Q: Is there a root CA for the CTF that we can trust?
...
No. A couple servers employ self-signed certificates - fingerprints below.
| Code Block |
|---|
secure.openid.ctf.csail.mit.edu
SHA1 Fingerprint=39:20:1D:3E:B1:0E:E3:E4:8D:08:73:D9:DA:4E:F3:6E:68:1C:0E:CE
|
| Code Block |
|---|
scoreboard.ctf.csail.mit.edu
SHA1 Fingerprint=77:FC:E5:32:F2:A7:9C:D4:59:A5:FF:4E:4C:A9:49:D4:4E:0F:CB:41
|
...
Q: My VM doesn't power off when I run "shutdown now". Why?!
...
I'm not sure. What it does do is drop into single-user mode in console, giving you little control of anything if you're working via SSH. Use the following instead:
| Code Block |
|---|
# shutdown -h now
|
...
Q: I'm being prompted for a password when logging into Team VM. Why isn't my pubkey working?
...
SSH tries to guess which pubkey to use, and occasionally gets it wrong. You can give it some hints by including the following in your ~/.ssh/config:
| Code Block |
|---|
Host teamX.ctf.csail.mit.edu
PubkeyAuthentication yes
IdentityFile ~/.ssh/<name_of_priv_key_file>
|
...
Q: What am I allowed to change on the Team VM?
...
You can do anything you want to the team VM (you'll have root-level access); however, some things will break our graders and you won't get points. Here's a list of things you SHOULDN'T CHANGE:
- Apache MUST run on port 80
- OpenID-based registration MUST be enabled in Wordpress
- Login process MUST bring the user back to main page
- Widgets for activated services MUST exist on the main page
- NTP service MUST be running
- Wordpress theme MUST be "Twenty Eleven 1.3"
...
Q: There used to be a scrimmage event on the calendar for Sunday, October 28, but it's no longer there. Has it been cancelled?
Yes, the scrimmage has been cancelled, unfortunately, due to staffing constraints.
...
Q: How will the teams be able to identify PII (flags)?
Wiki Markup
Q: What is the mechanism for turning PII into money?
...