Competition Virtual Machine


On February 20, we will be making available a Virtual Machine image of the Operating System and Content Management System (CMS) Web Application that will be handed out to teams on the first day of the CTF competition. This is so that participants can spend as much time as they like devising and implementing extensive solutions: locking down services, removing programs, un-setuid-ing programs, and even elaborate defensive and offensive strategies tools and systems. Go to town!

PLEASE NOTE. All the changes you make to the VM will have to be scripted in order to be of use to you during the actual competition. You will have the first 30 minutes of the CTF competition to run scripts and install programs on a fresh VM on the competition ESX cluster. The scoring bots will be turned off for that period.


AVAILABLE NOW!

Click here to download the competition VM (801MB tarred-gzipped image).

After you download and unzip the archive, launch the virtual machine in VMware workstation or in VMware player (available from
http://www.vmware.com/go/downloadplayer/).

Log in with

username: ctfuser
password: MITCTFUSERPASSWORD

After the vm is running, follow the direction in readme.txt in ctfuser's home directory for updating Wordpress' database configuration. The Wordpress installation is located at /var/www/ and plugins and exploit steps can be find at /var/www/wp-content/plugins.

If you are having trouble, get in touch and let us know!