Index

TAMU CTF 2019 Writeups

  1. Pwn
    1. Pwn1
    2. Pwn2
    3. Pwn3
    4. Pwn4
    5. Pwn5
  2. Network/pentest
    1. Stop and listen
    2. Wordpress
    3. Calculator

Stop and listen

Challenge Description:
Sometimes you just need to stop and listen.
This challenge is an introduction to our network exploit challenges, which are hosted over OpenVPN.
Instructions:
• Install OpenVPN. Make sure to install the TAP driver. • Debian (Ubuntu/Kali) linux CLI: apt install openvpn
Windows GUI installer

• Obtain your OpenVPN configuration in the challenge modal. • You will obtain a separate config for each challenge containing connection info and certificates for authentication.

• Launch OpenVPN: • CLI: sudo openvpn --config ${challenge}.ovpn
• Windows GUI: Place the config file in %HOMEPATH%\OpenVPN\config and right-click the VPN icon on the status bar, then select the config for this challenge

The virtual tap0 interface will be assigned the IP address 172.30.0.14/28 by default. If multiple team members connect you will need to choose a unique IP for both.
The standard subnet is 172.30.0.0/28, so give that a scan ;)

OpenVpn config file:


This was a pretty straight forward problem we just have to follow the instruction to set the connection.
1. download openvpn config file
2. use ‘openvpn --config listen.ovpn’ command to connect to vpnservice
images/5-1.png

3. open wireshark and listen on tap0 interface
4.after listing 10-15 packets right click then goto copy→ follow → UDP stream
and you will get all text in udp stream and in that text there was the flag

images/5-2.png

The flag was gigem{f0rty_tw0_c9d950b61ea83}
www.000webhost.com