Category Archives: ISUCDC13

2013 ISU CDC images now available!

The four provided images are now available for download. Keep in mind these images have vulnerabilities and should not be run in sensitive environments!

ISUCDC13-Web | ISUCDC13-Shell | ISUCDC13-AD-LDAP | ISUCDC13-pfSense

These files are also mirrored here.

The VMs can be run using the free VMware Player or the non-free VMware Workstation, which may be provided by your academic institution. If you’d like to run these on a local ESXi server instead, grab VMware vCenter Converter Standalone to convert them to the correct format. (You’ll need to register a free account with VMware to download ESXi and vCenter Converter).

Fall ISU CDC 2013 Shell Server Git Repository and Flag

There was an error when setting up the git repository on the shell server.  It is empty.  We need to put the correct code there as well as commit and push the flag that belongs in the repository.

Follow these instructions.  Note the first block must happen on the shell server, the second block can happen on any machine that can access the shell server (including your laptop if it is running a flavor linux/unix and has git):

# ON THE SHELL SERVER, DO THIS:
export HTTPS_PROXY="http://199.100.16.100:3128"
git clone https://github.com/benjholla/Blackbook.git
cd Blackbook
cp -r .git/ /home/git/webapp.git
cd /home/git/webapp.git
git update-server-info
git --git-dir=/home/git/webapp.git config core.bare true

Note: “path/to/flag_file.flag” is a placeholder for wherever your flag file is currently on the file system.

# ON ANY CLIENT MACHINE THAT CAN ACCESS THE SHELL SERVER
git clone git@shell.teamN.isucdc.com:/home/git/webapp.git
cd webapp
mv /path/to/flag_file.flag .
git add flag_file.flag
git commit -m "Adding flag"
git push origin

Note: The author of the shell box would like to point out that this was not his mistake.

LDAP Check Fixed

Hello participants – a quick note!

The LDAP check was broken because it was still using the old domain scheme for its queries (siteN.cdc.com instead of teamN.isucdc.com).  The problem has been fixed and now some Active Directory servers are scanning as up!