29339,463.559 -78,0 c -3.17046,0.93258 -2.20659,2.69202 -2.25,4.25001 l 83.25,0 c 0.40565,-2.11949 -0.74064,-3.46302 -3,-4.25001 z"
id="path4901"
sodipodi:nodetypes="ccccc"
inkscape:connector-curvature="0" />
<path
sodipodi:type="arc"
style="fill:#ff0000;fill-opacity:1;stroke:none"
id="path4903"
sodipodi:cx="393.125"
sodipodi:cy="404.125"
sodipodi:rx="3.625"
sodipodi:ry="3.625"
d="m 396.75,404.125 c 0,2.00203 -1.62297,3.625 -3.625,3.625 -2.00203,0 -3.625,-1.62297 -3.625,-3.625 0,-2.00203 1.62297,-3.625 3.625,-3.625 2.00203,0 3.625,1.62297 3.625,3.625 z"
transform="matrix(-1,0,0,1,621.04339,64.05901)" />
</g>
<g
style="display:inline"
id="g4943"
transform="matrix(-1,0,0,1,843.8505,-582.82052)">
<path
style="fill:#c87137;fill-opacity:1;stroke:none"
d="m 201.92989,686.02586 c 0,3.45232 -0.37818,26.77711 -1.09535,30.01465 -1.76377,8.88175 -7.47321,13.99537 -16.04706,15.94165 -3.98502,0.7434 -8.51783,-15.55751 -13.43722,-15.64836 -4.91939,-0.0909 -10.22535,16.02838 -15.75668,16.02838 -5.55727,0 -10.88704,-16.12835 -15.82585,-16.05348 -4.9388,0.0749 -9.48664,16.35298 -13.48001,15.58219 -9.04184,-1.50054 -13.76948,-7.68556 -15.99884,-16.14255 -0.67582,-3.14764 -1.03162,-26.37389 -1.03162,-29.72248 0,-25.57764 20.75867,-46.33631 46.33632,-46.33631 25.57764,0 46.33631,20.75867 46.33631,46.33631 z"
id="path4984"
sodipodi:nodetypes="cccsssccssc"
inkscape:connector-curvature="0" />
<path
sodipodi:type="arc"
style="fill:#ffffff;fill-opacity:1;stroke:none"
id="path4990"
sodipodi:cx="239.5"
sodipodi:cy="417.86218"
sodipodi:rx="15.5"
sodipodi:ry="15.5"
d="m 255,417.86218 c 0,8.56042 -6.93959,15.5 -15.5,15.5 -8.56041,0 -15.5,-6.93958 -15.5,-15.5 0,-8.56041 6.93959,-15.5 15.5,-15.5 8.56041,0 15.5,6.93959 15.5,15.5 z"
transform="matrix(0.7128664,0,0,0.7128664,13.0203,379.94798)" />
<path
sodipodi:type="arc"
style="fill:#000000;fill-opacity:1;stroke:none"
id="path4994"
sodipodi:cx="239.5"
sodipodi:cy="417.86218"
sodipodi:rx="15.5"
sodipodi:ry="15.5"
d="m 255,417.86218 c 0,8.56042 -6.93959,15.5 -15.5,15.5 -8.56041,0 -15.5,-6.93958 -15.5,-15.5 0,-8.56041 6.93959,-15.5 15.5,-15.5 8.56041,0 15.5,6.93959 15.5,15.5 z"
transform="matrix(0.4369181,0,0,0.4369181,82.67424,495.9692)" />
<path
sodipodi:nodetypes="ccccc"
id="path5016"
d="m 108.94063,703.44381 c 36.73049,-13.59995 57.10773,-33.92799 77.78175,-53.03301 1.34475,0.59979 2.58937,1.29971 3.0052,2.82842 -17.38021,17.73274 -33.8719,35.40994 -80.61017,54.97756 -0.88087,-1.59099 -1.17527,-3.18198 -0.17678,-4.77297 z"
style="fill:#000000;fill-rule:evenodd;stroke:none"
inkscape:connector-curvature="0" />
<path
transform="matrix(0.7128664,0,0,0.7128664,-15.49436,379.94799)"
d="m 255,417.86218 c 0,8.56042 -6.93959,15.5 -15.5,15.5 -8.56041,0 -15.5,-6.93958 -15.5,-15.5 0,-8.56041 6.93959,-15.5 15.5,-15.5 8.56041,0 15.5,6.93959 15.5,15.5 z"
sodipodi:ry="15.5"
sodipodi:rx="15.5"
sodipodi:cy="417.86218"
sodipodi:cx="239.5"
id="path4998"
style="fill:#000000;fill-opacity:1;stroke:none"
sodipodi:type="arc" />
<path
sodipodi:nodetypes="ccc"
id="path5113"
