User Tools

Site Tools


cctf_preliminary_experiment

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
cctf_preliminary_experiment [2017/08/25 14:42]
silvio.biagioni@unitn.it
cctf_preliminary_experiment [2021/01/29 10:58] (current)
Line 1: Line 1:
-====== One-On-One Capture The Flag Contest ​- User Guide ====== +====== One-On-One Capture The Flag Contest ====== 
-                          ​_______ +====== ​------------ ​User Guide ----------- ====== 
-                         | ___  o| +<​code>​ 
-                         |[_-_]_ | +             ​____________________________________________________ 
-      ______________ ​    ​|[_____]| +            /                                                    \ 
-     |.------------.|    |[_____]+           |    ​_____________________________________________ ​    | 
-     ​||rm -rf /  ||    ​|[====o]+           ​| ​  ​| ​                                            ​| ​   ​
-     ​||            ||    |[_.--_]+           ​  ​ # echo Welcome! ​                           |    | 
-     ​||            ||    |[_____]+           ​| ​  ​| ​ Welcome! ​                                  ​| ​   | 
-     ​||            ||    |      :+           ​| ​  ​| ​ # rm -rf /                                 ​|    | 
-     ​||____________||    |      :+           ​  ​                                            ​|    | 
- .==.|""  ​...... ​   |.==.|      :| +           ​| ​  ​| ​                                            ​| ​   ​
- |::| '-.________.-' |::||      :| +           ​  ​                                            ​   | 
- |''​| ​ (__________)-.|''​||______:​| +           ​| ​  ​| ​                                            |    | 
- ​`""​`_.............._\""​`______ +           ​| ​  ​| ​                                            ​| ​   ​
-    ​/:::::::::::'​':::\`;'​-.-. ​ `\ +           ​  ​                                            ​   | 
-   /::=========.:.-::"\ \ \--\   \ +           ​| ​  ​| ​                                            |    | 
-   \`""""""""""""""""​` \ \__)   \ +           ​| ​  ​| ​                                            ​| ​   ​
-jgs `""""""""""""""""​` ​   '​========'​+           ​  ​                                            ​   | 
 +           ​| ​  ​|_____________________________________________|    | 
 +           ​| ​                                                     ​
 +            ​\_____________________________________________________/​ 
 +                   ​\_______________________________________/​ 
 +                _______________________________________________ 
 +             ​_-' ​   ​.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-. ​ --- `-_ 
 +          _-'.-.-. .---.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.--. ​ .-.-.`-_ 
 +       ​_-'​.-.-.-. .---.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-`__`. .-.-.-.`-_ 
 +    ​_-'.-.-.-.-. .-----.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-----. .-.-.-.-.`-_ 
 + _-'.-.-.-.-.-. .---.-. .-----------------------------. .-.---. .---.-.-.-.`-_ 
 +:-----------------------------------------------------------------------------: 
 +`---._.-----------------------------------------------------------------._.---'​ 
 + 
 +</code> 
  
 ===== Before the Contest ===== ===== Before the Contest =====
Line 32: Line 47:
 ===== Training Phase (on your device) ===== ===== Training Phase (on your device) =====
  
-  - Download Kali Linux ([[https://​drive.google.com/​drive/​URLtoATTACkIMAGE|Attack Clone]]) and TestREx ([[https://​drive.google.com/​drive/​URLtoTARGEtIMAGE|Target Clone]]) images. +  - Download Kali Linux ([[https://​drive.google.com/​open?​id=0BxCs1beC8uIUdjVZOC1HeGRSLU0 ​| Attack Clone]]) and TestREx ([[https://​drive.google.com/​open?​id=0BxCs1beC8uIUNjV3LUcxd25aT3c ​| Target Clone]]) images ​and import them through VirtualBox: ''​File>​Import Appliance...''​ 
-  - Run the images ​on QEMU (TODOADD QEMU NETWORK CONFIGURATIONS TO THE FOLLOWING COMMANDS): <code>% qemu-system-x86_64 -drive file=KALI-RLG,format=raw ​-m 2048 -enable-kvm</​code><​code>​% qemu-system-x86_64 -drive file=Ubuntu1604-STD,format=raw -m 2048 -enable-kvm -redir tcp:2222::​22</​code>​ +  - Add a virtual NAT Network ​on VirtualBoxgo to ''​File>Preferences'' ​select ''​Network''​ on the left and add a new NAT Network. 
-  - Perform your attacks against the target machine from your own browser, or out of the Kali Linux'​s command line, as many time you want. Restore the target ​containers, if needed, through the following commands: <​code>​ $ sudo python run.py --manual nodegoat__ubuntu-node-mongo --port 8888 </​code>​ <​code>​$ sudo python run.py --manual wordpress3.2__ubuntu-apache-mysql --port 80 </​code>​+  ​Add TestREx and Kali Linux to the virtual network just created in the previous step,To view and configure the settings of a virtual machine, select it from the list on the left and either click on the ''​Settings''​ button located in the toolbar, or select the ''​Machine->Settings...''​ menu option. Thusselect the ''​Network''​ section on the left and set the ''​Attached to:''​ field with the  ''​NAT Network''​ option, ensuring that the value of ''​Name:''​ corresponds with the virtual NAT Network previously generated. 
 +  - Run the virtual machines. 
 +  - Perform your attacks against the target machine from your own browser, or out of the Kali Linux'​s command line, as many time you want. Restore ​the services on the target ​machine, if needed, through the following commands: <​code>​ $ sudo python run.py --manual nodegoat__ubuntu-node-mongo --port 8888 </​code>​ <​code>​$ sudo python run.py --manual wordpress3.2__ubuntu-apache-mysql --port 80 </​code>​
   - Write a brief report about the attack(s) that you are going to carry out during the One-On-One Attack Phase. ​   - Write a brief report about the attack(s) that you are going to carry out during the One-On-One Attack Phase. ​
  
cctf_preliminary_experiment.1503664970.txt.gz · Last modified: 2021/01/29 10:58 (external edit)