owned this note
owned this note
Published
Linked with GitHub
煉蠱大會遊戲方法 (Malware Playground Howto)
===========================================
玩家可以透過Raw TCP Socket連上煉蠱伺服器。遊戲共有兩個Port,一個用於下指令(以下簡稱指令Port),另一個用於觀看目前狀況。(以下簡稱狀況Port)
指令Port只能用來輸入指令,他不會回傳給你任何資料。輸入指令的回傳資料會顯示在狀況Port,因此建議同時開兩個視窗然後同時看兩者。
記分板可以透過Web來存取,新手村記分板 http://r1.hitcon20mpg.tw:8081
Players can connect to the malware playground through raw TCP socket. There are 2 ports, one is for sendin commands (hereafter "cmd port"), another is for watching the current status (hereafter "status port").
cmd port can only be used to key in/send command. It'll not show you any response. The response will be available on the status port instead. Therefore, it is recommended that two terminal windows be opened at the same time for each of the ports.
連上新手村 Connect to the tutorial section
------------------------------------------
新手村位於r1.hitcon20mpg.tw Port 28132 (指令port) Port 23133 (狀態port)。
The tutorial/intro section is on r1.hitcon20mpg.tw Port 28132 (cmd port) and Port 23133 (status port).
請先至此Google Form填入您的HITCON Token錢包地址與HITCON報名Email/序號:
Please go to this Google Form and fill in your HITCON Token address and your hitcon registration email/serial number.
https://docs.google.com/forms/d/1UUNx2WutYbwFbnFWRr7trNpsYdup0BZJFiN4BddgnyA
之後,可以開啟兩個不同視窗,使用nc指令連上煉蠱伺服器:
After that, connect to malware playground with the following commands in two different command prompt:
```
nc r1.hitcon20mpg.tw 28132
nc r1.hitcon20mpg.tw 28133
```
注意,必須同時打開兩個視窗,各自輸入以上兩個指令(一個視窗一個指令)。
Note, you'll need to open two terminals and enter the commands in them respectively (one in each).
加入後,於指令Port輸入:
After that, enter the following in Cmd port:
```
Nick <Your Nick>
```
可以設定你的暱稱。限制英文大小寫數字4-20個字長。
Will set your nickname, which is limited to alphanumeric (both cases), length of 4-20.
```
CurrentGame
```
即可查看目前遊戲規則。
and you'll see the rules for the current game.
該廠遊戲輸入第一個指令後(例如上述的CurrentGame),系統會透過狀態Port告訴你你的Port Number,請你記好它。請注意每一場遊戲的port number可能不一樣。
After entering the first command on speaking on that channel for the first time. The system will tell you your port number through status port. Please take note of it. Note that the port number may be different on every game.
接下來,在指令Port輸入以下指令重複Listen在某個Port Number:
Enter the following command in cmd port to listen on your port number:
```
Cmd while [ true ]; do nc -l -p <Port Number>; done
```
如果你的Process沒有被別人Kill掉,去Scoreboard就會看到你開始得分。
If your process is not killed, then you'll see that your score is increasing on the scoreboard.
在指令Port中輸入下列指令可以看Scoreboard:
Enter the following command on cmd port to see the scoreboard on IRC:
```
Scoreboard
```
新手村亦開放ssh連線:
ssh -p 28122 hitcon@r1.hitcon20mpg.tw
你問密碼是什麼?自己放/home/hitcon/.ssh/authorized_keys吧
最後,新手村遊戲規則為:
1. Process存活每秒1分,Port可以被連線每秒5分。可對外連網。
2. 可以直接執行指令。
3. 友善新手,請不要太頻繁的獵殺別人的Process。
4. 這場保留最久,原則上不刪除檔案,請多利用塗鴉區 (新手村中伺服器有跑一台http server)。
Lastly, the rules for the tutorial section is:
1. Process survival earns you 1 point per second. Port is up earns you 5 points per second. You may connect to the internet from the machine.
2. You can execute commands directly.
3. Please be friendly to noobs, and not kill them too frequently.
4. This room/game will be kept running for the duration of the conference, and generally we won't delete files/reset the game, so you're welcome to use the doodle area (the HTTP server running in the room).
進階場次
--------
進階場次位於同伺服器27132, 27133 Port
遊戲規則與獎勵 Rules and Rewards
================================
遊戲規則 Rules
--------------
規則:
1. 每一場次有自己的計分規則,有的是需要你執行的Process存活,有的是需要你Listen在某個Port。
2. 每一場次的入侵方法也可能不同,有的直接提供輸入指令或Shellcode。
3. 請記得填寫您的HITCON Token錢包地址與Nickname至Google Form。
4. 於該場輸入CurrentGame顯示該場次的計分方式,入侵方法與規則。
5. 大多場次電腦中都有HTTP伺服器,開放會眾塗鴉。HTTP伺服器網址為:
1. r1.hitcon20mpg.tw
6. HTTP伺服器塗鴉區內容為會眾上傳,非大會官方言論,大會亦不負保管責任。
7. 禁止攻擊位於/hitcon目錄中的遊戲Infra,不得(包含但不限於)修改,模擬,注入,阻擋,偽裝成該目錄中跑起來的伺服器,亦不得阻擋或為造Port 29100~29200中的任何流量。
8. 禁止癱瘓伺服器,例如使用Fork Bomb或是佔滿所有記憶體/磁碟空間。
9. 有上述違規行為,其他玩家可以向管理員檢舉。管理員可以將違規者禁賽及禁止其獲得獎勵的HITCON Token。
The rules are:
1. Each game have different scoring policy. Some requires your process to be alive, the other requires your port to be reachable.