d="m 106.72549,679.42961 c 22.22463,1.2651 46.14752,-16.22323 73.25,-35.25 -36.70369,-24.71655 -71.84396,3.72381 -73.25,35.25 z"
style="fill:#ff0000;fill-rule:evenodd;stroke:none"
inkscape:connector-curvature="0" />
<path
style="fill:#ffffff;fill-opacity:1;stroke:none"
d="m 156.816,637.60365 c -0.87698,0.52431 -0.38045,1.56698 0.70794,2.29091 0.22072,0.0113 0.42813,-0.0591 0.61955,-0.12649 -0.12119,0.51926 -0.0245,0.65733 -0.12589,1.34469 0.69038,-0.28011 1.03335,-0.38346 1.65877,-0.447 -0.0242,-0.44056 0.0747,-0.41629 0.0295,-0.77857 0.17059,0.0734 0.34244,0.1002 0.54309,0.11053 1.99911,-0.25925 1.80233,-1.94029 0.10992,-2.50733 -0.5253,-0.0271 -0.95276,0.17838 -1.22711,0.53081 -0.42218,-0.32817 -0.97252,-0.47515 -1.46596,-0.68525 -0.35763,0.0559 -0.64742,0.14672 -0.84979,0.2677 z m -6.14725,5.73487 c -0.37399,0.21336 -0.69744,0.65885 -0.89555,1.27806 0.0182,0.52568 0.2623,0.95061 0.63703,1.19365 -0.29405,0.45994 -0.41123,0.99537 -0.55968,1.5157 0.42758,1.94583 2.12459,1.62368 2.55185,-0.0758 -0.008,-0.2209 -0.0659,-0.42051 -0.14951,-0.60541 0.26979,0.0389 0.25994,0.0294 0.57502,0.0592 -0.0109,-0.58848 -0.0116,-1.01099 0.40065,-1.67165 -0.58739,0.0798 -0.58026,-0.0318 -1.03706,0.0657 0.0584,-0.1763 0.12638,-0.37945 0.11943,-0.58023 -0.28847,-1.24498 -1.01886,-1.53481 -1.64218,-1.17923 z m 5.76684,-1.03366 c -2.52622,1.5494 -3.88115,3.95319 -3.01454,5.36616 0.62902,1.02559 2.26554,1.2489 4.07428,0.70154 0.0731,0.13714 0.13365,0.26957 0.21706,0.40556 1.26052,2.05524 3.22705,3.15408 4.38313,2.44503 1.15607,-0.70903 1.06807,-2.96003 -0.19247,-5.01527 -0.10188,-0.1661 -0.20935,-0.31634 -0.31958,-0.46941 1.13505,-1.29811 1.59166,-2.72631 1.00178,-3.68808 -0.8666,-1.41298 -3.62344,-1.29493 -6.14966,0.25447 z m 2.52175,1.11507 c 0.36859,-0.22607 0.84489,-0.12071 1.06316,0.23517 0.21828,0.35588 0.0963,0.8282 -0.27232,1.05426 -0.36859,0.22607 -0.84489,0.12071 -1.06316,-0.23517 -0.21828,-0.35589 -0.0963,-0.82819 0.27232,-1.05426 z m -2.36335,1.82974 c 0.36858,-0.22606 0.84489,-0.12071 1.06316,0.23518 0.21827,0.35588 0.0963,0.82819 -0.27232,1.05426 -0.3686,0.22607 -0.84489,0.12071 -1.06317,-0.23517 -0.21828,-0.35589 -0.0963,-0.8282 0.27233,-1.05427 z m 8.25513,-2.40136 c -0.37398,0.21337 -0.72046,0.67299 -0.91858,1.29219 0.008,0.23888 0.0674,0.43261 0.16364,0.62845 -0.47373,-0.0824 -0.60782,-0.13149 -1.25259,-0.18237 -0.20698,0.39334 -0.36966,0.68123 -0.70766,1.06777 0.20762,0.23027 0.23261,0.48259 0.39173,0.74203 0.99043,-0.137 1.38437,-0.18922 1.9931,-0.36685 -0.18607,0.2624 -0.32734,0.61974 -0.31469,0.98519 0.44276,1.92192 2.13171,1.64662 2.55185,-0.0758 -0.0257,-0.74255 -0.52143,-1.34903 -1.15342,-1.41563 0.57363,-0.34962 0.65866,-0.85655 0.86577,-1.48161 -0.28848,-1.24496 -0.99582,-1.54892 -1.61915,-1.19335 z m -7.59356,6.11494 c -0.29825,0.95526 0.24993,1.96301 0.41475,3.10446 -0.24544,-0.20794 -0.58808,-0.34716 -0.95326,-0.36597 -1.977,0.27045 -1.753,1.96099 -0.0958,2.53036 0.74201,0.0382 1.35143,-0.43739 1.4721,-1.06132 0.31689,0.6031 0.80868,0.76707 1.42298,1.02849 1.99911,-0.25928 1.81122,-1.97744 0.11883,-2.54448 -0.2387,-0.0123 -0.46742,0.0155 -0.67082,0.0946 0.0921,-0.34839 -0.0156,-0.47975 0.0651,-0.92717 -0.54877,-0.4473 -0.72766,-0.72142 -1.16754,-1.43864 -0.0834,-0.13598 -0.53324,-0.28316 -0.60634,-0.42029 z m 1.72353,0.0203 2.48678,-1.5252 0.33893,0.55261 -2.48677,1.5252 -0.33894,-0.55261 z"
