iCTF - UCSB International Capture The Flag

I was fortunate enough to be invited to join the QUT iCTF team. The objective of the contest is to ensure that a set of required services remain available and un-compromised. In preparation for this task, I decided to setup a dedicated laptop for the contest. I would have been far easier to install a distribution such as BackTrack, but I decided to take the painful path.

First, a friend sold me his old laptop, which was far better than my current notebook. It was a Sony VAIO SZ34GP. I installed CentOS 5.5 on this notebook, just a base install with development libraries and tools. The instructions below provide a brief list of tools and their associated configurations. 

Repositories
There's a need to set-up some additional repositories for CentOS to enable the installation of additional thir party applications. For more information refer to References 3Section.

1. sudo bash
2. cd /etc/yum.repos.d/
3. wget -q -O - http://www.atomicorp.com/installers/atomic |sh
4. wget http://dries.eu/pub/dries-el.repo
5. wget http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.1-1.el5.rf.i386.rpm
6. rpm -ivh rpmforge-release-0.5.1-1.el5.rf.i386.rpm
7. yum update

Installation

Install tools to be used for the competition. Most of the tools are penetration testing tools I have used in the past. I made a point of installing the development libraries and tools during the CentOS installation. This would be useful for developing and testing possible exploits.

1. sudo yum -y install nmap
2. sudo yum -y install amap
3. sudo yum -y install hydra
4. sudo yum -y install aide
5. sudo yum -y install snort
6. sudo yum -y install nikto
7. sudo yum -y install ntop
8. sudo yum -y install fail2ban
9. sudo yum -y install tcptrack
10. sudo yum -y install dsniff
11. sudo yum -y install ngrep
12. sudo yum -y install fragroute
13. sudo yum -y install hping
14. sudo yum -y install scapy
15. sudo yum -y install tcptraceroute
16. sudo yum -y install firewalk
17. sudo yum -y install iptraf
18. sudo yum -y install kismet
19. sudo yum -y install ettercap

ChaosReader

1. Download latest version from source forge (http://chaosreader.sourceforge.net)
2. sudo mkdir -p /opt/chaosreader
3. sudo cp chaoreader0.94 /opt/chaosreader/
4. sudo chmod 755 /opt/chaosreader/chaoreader0.94
5. sudo ln -s /opt/chaosreader/chaoreader0.94 /usr/local/bin/

John the Ripper

1. wget http://www.openwall.com/john/g/john-1.7.6.tar.gz
2. tar zxvf john-1.7.6.tar.gz
3. cd john-1.7.6
4. cd src
5. make
6.  clean linux-x86-any
7. sudo mv ../run /opt/john-1.7.6
8. sudo chown -R root:root opt/john-1.7.6
9. mv /opt/john-1.7.6/john.conf /opt/john-1.7.6/john.ini
10. sudo ln -s /opt/john-1.7.6/john /usr/local/sbin/
11. sudo ln -s /opt/john-1.7.6/john.ini /usr/local/sbin/

OpenVAS

1. sudo yum -y install openvas-server openvas-client openvas-scanner
2. sudo openvas-mkcert
3. sudo /usr/sbin/openvas-nvt-syn # Add as a cron job - refer to OpenVAS documentation
4. sudo /etc/rc.d/init.d/openvas-scanner restart
5. sudo /usr/sbin/openvas-adduser # Add rules "default accept" if unsure

Skipfish

1. wget http://skipfish.googlecode.com/files/skipfish-1.81b.tgz
2. tar zxvf skipfish-1.81b.tgz
3. sudo mv skipfish-1.81b /opt/
4. sudo ln -s /opt/skipfish-1.81b/skipfish /usr/local/sbin/
5. sudo ln -s /opt/skipfish-1.81b/sfscandiff /usr/local/sbin/
6. sudo chown -R root:root /opt/skipfish-1.81b

VMWare Server

1. Download the latest VMWare Server, at the time of this blog it was version 2.0.2
2. tar zxvf VMware-server-2.0.2-203138.i386.tar.gz
3. cd vmware-server-distrib
4. sudo ./vmware-install.pl

References:

1. http://ictf.cs.ucsb.edu/
2. http://rpmrepo.org/RPMforge
3. http://www.backtrack-linux.org/
4. http://wiki.centos.org/AdditionalResources/Repositories
5. http://www.openvas.org/
6. http://www.alienvault.com/free_nessus_feed.php
7. http://www.hacktoolrepository.com/