The network scheme hasn’t changed at all, so the topology illustrated here is correct, with only one exception: all connections are through Wireguard, not OpenVPN. For more info on wireguard, please read the previous post in the channel: @cbsctf_c.
Game will start at 11:00 UTC. Be sure to NOT block or stop the bot or you won't be able to receive configs.
Game timeline:
— 10:30 password-protected configs arhive and services arhive are loaded to the bot, so you can download them with /game command.
— 11:00 password is posted in the channel.
— 11:30 game network opens and the game officially begins.
— 13:00 the game ends.
Checksystem:
https://github.com/pomo-mondreganto/ForcAD
What tokens are for:
After you've connected to the flag submission system, you must type your team token in the first line, followed by flags (one per line).
Simple script for flag submission:
https://gist.github.com/pomo-mondreganto/a864e3a259045846dee1fa0cb9fa68ea
Protocol for checksystem (for Destructive Farm):
https://github.com/DestructiveVoice/DestructiveFarm/blob/master/server/protocols/forcad_tcp.py
Teams ips:
There also will be an NPC team (with ip
Flag regex:
Scoreboard will be available on http://10.10.10.10 inside the wireguard network and on http://cbsctf.live in global network.
Flags are accepted at 10.10.10.10:31337 (tcp service)
Actual formula of service points change can be found here:
https://github.com/pomo-mondreganto/ForcAD/blob/master/backend/scripts/create_functions.sql#L41
Service statuses:
- OK: service works perfectly
- DOWN: service is inaccessible
- CORRUPT: checker can't get one of the old flags
- CHECK FAILED: organizers mistake, oops
- MUMBLE: everything else
IMPORTANT
There will also be checksystem api route to help you during the game. It will be accessible on http://10.10.10.10/api/attack_data during the game and will contains JSON data of the following format:
Hints are useful for situations when there are a lot of traffic on services and you can't find users with flags.
So hints will be ids, usernames, etc of users with alive flags.
Information about hints for each service will be posted after the game start.
Configs arhive:
- 2 configs for team members
- 1 config for vulnbox (*)
- readme.txt, here you can find information about connection to your cloud machine
(*)
If you choose Cloud hosting, you don't need it. Config will be automatically loaded to the your machine. Services can be found in /tasks directory.
If you choose Self-Hosted , you have to activate vulnbox config with and download services from bot with /game command.
Game timeline:
— 10:30 password-protected configs arhive and services arhive are loaded to the bot, so you can download them with /game command.
— 11:00 password is posted in the channel.
— 11:30 game network opens and the game officially begins.
— 13:00 the game ends.
Checksystem:
https://github.com/pomo-mondreganto/ForcAD
What tokens are for:
After you've connected to the flag submission system, you must type your team token in the first line, followed by flags (one per line).
Simple script for flag submission:
https://gist.github.com/pomo-mondreganto/a864e3a259045846dee1fa0cb9fa68ea
Protocol for checksystem (for Destructive Farm):
https://github.com/DestructiveVoice/DestructiveFarm/blob/master/server/protocols/forcad_tcp.py
Teams ips:
10.80.[0-N].2 (N is the number of teams).There also will be an NPC team (with ip
10.80.0.2 )Flag regex:
[A-Z0-9]{31}=Scoreboard will be available on http://10.10.10.10 inside the wireguard network and on http://cbsctf.live in global network.
Flags are accepted at 10.10.10.10:31337 (tcp service)
Actual formula of service points change can be found here:
https://github.com/pomo-mondreganto/ForcAD/blob/master/backend/scripts/create_functions.sql#L41
Service statuses:
- OK: service works perfectly
- DOWN: service is inaccessible
- CORRUPT: checker can't get one of the old flags
- CHECK FAILED: organizers mistake, oops
- MUMBLE: everything else
IMPORTANT
There will also be checksystem api route to help you during the game. It will be accessible on http://10.10.10.10/api/attack_data during the game and will contains JSON data of the following format:
{
"task_name": {
"ip1": ["hint1", "hint2", ...],
"ip2": ["hint1", "hint2", ...]
}
}Hints are useful for situations when there are a lot of traffic on services and you can't find users with flags.
So hints will be ids, usernames, etc of users with alive flags.
Information about hints for each service will be posted after the game start.
Configs arhive:
- 2 configs for team members
- 1 config for vulnbox (*)
- readme.txt, here you can find information about connection to your cloud machine
(*)
If you choose Cloud hosting, you don't need it. Config will be automatically loaded to the your machine. Services can be found in /tasks directory.
If you choose Self-Hosted , you have to activate vulnbox config with and download services from bot with /game command.
Don’t forget to install wireguard. We are not using OpenVPN this time
You can get password-protected services and configs in bot with /game command
Services archive password is:
Team configuration archive password is:
54b75342382e022c17828982689d5968Team configuration archive password is:
cd80340b184a5f505f7893b6c084a1a3Network will be opened at 11:30 UTC, now is the time to dig into the services and patch the vulns.
Congratulations to team
one-liner__pl on service overheard firstblood!Flag receiver will restart now, so active connections could break.
6 minutes left. It’s time to hack this node js little boy!
The infra will be up & running for 30 more minutes, so you can save everything you need. After that, everything will be destroyed.
Congratulations to our winners!
I ) LEGOFAN
II ) Teilzeit-Schwenker
III) ftooh
I ) LEGOFAN
II ) Teilzeit-Schwenker
III) ftooh
We will be glad if you submit this feedback form https://forms.gle/vAnWM6gU2i8uF2pA6 so we can do better next time!
Here you can find all source codes, checkers and sploits for the services: https://github.com/C4T-BuT-S4D/blitz-14-06-2020. Thank you for the game!
GitHub
GitHub - C4T-BuT-S4D/blitz-14-06-2020: C4T BuT S4D Attack-Defence Blitz
C4T BuT S4D Attack-Defence Blitz. Contribute to C4T-BuT-S4D/blitz-14-06-2020 development by creating an account on GitHub.
As always there is information for those who want to support us:
We organize our CTFs and trainings on a regular basis. Though our infrastructure is cost-optimized, it is not 0. So we are open for donations if you want to support us. Vulnbox costs ~3$ per team.
Paypal: https://www.paypal.me/pomomondreganto
Tinkoff (roubles or if you have a multi wallet card): https://www.tinkoff.ru/sl/3JBSc9Kgiy0
DStream: https://donate.stream/cbsctf
Bitcoin:
Next training will be in classic format (not blitz). We hope to see you there!
We organize our CTFs and trainings on a regular basis. Though our infrastructure is cost-optimized, it is not 0. So we are open for donations if you want to support us. Vulnbox costs ~3$ per team.
Paypal: https://www.paypal.me/pomomondreganto
Tinkoff (roubles or if you have a multi wallet card): https://www.tinkoff.ru/sl/3JBSc9Kgiy0
DStream: https://donate.stream/cbsctf
Bitcoin:
1F6XjKjCMvHseScedHyH2xFpLybFGAfgZPNext training will be in classic format (not blitz). We hope to see you there!