id="path2901"
inkscape:connector-curvature="0" />
<path
sodipodi:nodetypes="csc"
id="path5119"
d="m 83.78439,674.18891 c 0,0 23.48188,-6.45517 19.95191,5.47353 -2.14258,7.24037 -17.77342,-3.3647 -19.95191,-5.47353 z"
style="fill:#ff0000;fill-rule:evenodd;stroke:none"
inkscape:connector-curvature="0" />
<path
style="fill:#ff0000;fill-rule:evenodd;stroke:none"
d="m 86.84178,697.26453 c 0,0 15.95112,-23.66444 21.78836,-10.63431 3.54304,7.90892 -18.27368,10.77951 -21.78836,10.63431 z"
id="path5121"
sodipodi:nodetypes="csc"
inkscape:connector-curvature="0" />
<path
transform="matrix(1.4125247,0,0,1.4125247,-112.90968,268.08805)"
d="m 158.5,292 c 0,2.20914 -1.79086,4 -4,4 -2.20914,0 -4,-1.79086 -4,-4 0,-2.20914 1.79086,-4 4,-4 2.20914,0 4,1.79086 4,4 z"
sodipodi:ry="4"
sodipodi:rx="4"
sodipodi:cy="292"
sodipodi:cx="154.5"
id="path5123"
style="fill:#ff0000;fill-opacity:1;stroke:none"
sodipodi:type="arc" />
</g>
<text
xml:space="preserve"
style="font-size:40px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:start;line-height:125%;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;font-family:URW Gothic L;-inkscape-font-specification:URW Gothic L"
x="116.03641"
y="157.71547"
id="text2549"
sodipodi:linespacing="125%"><tspan
sodipodi:role="line"
id="tspan2551"
x="116.03641"
y="157.71547">Central Michigan University</tspan></text>
<text
sodipodi:linespacing="125%"
id="text2577"
y="213.27388"
x="379.68344"
style="font-size:20px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:center;line-height:125%;writing-mode:lr-tb;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none;font-family:URW Gothic L;-inkscape-font-specification:URW Gothic L"
xml:space="preserve"><tspan
y="213.27388"
x="379.68344"
id="tspan2579"
sodipodi:role="line">happened with my help</tspan><tspan
y="238.27388"
x="379.68344"
sodipodi:role="line"
id="tspan2688">because I am a cool person!</tspan></text>
<g
id="g2682"
transform="matrix(0.65682,0,0,0.65682,56.884352,76.892052)">
<g
style="display:inline"
id="g2779"
transform="matrix(0.3735863,0,0,0.3735863,13.30028,7.3746232)">
<path
sodipodi:nodetypes="csssccccccsccssscsscczczczcccccccsscscccccccccscscccc"
id="path2781"
d="M 127.1141,465.5924 C 91.814047,465.5924 66.89506,504.2459 69.859396,529.82972 C 71.761234,546.24359 81.651632,548.75843 96.01098,575.0839 C 104.71039,591.03284 111.56039,612.77438 100.19257,619.35575 C 88.824765,625.93711 53.531251,643.88779 53.53125,643.88779 L 53.53125,731.25 L 228.8265,731.25 C 228.8265,731.25 230.62049,725.86487 229.42387,714.49706 C 243.87007,715.26906 254.19943,715.68227 269.51412,713.28904 C 290.82939,704.65951 302.41803,697.91484 316.18872,691.15976 C 319.30006,687.58786 324.5538,662.43638 323.35717,651.66689 C 322.17857,641.0595 321.01036,622.90838 