2. Each game, the access you've to the machine is different. For some you can enter commands dircetly, others you can only use shellcode.
3. Remember to fill up the Google Form with your HITCON Token address and IRC Nickname.
4. Enter the "CurrentGame" command to see the rules on scoring policy and access you've.
5. Most games have an HTTP server running within the machine, known as the Doodle Area. You're free to alter anything within wwwroot. The HTTP server is reachable on:
1. r1.hitcon20mpg.tw
6. HITCON is not responsible for the content of the doodle area as it is by the attendees. HITCON is not responsible for storing/keeping the content of the doodle area.
7. Do not attack the game infra, located in /hitcon directory. You may not (including but not limited to), modify, emulate, inject, block, masquerade as anything that runs from that directory. You must not block or spoof any traffic on port 29100~29200.
8. Do not attempt denial of service attack on the machine, such as using fork bomb, or filling up the memory/disk space.
9. If there's any prohibited action, other players may notify the administrators. The administrator may prohibit the violators from player, and/or forfeiting their reward HITCON tokens.
獎勵 Rewards
------------
新手村場次,存活超過半小時(即獲得10800分以上)獲得50 HITCON Token。單一會眾僅限領取一次。
In the tutorial section, surviving for more than half an hour (gaining 10800 points or more) will gain 50 HITCON Token. One attendee is limited to one such reward.
進階場次,以當日所有場次為單位計分:
1. 第1~5名 1000 HITCON Token
2. 第6~10名 600 HITCON Token
3. 第11~15名 400 HITCON Token
For advanced section, we reward once every day for the sum of all games on that day:
1. 1st~5th: 1000 HITCON Token
2. 6th~10th: 600 HITCON Token
3. 11~15th: 400 HITCON Token
若第15名不存在或當日總存活時間未滿15分鐘,將不發出當日進階場次獎項。
In the case that the 15th position doesn't survive for more than 15 minutes in total. All of the rewards on advanced section for that day will NOT be handed out.
註:由於煉蠱伺服器沒有Nick註冊驗證機制,所以若需確認Nick擁有者,以同名Nick在Freenode上擁有權為準。
附錄 Appendix
=============
設定並且連上IRC (Configure and Connect to freenode IRC)
-------------------------------------------------------
(如果已連上FreeNode IRC且註冊Nickname,可跳過這一章節。)
(You may skip this section if you've connected to FreeNode and registered your nick)
請使用你習慣的IRC客戶端連上FreeNode,或是使用FreeNode Web IRC Client:
Please use your favourite IRC client to connect to FreeNode. Otherwise, use the FreeNode Web IRC Client:
https://webchat.freenode.net/
選一個你喜歡的使用者名稱,然後填入Nick欄位中,之後按下Start。
Your a nickname that you like, and fill in in the Nick field, then press start.
![IRC Login Screen](https://i.imgur.com/gcC7hg8l.jpg "IRC Login Screen")
如果你選的使用者名稱已經被使用,會出現下面這樣的訊息:
If your nickname is taken, the message below will appear:
![Nick Taken](https://i.imgur.com/sEm2g7h.jpg "Nick Taken")
此時你需要回到前面再選一個使用者名稱。
In that case, you'll need to pick another nickname.
如果你選的使用者名稱沒有被使用,則可在連上後輸入下列指令註冊你的使用者名稱:
If your nickname is not taken, then you can use the following command to register your nickname:
```
/msg NickServ REGISTER <你的密碼> <你的Email>
```
![Register Msg](https://i.imgur.com/wtLA1j9.jpg "Register Msg")
接下來去收Email會收到一封驗證信,如果找不到可以去Spam看看,這封信滿常進Spam的。
After that, you'll receieve a verification email. If not, check the spam folder, as that email frequently ends up there.
![Verification Email](https://i.imgur.com/kSeCTFA.jpg "Verification Email")
驗證信上會提供一組指令,回到剛剛的Web IRC界面,然後點選左側的NickServ:
On the verification email, there's a command. Go back to that web IRC interface, and on the left, click "NickServ".
![NickServ PrivMsg](https://i.imgur.com/j69r58W.jpg "NickServ PrivMsg")
然後貼上剛剛的指令:
Then paste that command from the verification email:
```
/msg NickServ VERIFY REGISTER ?????? ??????????
```
就會出現註冊完成的訊息:
You'll see that you've registered:
![Verification Command](https://i.imgur.com/pT47iyt.jpg "Verification Command")
日後如果需要重新登入IRC,可以在一開始的界面點選I have a password,並且輸入你的使用者名稱(Nick)跟密碼(Password):
If you need to login to IRC again. You can click "I have a password" on the Web IRC start screen, and enter your Nick and Password:
![Login with Password](https://i.imgur.com/qgQ7HOn.jpeg "Login with Password")