We expect a lot of teams this year.
Team network for team with ID N is: 10.A.B.0/24, where A = 60 + N / 256, B = N % 256.
This year we will provide the hosting for your vulnerable image on our servers again. If you are hearing about it for a first time, our FAQ should help.
Here is an instruction how to set up image in cloud:
0. Enter to the cloud web console, https://cloud.ructfe.org. The interface will be opened at 26 Dec 2020 10:00 UTC.
1. Create the vulnerable vm
2. Get the vpn config to enter your network segment
Save as ructfe.ovpn
3. Give the config from the previous step to every team member and run openvpn:
Linux and MacOS: openvpn ructfe.ovpn
Windows: right-click on ructfe.ovpn -> Start OpenVPN on this config file
4. Connect to vulnerable vm using ssh client:
5. After initial setup, make your first vm snapshot, so you can recover to that saved state later:
# take_snapshot <name>
6. If you had non-cloud setup, shut down the openvpn client on your game router.
7. Connect vm network to the game network:
Now other teams and checksystem are able to access the vm.
Also, now you should be able to access other teams and checksystem (if the game network is opened, of course)
8. Have a nice game!
The next steps are required only for non-cloud setup, but we still recommend to follow them just in case.
SET UP VIRTUAL MACHINES
- Check SHA256 sums:
- 5fdc706895ed2b68da899bc78c27db441c8b451ab5077b45d7285f2a1fa672d6 RuCTFE2020_Router.ova
- 10d1fb39bd3ec45969448dd0812749a956adcc28f58ee96ea28efeab3af99fab RuCTFE2020_TestImage.ova
Import both images to VirtualBox: "File->Import Appliance...
Check router image settings. Go to: "Settings->Network->Adapter2". Make sure that it is bridged to your real, hardware network adapter. It is preferable to use Ethernet adapters for bridging rather than Wi-Fi adapters.
Check test image settings. Make sure that Adapter1 is bridged to your real network adapter.
Start both virtual machines. You will see some instructions on a logon screen.
Follow instructions on the logon screen and enter your team number to configure the network:
eth0 - this is your uplink. Address is obtained via dhcp by default. This interface is attached to NAT in VirtualBox, so make sure that you have an internet connection on your physical host;
eth1 - this is your internal interface. It should be automatically set to: 10.A.B.1.
eth0 - it should be automatically set to: 10.A.B.3 and gateway: 10.A.B.1.
You should use following network settings for your team's PCs during the game (or virtual machines setup):
IP = 10.A.B.128 - 10.A.B.255 Netmask = 255.255.255.0 Gateway = 10.A.B.1 DNS = 126.96.36.199
SET UP VPN CONNECTION
Follow the instructions sent on your PoC email (if not, please send message to firstname.lastname@example.org or Vik at Slack) to obtain your OpenVPN config.
Copy the config to /etc/openvpn/*.conf (for example to /etc/openvpn/ructfe.conf).
Restart OpenVPN on your router (service restart openvpn@ructfe if your confing has name ructfe.conf).
Check network connectivity. You should be able to ping 10.C.B.1 from your router and testimage (C = 80 + N / 256, N is your team ID). Check your connection status at http://vpn.ructfe.org/ (all tests for your team should pass, the page updates once in a few minutes)
Leave both images running. You can shut down your testimage when the game starts.