315.83029,608.07206 C 315.83112,607.62561 315.81244,607.17371 315.77719,606.71802 C 317.90386,598.92728 318.64423,595.20653 320.96769,587.65525 C 323.36091,579.87727 313.19812,579.87221 315.59134,573.88916 C 317.98457,567.9061 319.77015,572.09667 321.56506,555.3441 C 323.35997,538.59153 316.6504,536.93715 312.59122,530.81206 C 313.93239,525.70068 314.54999,522.63654 307.07568,516.5878 C 303.81694,513.9506 301.55946,512.46778 297.4356,512.23126 C 293.31173,511.99474 287.68977,511.89966 279.91179,511.30135 C 279.95788,511.237 279.68945,518.04719 279.8219,518.15083 C 279.59187,518.15083 272.97826,508.24505 268.82685,511.94803 C 264.86347,515.4833 273.24628,527.8739 273.24627,527.59611 C 273.51087,527.66524 264.87102,526.81018 264.1245,530.81206 C 263.39332,534.73169 269.93358,536.10993 269.84182,536.20168 C 269.75006,535.92516 263.79217,535.24252 263.99859,539.96567 C 264.22106,545.05637 272.74333,545.38736 272.74334,545.5438 C 268.67573,555.71281 254.50626,589.03774 244.98208,611.57664 C 247.97361,618.15801 274.90373,620.56376 274.90373,620.56376 C 274.90373,620.56376 277.7599,637.70722 270.70886,644.48516 C 261.13596,645.96638 226.25358,641.8655 203.09971,630.13497 C 183.35561,625.94684 173.54242,629.40149 162.4121,627.13484 C 163.71562,615.17348 164.21749,608.58979 164.21749,608.58979 C 164.21749,608.58979 179.77569,606.19506 179.77569,584.05775 C 179.77569,561.92042 189.27078,560.03657 186.94414,548.16237 C 185.05685,538.53041 181.53399,532.45339 189.1876,524.09495 C 194.98993,515.09543 195.91779,501.48946 187.54152,491.91656 C 175.82743,478.52903 162.41416,465.5924 127.1141,465.5924 z M 283.08108,515.50608 C 282.97494,515.60488 286.88702,515.90504 291.28498,516.19638 C 291.7627,519.41501 296.839,523.95317 299.88712,526.41806 C 299.62647,527.00514 299.35852,527.56957 299.09062,528.13052 L 283.43987,527.85176 C 283.52084,527.66348 282.88447,515.7395 283.08108,515.50608 z M 276.34425,546.61907 C 277.89568,547.38545 280.81962,547.77463 283.05453,548.37477 C 280.15284,549.11714 277.60828,549.09234 277.30649,551.49475 C 276.88402,554.8578 283.91375,557.05322 290.12324,558.85588 C 288.4593,559.44397 285.41576,560.84837 285.28168,562.4898 C 284.86781,567.55673 295.35853,569.71644 304.68278,571.55997 C 305.89074,579.19986 307.54144,589.21622 308.90079,597.08044 C 285.0055,594.98587 270.36389,593.61307 255.48253,597.49196 C 261.78844,582.55106 269.46993,562.86918 276.34425,546.61907 z"
style="fill:#000000;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1" />
</g>
<text
transform="matrix(0.570786,-0.8210989,0.8210989,0.570786,0,0)"
sodipodi:linespacing="125%"
id="text2678"
y="199.4783"
x="-109.05233"
style="font-size:20px;font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;text-align:start;line-height:125%;writing-mode:lr-tb;text-anchor:start;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:URW Palladio L;-inkscape-font-specification:URW Palladio L"
xml:space="preserve"><tspan
y="199.4783"
x="-109.05233"
id="tspan2680"
sodipodi:role="line">right on!</tspan></text>
</g>
</g>
</svg>

