The DEFCON CTF VM
Over the past 6 years, I've been collecting pieces of the DEFCON CTF's past and attempting to preserve them in a way that will allow future generations to enjoy the game. With the conclusion of DARPA's Cyber Grand Challenge and the start of DEFCON 24's CTF Finals, I'm releasing what I have. It's not 100% finished (I've been way too busy lately), but it is usable!
TL;DR: The most recent copy of the VM is v0.1.0 and can be downloaded here. Credentials are below.
UPDATE 2016-08-08: Minor text fixes.
How do I use this stuff?
Booting the virtual machine should be all that's required to get services up and running. To interact with a service, simply open a socket connection to the VM on that service's port. On a *nix system, this can be done in a terminal with netcat:
nc xxx.xxx.xxx.xxx yyyyy (X's represent the IP address, Y's represent the port number)
Of course, this just gets you a connection. The game requires you to find and patch/exploit flaws in each service. To do this (for most services), you will need to disassemble and step through the compiled executable by hand.
The industry-standard tool for reverse engineering is IDA Pro. Alternatives include Hopper and the recently-released Binary Ninja. If you don't want to spring for a license (or use the free demo version), the Binary Ninja prototype is open-source. Radare is another open-source alternative. And, of course, no discussion of disassemblers would be complete without mentioning objdump, which should be readily available on *nix systems in your distribution's repositories.
To assist newcomers in understanding how to find, patch, and exploit vulnerable code in these services, I have also published a fully detailed walkthrough of one of the services from DEFCON as a tutorial:
- DEFCON 15's kimjong (2007)
Once you've gone through it (or decided it's beneath you), I recommend "antipasto" (from DEFCON 16), "deltad" (from DEFCON 17), and "sammichd" (from DEFCON 15) as other, easier services to start with.