[[WarZone]]
 

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
project:warzone [2012/11/22 15:22]
biiter
project:warzone [2016/04/21 13:44] (current)
kxt [Recommended readings]
Line 6: Line 6:
 hw=na| hw=na|
 founder=root| founder=root|
-interested=[[user:​biiter]]\\ [[user:​tomsuch]]\\ [[user:​ruza]]| +interested=[[user:​biiter]]\\ [[user:​tomsuch]]\\ [[user:ruza]]\\ [[user:​mrkva]]| 
-status=active}}+status=online}}
  
 ===== Goals of the Project ===== ===== Goals of the Project =====
Line 18: Line 18:
  
 "​Capture the Flag (CTF) is a computer security wargame. Each team is given a machine (or small network) to defend on an isolated network. Teams are scored on both their success in defending their assigned machine and on their success in attacking other team's machines. Depending on the nature of the particular CTF game, teams may either be attempting to take an opponent'​s flag from their machine or teams may be attempting to plant their own flag on their opponent'​s machine."​ -- Wikipedia http://​en.wikipedia.org/​wiki/​Capture_the_flag#​Computer_security "​Capture the Flag (CTF) is a computer security wargame. Each team is given a machine (or small network) to defend on an isolated network. Teams are scored on both their success in defending their assigned machine and on their success in attacking other team's machines. Depending on the nature of the particular CTF game, teams may either be attempting to take an opponent'​s flag from their machine or teams may be attempting to plant their own flag on their opponent'​s machine."​ -- Wikipedia http://​en.wikipedia.org/​wiki/​Capture_the_flag#​Computer_security
- 
-==== Network setup ==== 
- 
-  * http://​ructf.org/​e/​2012/​network 
  
 ==== Vulnerable servers ==== ==== Vulnerable servers ====
Line 27: Line 23:
   * http://​www.reddit.com/​r/​netsec/​comments/​xiowh/​defcon_20_ctf_unmodified_freebsd_game_vm_from/​   * http://​www.reddit.com/​r/​netsec/​comments/​xiowh/​defcon_20_ctf_unmodified_freebsd_game_vm_from/​
   * http://​blog.pushebx.com/​2011/​03/​penetration-testing-iso.html   * http://​blog.pushebx.com/​2011/​03/​penetration-testing-iso.html
- 
-==== TODO ==== 
- 
-  * Score keeping box 
  
 ==== References ==== ==== References ====
Line 36: Line 28:
   * https://​ctftime.org/​ctfs/​   * https://​ctftime.org/​ctfs/​
   * https://​www.defcon.org/​html/​links/​dc-ctf-history.html   * https://​www.defcon.org/​html/​links/​dc-ctf-history.html
-  * http://​ructf.org/​e/​2012/​network 
- 
- 
-===== Wargames (single) ===== 
- 
-===== Access ===== 
- 
-==== Direct SSH ==== 
- 
-=== From teh Internetz === 
-<code bash> 
-ssh level00@nat.brmlab.cz -p 2201 
-</​code>​ 
- 
-=== ChaosVPN === 
-<code bash> 
-ssh level00@172.31.0.16 -p 2201 
-</​code>​ 
- 
-==== OpenVPN ==== 
- 
-{{:​project:​openvpn_logo.png?​nolink&​100 |}} 
- 
-WarZone is network segment physically located in brmlab hackerspace,​ isolated from other network infrastructure and remotely available via VPN. Files needed to access prepared Warzone VPN are downloadable [[http://​nat.brmlab.cz/​warzone/​warzone-klient.zip|here]].. 
- 
-<note info>​OpenVPN not working at this time 
-</​note>​ 
- 
-  ruza@azur:​~$ mkdir -p .openvpn/​brmlab-warzone 
-  ruza@azur:​~$ cd .openvpn/​brmlab-warzone 
-  ruza@azur:​~/​.openvpn/​brmlab-warzone$ wget -q http://​nat.brmlab.cz/​warzone/​warzone-klient.zip 
-  ruza@azur:​~/​.openvpn/​brmlab-warzone$ unzip warzone-klient.zip ​ 
-  Archive: ​ warzone-klient.zip 
-    inflating: ca.crt ​                 ​ 
-    inflating: warzone-klient.crt ​     ​ 
-    inflating: warzone-klient.key ​     ​ 
-    inflating: warzone-klient.ovpn ​     
-  ruza@azur:​~/​.openvpn/​brmlab-warzone$ sudo openvpn warzone-klient.ovpn ​ 
-  ... 
- 
-If everything worked well last lines of openvpn output should look like this (openvpn adds route to 192.168.**66**.x network): 
- 
-  Wed Aug 17 02:42:12 2011 /sbin/route add -net 192.168.66.0 netmask 255.255.255.0 gw 192.168.66.129 
-  Wed Aug 17 02:42:12 2011 Initialization Sequence Completed 
- 
-<​note>​ 
-Everything you need is to have openvpn installed. Download [[http://​nat.brmlab.cz/​warzone/​warzone-klient.zip]] and successfully connect with config and certificates included in zip file. 
-</​note>​ 
- 
-If you want to use NetworkManager to connect to Warzone, you [[project:​warzone:​nm|can]]. 
  