After

Width:  |  Height:  |  Size: 24 KiB

1
doc/interest.txt Normal file
View File

@ -0,0 +1 @@
andrew.hay@afit.edu

163
doc/writing-puzzles.txt Normal file
View File

@ -0,0 +1,163 @@
How to create puzzle categories
===============================
The contest has multiple "puzzle" categories. Each category contains a
collection of thematically-related puzzles with increasing point
values. This document will guide you through the process of creating a
new category. It's up to you to make challenging puzzles, though :)
Since Unix commands are plain text, I'll be using the Unix commands to
illustrate steps. These are simple commands that should be easy to
translate to a GUI.
Step 1: Establish a progression
-------------------------------
Before you do anything else, you should sit down with a pen and paper,
and plan out how you'd like contestants to progress through your
category. This contest framework is set up to encourage a linear
progression through puzzles, while still allowing contestants to skip
over things they get stuck on.
The net-re category, for instance, features full tutorial pages with
simple "end of chapter" type questions for point values 1-8. Point
values 10-99 apply the skills learned in the tutorial against
increasingly challenging problems, point values 100-999 increasingly
approach real-world challenges which use the skills, and point values
1000+ are either culled or inspired by actual net-re tasks performed by
experts in the field.
The crypto category uses the previous answers key as part of the
solution process for each point value.
Ideally, your category will work standalone for novices, while allowing
experts to quickly answer the training questions and progress to real
challenges. Remember that some events don't have a class portion, and
even the ones that do have students who prefer to spend the contest time
reviewing the exact same problems they did in the class.
Remember, it's easy to make incredibly challenging puzzles, and you will
probably have a lot of ideas about how to do this. What's harder is to
make simple puzzles that teach. It can be helpful to imagine a student
with a basic skill set. Write your first puzzle for this student to
introduce them to the topic and get them thinking about things you
believe are important. Guide that student through your tutorial
puzzles, until they emerge ready to tackle some non-tutorial problems.
As they gain confidence, keep them on their toes with new challenges.
Remember to only introduce one new concept for each puzzle!
Past a certain point, feel free to throw in the killer tricky puzzles
you're just dying to create!
Step 2: Establish point values
------------------------------
Each of your steps needs a point value. Each point value must be
unique: you may not have two 5-point puzzles.
Point values should roughly reflect how difficult a problem is to solve.
It's not terribly important that a 200-point puzzle be ten times harder
than a 20-point puzzle, but it is crucial that a 25-point puzzle be
roughly as difficult as a 20-point puzzle. Poorly-weighted puzzles has
been the main reason students lose interest.
Step 3: Set up your puzzle structure
------------------------------------
The best way to get puzzles to me is in a zip file of an entire
directory. Let's say you are going to create a "sandwich" category.
Your first step will be to make a "sandwich" directory somewhere.
$ mkdir sandwich
$ cd sandwich
$
Within your category directory, create subdirectories for each point
value puzzle. In the "sandwich" category we have only 5, 10, and
100-point puzzles.
$ mkdir 5 10 100
$
Step 4: Write puzzles
---------------------
Now that your skeleton is set up, you can begin to fill it in. In each
point-value subdirectory, there can be three special files, and as many
downloadable files as you like, in addition to CGI and any downloadable
but non-listed files you would like.
Special files are:
* index.mdwn: a plain text file formatted with
[markdown](http://daringfireball.net/projects/markdown/), displayed
before the list of normal files in the puzzle directory.
* key: a plain text file with acceptable answers, one per line. Answers
are matched exactly (ie. they are case-sensitive).
* summary: a single line explaining to contest organizers what's going
on in this puzzle.
All remaining files, except those with filenames beginning with a comma
(","), are listed on the puzzle page for download.
Any file ending with ".cgi" will be run as CGI. You can search the web
for how to write a CGI. Available languages are Python, Lua, and Bourne
Shell.
Let's make our 5-point sandwich question!
$ cd 5
$ cat <<EOD >index.mdwn
> Welcome to the Sandwich category!
> In this category you will learn how to make a tasty sandwich.
> The key ingredients in a sandwich are: bread, spread, and filling.
> When making a sandwich, you need to first put down one slice of bread,
> then apply any spreads, and finally add filling. Popular fillings
> include cheese, sprouts, and cold cuts. When you are done, apply
> another slice of bread on top, and optionally tie it together with
> a fancy toothpick.
>
> Now that you know the basics of sandwich-making, it's time for a
> question! How many slices of bread are in a sandwich?
> EOD
$ cat <<EOD >key
> 2
> TWO
> two
> EOD
$ echo "How many slices of bread in a sandwich" > summary
$
If you wanted to provide a PDF of various sandwiches, this would be the
time to add that too:
$ cp /tmp/sandwich-types.pdf .
$
In a real category, you might provide an executable, hard drive image,
or some other kind of blob.
No additional work is needed to have `sandwich-types.pdf` show up as a
download on the puzzle page.
Step 5: Package it up
---------------------
After you've flushed out all your point-value directories, it's time to
wrap it up and send it in. Clean out any backup or temporary files you
or your editor might have written in the directories, and zip the sucker
up.
$ cd ../..
$ zip -r sandwich.zip sandwich/
$
Now mail the zip file in, and you're all done!

View File

@ -61,6 +61,67 @@ arc4_hash(uint8_t const *buf, size_t buflen,
arc4_init(&ctx, buf, buflen); arc4_init(&ctx, buf, buflen);
for (i = 0; i < ARC4_HASHLEN; i += 1) { for (i = 0; i < ARC4_HASHLEN; i += 1) {
hash[i] = arc4_pad(&ctx); hash[i] = arc4_out(&ctx);
} }
} }
#ifdef ARC4_MAIN
#include <stdio.h>
#include <sysexits.h>
#include <string.h>
int
main(int argc, char *argv[])
{
struct arc4_ctx ctx;
/* Read key and initialize context */
{
uint8_t key[256];
size_t keylen = 0;
char *ekey = getenv("KEY");
FILE *f;
if (argc == 2) {
if (! (f = fopen(argv[1], "r"))) {
perror(argv[0]);
}
} else {
f = fdopen(3, "r");
}
if (f) {
keylen = fread(key, 1, sizeof(key), f);
fclose(f);
} else if (ekey) {
keylen = strlen(ekey);
if (keylen > sizeof(key)) {
keylen = sizeof(key);
}
memcpy(key, ekey, keylen);
}
if (0 == keylen) {
fprintf(stderr, "Usage: %s [KEYFILE] <PLAINTEXT\n", argv[0]);
fprintf(stderr, "\n");
fprintf(stderr, "You can also pass in the key on fd 3 or in\n");
fprintf(stderr, "$KEY; omit KEYFILE in this case.\n");
return EX_IOERR;
}
arc4_init(&ctx, key, (size_t)keylen);
}
/* Encrypt */
while (1) {
int c = getchar();
if (EOF == c) break;
putchar(c ^ arc4_out(&ctx));
}
return 0;
}
#endif /* ARC4_MAIN */

View File

@ -0,0 +1,20 @@
CTFBASE_PKGDIR = $(TARGET)/ctfbase
ctfbase-install: ctfbase-build
mkdir -p $(CTFBASE_PKGDIR)/bin/
$(call COPYTREE, packages/ctfbase/service, $(CTFBASE_PKGDIR)/service)
cp packages/ctfbase/setup $(CTFBASE_PKGDIR)/
cp packages/ctfbase/src/tokencli $(CTFBASE_PKGDIR)/bin/
cp packages/ctfbase/src/arc4 $(CTFBASE_PKGDIR)/bin/
ctfbase-clean:
rm -rf $(CTFBASE_PKGDIR)
$(MAKE) -C packages/ctfbase/src clean
ctfbase-build:
$(MAKE) -C packages/ctfbase/src build
PACKAGES += ctfbase

View File

@ -0,0 +1,12 @@
#! /bin/sh -e
exec 2>&1
# Set up networking for all CTF packages
ip link set eth0 up
if ! ip route | grep -q default; then
ip route add default via 10.0.0.1 || exit 1
fi
install -o root -m 0755 -d /var/lib/ctf/tokens
exec ./update-tokens

View File

@ -1,6 +1,7 @@
build: tokencli arc4 build: tokencli arc4
arc4: arc4.o arc4-main.o arc4: arc4.c
$(CC) $(CFLAGS) $(LDFLAGS) -DARC4_MAIN -o $@ $<
tokencli: tokencli.o arc4.o tokencli: tokencli.o arc4.o

View File

@ -1,4 +1,6 @@
#! /bin/sh #! /bin/sh -e
exec 2>&1 exec 2>&1
exec tcpsvd 0 4104 /opt/logger/bin/logger IP=$(cat ip.txt)
ip addr add $IP dev eth0
exec tcpsvd ${IP#/*} 1958 /opt/logger/bin/logger

View File

@ -1,10 +1,35 @@
#include <sys/select.h> /** logger.c - generate fake log messages (part of dirtbags CTF)
*
* Author: Neale Pickett <neale@lanl.gov>
*
* This software has been authored by an employee or employees of Los
* Alamos National Security, LLC, operator of the Los Alamos National
* Laboratory (LANL) under Contract No. DE-AC52-06NA25396 with the
* U.S. Department of Energy. The U.S. Government has rights to use,
* reproduce, and distribute this software. The public may copy,
* distribute, prepare derivative works and publicly display this
* software without charge, provided that this Notice and any statement
* of authorship are reproduced on all copies. Neither the Government
* nor LANS makes any warranty, express or implied, or assumes any
* liability or responsibility for the use of this software. If
* software is modified to produce derivative works, such modified
* software should be clearly marked, so as not to confuse it with the
* version available from LANL.
*/
#include <time.h> #include <time.h>
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <stdint.h> #include <stdint.h>
#include <string.h> #include <string.h>
#include "token.h"
#ifdef STANDALONE
# define TOKEN_MAX 50
#else
# include "token.h"
# include "arc4.h"
#endif
#define PID_MAX 32768 #define PID_MAX 32768
#define QSIZE 200 #define QSIZE 200
@ -27,12 +52,16 @@ read_tokens()
char name[40]; char name[40];
for (i = 0; i < sizeof(token)/sizeof(*token); i += 1) { for (i = 0; i < sizeof(token)/sizeof(*token); i += 1) {
#ifdef STANDALONE
strcpy(token[i], "logger:xylep-donut-nanox");
#else
/* This can't grow beyond 40. Think about it. */ /* This can't grow beyond 40. Think about it. */
sprintf(name, "logger%d", i); sprintf(name, "logger%d", i);
len = read_token(name, key, sizeof(key), token[i], sizeof(token[i])); len = read_token(name, key, sizeof(key), token[i], sizeof(token[i]));
if ((-1 == len) || (len >= sizeof(token[i]))) abort(); if ((-1 == len) || (len >= sizeof(token[i]))) abort();
token[i][len] = '\0'; token[i][len] = '\0';
#endif
} }
} }

View File

@ -1,8 +0,0 @@
#! /bin/sh -e
hostname mcp
ifconfig eth0 10.0.0.2 netmask 255.255.0.0
route add default gw 10.0.0.1
exec inotifyd true $(pwd):x

View File

@ -41,6 +41,8 @@ Control {
} }
Server { Server {
Address 10.0.0.2
Virtual { Virtual {
AnyHost AnyHost
Control { Control {

View File

@ -2,6 +2,8 @@
exec 2>&1 exec 2>&1
ip addr add 10.0.0.2/24 dev eth0
DB=/var/lib/ctf/tokens.db DB=/var/lib/ctf/tokens.db
if [ ! -f $DB ]; then if [ ! -f $DB ]; then

View File

@ -1,13 +1,13 @@
CFLAGS = -Wall -Werror CFLAGS = -Wall -Werror
TARGETS = in.tokend tokencli claim.cgi TARGETS = in.tokend claim.cgi
TARGETS += puzzler.cgi puzzles.cgi TARGETS += puzzler.cgi puzzles.cgi
TARGETS += pointscli mktoken arc4 TARGETS += pointscli mktoken
all: build all: build
build: $(TARGETS) build: $(TARGETS)
in.tokend: in.tokend.o arc4.o common.o in.tokend: in.tokend.o arc4.o md5.o common.o
tokencli: tokencli.o arc4.o tokencli: tokencli.o arc4.o
pointscli: pointscli.o common.o pointscli: pointscli.o common.o
mktoken: mktoken.o common.o mktoken: mktoken.o common.o

View File

@ -1 +0,0 @@
../../tokens/src/arc4-main.c

View File

@ -14,6 +14,7 @@
#include <dirent.h> #include <dirent.h>
#include "common.h" #include "common.h"
#include "arc4.h" #include "arc4.h"
#include "md5.h"
void void
list_teams() list_teams()
@ -28,14 +29,11 @@ list_teams()
if ((0 == stat(state_path("teams/names/%s", ent->d_name), &buf)) && if ((0 == stat(state_path("teams/names/%s", ent->d_name), &buf)) &&
(S_ISREG(buf.st_mode))) { (S_ISREG(buf.st_mode))) {
uint8_t hash[ARC4_HASHLEN]; char digest[MD5_HEXDIGEST_LEN + 1];
int i;
arc4_hash((uint8_t *)ent->d_name, strlen(ent->d_name), hash); md5_hexdigest((uint8_t *)ent->d_name, strlen(ent->d_name), digest);
for (i=0; i < ARC4_HASHLEN; i += 1) { digest[MD5_HEXDIGEST_LEN] = '\n';
printf("%02x", hash[i]); write(1, digest, sizeof(digest));
}
printf("\n");
} }
} }
closedir(dir); closedir(dir);

View File

@ -1 +0,0 @@
../../tokens/src/tokencli.c

View File

@ -1,4 +1,6 @@
#! /bin/sh #! /bin/sh -e
exec 2>&1 exec 2>&1
exec /opt/octopus/bin/octopus IP=$(cat ip.txt)
ip addr add $IP dev eth0
exec /opt/octopus/bin/octopus ${IP%/*}

View File

@ -194,17 +194,17 @@ struct bound_port {
} bound_ports[PORTS]; } bound_ports[PORTS];
int int
bind_port(int fd, uint16_t port) { bind_port(struct in_addr *addr, int fd, uint16_t port) {
struct sockaddr_in addr; struct sockaddr_in addr;
addr.sin_family = AF_INET; addr.sin_family = AF_INET;
addr.sin_port = htons(port); addr.sin_port = htons(port);
addr.sin_addr.s_addr = INADDR_ANY; addr.sin_addr.s_addr = *addr;
return bind(fd, (struct sockaddr *)&addr, sizeof(addr)); return bind(fd, (struct sockaddr *)&addr, sizeof(addr));
} }
int int
rebind() rebind(struct in_addr *addr)
{ {
static int offset = 0; static int offset = 0;
char token[200]; char token[200];
@ -235,7 +235,7 @@ rebind()
bound_ports[i + offset].fd = socket(PF_INET, SOCK_DGRAM, 0); bound_ports[i + offset].fd = socket(PF_INET, SOCK_DGRAM, 0);
do { do {
port = (random() % 56635) + 10000; port = (random() % 56635) + 10000;
ret = bind_port(bound_ports[i + offset].fd, port); ret = bind_port(addr, bound_ports[i + offset].fd, port);
} while (-1 == ret); } while (-1 == ret);
/* Set the last guy's port number */ /* Set the last guy's port number */
@ -340,12 +340,22 @@ main(int argc, char *argv[])
int ret; int ret;
int i; int i;
time_t last = time(NULL); time_t last = time(NULL);
struct in_addr addr;
/* The random seed isn't super important here. */ /* The random seed isn't super important here. */
srand(8); srand(last);
if (argc > 1) {
if (-1 == inet_aton(argv[1], &addr)) {
fprintf(stderr, "invalid address: %s\n", argv[1]);
return EX_IOERR;
}
} else {
addr = INADDR_ANY;
}
bound_ports[0].fd = socket(PF_INET, SOCK_DGRAM, 0); bound_ports[0].fd = socket(PF_INET, SOCK_DGRAM, 0);
ret = bind_port(bound_ports[0].fd, 8888); ret = bind_port(&addr, bound_ports[0].fd, 8888);
if (-1 == ret) { if (-1 == ret) {
perror("bind port 8888"); perror("bind port 8888");
return EX_IOERR; return EX_IOERR;
@ -354,7 +364,7 @@ main(int argc, char *argv[])
for (i = 1; i < PORTS; i += 1) { for (i = 1; i < PORTS; i += 1) {
bound_ports[i].fd = -1; bound_ports[i].fd = -1;
} }
if (-1 == rebind()) { if (-1 == rebind(&addr)) {
perror("initial binding"); perror("initial binding");
return EX_IOERR; return EX_IOERR;
} }
@ -364,7 +374,7 @@ main(int argc, char *argv[])
if (last + 4 < now) { if (last + 4 < now) {
last = now; last = now;
if (-1 == rebind()) break; if (-1 == rebind(&addr)) break;
} }
} }

