TAMU CTF 2019 Writeups

  1. Pwn
    1. Pwn1
    2. Pwn2
    3. Pwn3
    4. Pwn4
    5. Pwn5
  2. Network/pentest
    1. Stop and listen
    2. Wordpress
    3. Calculator

Stop and listen

Challenge Description:
Sometimes you just need to stop and listen.
This challenge is an introduction to our network exploit challenges, which are hosted over OpenVPN.
• Install OpenVPN. Make sure to install the TAP driver. • Debian (Ubuntu/Kali) linux CLI: apt install openvpn
Windows GUI installer

• Obtain your OpenVPN configuration in the challenge modal. • You will obtain a separate config for each challenge containing connection info and certificates for authentication.

• Launch OpenVPN: • CLI: sudo openvpn --config ${challenge}.ovpn
• Windows GUI: Place the config file in %HOMEPATH%\OpenVPN\config and right-click the VPN icon on the status bar, then select the config for this challenge

The virtual tap0 interface will be assigned the IP address by default. If multiple team members connect you will need to choose a unique IP for both.
The standard subnet is, so give that a scan ;)

OpenVpn config file:

This was a pretty straight forward problem we just have to follow the instruction to set the connection.
1. download openvpn config file
2. use ‘openvpn --config listen.ovpn’ command to connect to vpnservice

3. open wireshark and listen on tap0 interface
4.after listing 10-15 packets right click then goto copy→ follow → UDP stream
and you will get all text in udp stream and in that text there was the flag


The flag was gigem{f0rty_tw0_c9d950b61ea83}