 ===== Available challenges ===== ===== Available challenges =====
Line 91: Line 33:
 ==== BRMCTF ==== ==== BRMCTF ====
  
-{{:​project:​reverse-engineering.jpg?​nolink&​100 ​|}} +{{:​project:​reverse-engineering.jpg?​nolink&​100 ​ }}
-admin:​[[user:​biiter]]+
  
 IP [[http://​192.168.66.4/​|192.168.66.4]] (internal DNS name ctf.war) runs server with CTF challenge (capture the flag). Everybody should start at level00. Your task is to get the password to the higher level (level01, etc.). More information in /​home/​level00/​README IP [[http://​192.168.66.4/​|192.168.66.4]] (internal DNS name ctf.war) runs server with CTF challenge (capture the flag). Everybody should start at level00. Your task is to get the password to the higher level (level01, etc.). More information in /​home/​level00/​README
Line 98: Line 39:
 **Please, do not publish solutions to the levels! Keep it to yourself and let others enjoy competition same as you've did.** **Please, do not publish solutions to the levels! Keep it to yourself and let others enjoy competition same as you've did.**
  
-Currently CTF has 8 functional levels. More info on http://​192.168.66.4 or http://​ctf.war/​ (within LAN)+Currently CTF has 8 functional levels. More info on [[http://​192.168.66.4|http://​192.168.66.4]] ​or [[http://​ctf.war/​|http://​ctf.war/​]] (within LAN)
  
-From the internetz:​ +<​note>​**ssh level00@nat.brmlab.cz -p 2000 -v**\\ password**brmlab**\\ \\ https://​nat.brmlab.cz/​warzone</​note>​
-<​note>​ +
-ssh level00@nat.brmlab.cz -p 2201\\ +
-pass: brmlab +
-</​note>​+
  
-In the brmlab local lan: 
-<​note>​ 
-ssh level00@192.168.66.4\\ 
-pass: brmlab 
-</​note>​ 
- 
-There is a parallel challenge with only one level so far but it's focused more on the logic than low level. 
-This challenge is more difficult. 
- 
-<​note>​ 
-ssh brm00@192.168.66.4\\ 
-pass: prtyhrd 
-</​note>​ 
 ==== OBSTACLE10g ==== ==== OBSTACLE10g ====
  
 {{:​project:​obstacle_hlf_2x.gif?​nolink&​100 |}} {{:​project:​obstacle_hlf_2x.gif?​nolink&​100 |}}
-admin:​[[user:​biiter]] 
  
 IP **192.168.66.8** runs server with Oracle database. Can you hack it? IP **192.168.66.8** runs server with Oracle database. Can you hack it?
  