View File

@ -1,11 +1,14 @@
#! /bin/sh #! /bin/sh -e
exec 2>&1 exec 2>&1
IP=$(cat ip.txt)
ip addr add $IP dev eth0
# So I say to him, "Alex, what's a good high port number for a CTF category?" # So I say to him, "Alex, what's a good high port number for a CTF category?"
# And he says, "6" # And he says, "6"
# And I say, "no, it has to be bigger than 1000" # And I say, "no, it has to be bigger than 1000"
# And he says, "how about 9001, because that's bigger than 9000" # And he says, "how about 9001, because that's bigger than 9000"
# So, okay. # Okay.
exec tcpsvd 0 9001 ./run-printf exec tcpsvd ${IP#/*} 9001 ./run-printf

View File

@ -1,11 +0,0 @@
#! /bin/sh
if [ -d /opt/mcp ]; then
sv d .
exit
fi
hostname pwnables
ifconfig eth0 10.0.0.10 netmask 255.255.0.0
route add default gw 10.0.0.1
exec inotifyd true $(pwd):x

View File

@ -1,5 +1,9 @@
#! /bin/sh -e #! /bin/sh -e
# Configure IP address
IP=$(cat ip.txt)
ip addr add $IP dev eth0
# Set up chroot environment # Set up chroot environment
# We never umount any of this since it's all just in RAM # We never umount any of this since it's all just in RAM
mkdir -p /mnt/pwnables-root mkdir -p /mnt/pwnables-root

View File

@ -1,3 +0,0 @@
#! /bin/sh
exec logger -t sshd

View File

@ -1,10 +0,0 @@
#! /bin/sh
exec 2>&1
if [ -d /opt/mcp ]; then
sv d .
exit
fi
exec dropbear -r ./rsa.key -E -F

View File

@ -1,5 +0,0 @@
#! /bin/sh
exec 2>&1
install -o root -m 0755 -d /var/lib/ctf/tokens
exec ./tokens

View File

@ -1,4 +0,0 @@
#! /bin/sh
cp -r service/* /var/service
mkdir -p /var/lib/ctf/tokens

View File

@ -1,58 +0,0 @@
#include <stdint.h>
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
#include <sysexits.h>
#include "arc4.h"
int
main(int argc, char *argv[])
{
struct arc4_ctx ctx;
/* Read key and initialize context */
{
uint8_t key[256];
size_t keylen = 0;
char *ekey = getenv("KEY");
FILE *f;
if (argc == 2) {
if (! (f = fopen(argv[1], "r"))) {
perror(argv[0]);
}
} else {
f = fdopen(3, "r");
}
if (f) {
keylen = fread(key, 1, sizeof(key), f);
fclose(f);
} else if (ekey) {
keylen = strlen(ekey);
if (keylen > sizeof(key)) {
keylen = sizeof(key);
}
memcpy(key, ekey, keylen);
}
if (0 == keylen) {
fprintf(stderr, "Usage: %s [KEYFILE] <PLAINTEXT\n", argv[0]);
fprintf(stderr, "\n");
fprintf(stderr, "You can also pass in the key on fd 3 or in\n");
fprintf(stderr, "$KEY; omit KEYFILE in this case.\n");
return EX_IOERR;
}
arc4_init(&ctx, key, (size_t)keylen);
}
/* Encrypt */
while (1) {
int c = getchar();
if (EOF == c) break;
putchar(c ^ arc4_pad(&ctx));
}
return 0;
}

View File

@ -1,20 +0,0 @@
TOKENS_PKGDIR = $(TARGET)/tokens
tokens-install: tokens-build
mkdir -p $(TOKENS_PKGDIR)/bin/
$(call COPYTREE, packages/tokens/service, $(TOKENS_PKGDIR)/service)
cp packages/tokens/setup $(TOKENS_PKGDIR)/
cp packages/tokens/src/tokencli $(TOKENS_PKGDIR)/bin/
cp packages/tokens/src/arc4 $(TOKENS_PKGDIR)/bin/
tokens-clean:
rm -rf $(TOKENS_PKGDIR)
$(MAKE) -C packages/tokens/src clean
tokens-build:
$(MAKE) -C packages/tokens/src build
PACKAGES += tokens