-<del> 
 ==== DVWA ==== ==== DVWA ====
-(temporarily down) 
  
 {{:​project:​dvwa_grey.png?​nolink&​100 |}} {{:​project:​dvwa_grey.png?​nolink&​100 |}}
-admin:​[[user:​biiter]] 
  
 IP 192.168.66.7 has Damn Vulnerable Web App ([[http://​www.dvwa.co.uk/​|DVWA]]) installed and configured. ​ IP 192.168.66.7 has Damn Vulnerable Web App ([[http://​www.dvwa.co.uk/​|DVWA]]) installed and configured. ​
-Use login 'brmlab' with password 'brmlab'. After logging in, read the [[http://​192.168.66.7/​instructions.php|instructions]]+Use login 'admin' with password 'password'. After logging in, read the [[http://​192.168.66.7/​instructions.php|instructions]]
  
 <​note>​ <​note>​
 [[http://​192.168.66.7/​]] [[http://​192.168.66.7/​]]
  
-user: brmlab\\  +user: admin\\  
-pass: brmlab+pass: password
 </​note>​ </​note>​
  
 ==== WebGoat ==== ==== WebGoat ====
-(temporarily down) 
  
 {{:​project:​webgoat_logo-294x300.jpg?​nolink&​100 |}} {{:​project:​webgoat_logo-294x300.jpg?​nolink&​100 |}}
-admin:​[[user:​biiter]] 
  
-Other service available is at [[http://​192.168.66.7:​8080/​|192.168.66.7:​8080]] which has OWASP WebGoat Project ([[https://​www.owasp.org/​index.php/​Category:​OWASP_WebGoat_Project/​|WebGoat]]) installed and configured+Other service available is at [[http://​192.168.66.7:​8080/​WebGoat|http://192.168.66.7:​8080/WebGoat]] which has OWASP WebGoat Project ([[https://​www.owasp.org/​index.php/​Category:​OWASP_WebGoat_Project/​|WebGoat]]) installed and configured.
-Use login '​brmlab'​ with '​brmlab'​ password.+
  
 <​note>​ <​note>​
-[[http://brmlab:​brmlab@192.168.66.7:​8080/​webgoat/​attack]]+[[http://​192.168.66.7:​8080/​WebGoat]]
 </​note>​ </​note>​
-</​del>​ 
  
 ===== Recommended readings ===== ===== Recommended readings =====
Line 166: Line 82:
   * [[http://​phrack.com/​issues.html?​issue=57&​id=9#​article|Once upon a free()]]   * [[http://​phrack.com/​issues.html?​issue=57&​id=9#​article|Once upon a free()]]
   * [[http://​www.win.tue.nl/​~aeb/​linux/​hh/​hh.html|Hackers Hut]]   * [[http://​www.win.tue.nl/​~aeb/​linux/​hh/​hh.html|Hackers Hut]]
 +  * https://​www.corelan.be/​index.php/​2009/​07/​19/​exploit-writing-tutorial-part-1-stack-based-overflows/​
   * http://​www.cert.org/​secure-coding/​scstandards.html   * http://​www.cert.org/​secure-coding/​scstandards.html
   * http://​samate.nist.gov/​SRD/​testsuite.php   * http://​samate.nist.gov/​SRD/​testsuite.php
Line 174: Line 91:
   * http://​www.tenouk.com/​Bufferoverflowc/​   * http://​www.tenouk.com/​Bufferoverflowc/​
   * http://​www.drdobbs.com/​security/​anatomy-of-a-stack-smashing-attack-and-h/​240001832   * http://​www.drdobbs.com/​security/​anatomy-of-a-stack-smashing-attack-and-h/​240001832
 +  * http://​fresh2refresh.com/​cprogramming/​
 ===== References ===== ===== References =====
  
Line 187: Line 105:
   * http://​smashthestack.org/​   * http://​smashthestack.org/​
   * http://​exploit-exercises.com/​   * http://​exploit-exercises.com/​
 +  * https://​www.vulnhub.com/​
   * http://​www.overthewire.org/​   * http://​www.overthewire.org/​
   * http://​hax.tor.hu/​   * http://​hax.tor.hu/​
 
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 3.0 Unported
Recent changes RSS feed Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki