Skip to content

Commit 79c4aff

Browse files
HennichHennich
Hennich
and
Hennich
authored
Extend README (#101)
* packer more verbose * some hints for the actual CTF Co-authored-by: Hennich <[email protected]>
1 parent 7cf5fbd commit 79c4aff

File tree

1 file changed

+19
-3
lines changed

1 file changed

+19
-3
lines changed

README.md

Lines changed: 19 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,13 @@ Due to implementation details, currently you have to be aware of the following l
2121
- ...
2222

2323
## Usage (Docker)
24+
- [Optional] create a puppetmaster-VM on Hetzner, for shared working/debugging and run everything there
2425
- Have at least one ssh key with the label `type=admin` in your project **(HETZNER's WEBSITE)**
25-
- Set `HCLOUD_TOKEN` and `HETZNERDNS_TOKEN`
26+
- Set `HCLOUD_TOKEN` and `HETZNERDNS_TOKEN` in `Dockerfile` by including the lines
27+
```
28+
ENV HETZNERDNS_TOKEN="..."
29+
ENV HCLOUD_TOKEN="..."
30+
```
2631
- Create `./ansible/config_bambi.yml`
2732
```yaml
2833
vulnerable_services:
@@ -46,20 +51,24 @@ network_close_time: "2024-07-09T22:00:00"
4651
- Build configs
4752
- `cd /bambictf/configgen`
4853
- `poetry install` (once)
49-
- `poetry run configgen --teams 4 --routers 2 --dns test.bambi.ovh`
54+
- `poetry run configgen --teams 6 --routers 2 --checkers 3 --dns test.bambi.ovh`
5055
- Ship everything to the EnoCTFPortal:
5156
- `cp -r ./export/portal /services/EnoCTFPortal/data/teamdata` (or whereever it is)
5257
- Builds VMs
5358
- `cd /bambictf/packer`
5459
- `packer build bambichecker.json`
55-
- ...
60+
- `packer build bambielk.json`
61+
- `packer build bambiengine.json`
62+
- `packer build bambirouter.json`
63+
- `packer build bambivulnbox.json`
5664
- Note down vulnbox snapshot id, pass to EnoCTFPortal (`curl -H "Authorization: Bearer $HCLOUD_TOKEN" 'https://api.hetzner.cloud/v1/images?type=snapshot'`)
5765
- Create `./terraform/terraform.tfvars` (see `./terraform/terraform.tfvars.sample` for reference)
5866
- `cd /bambictf/terraform`
5967
- `terraform init`
6068
- `terraform apply`
6169

6270
## Open game network
71+
The time set in `./ansible/config_bambi.yml` should take care. Otherwise call
6372
- `iptables -A FORWARD -o router -j ACCEPT` (on *every* gateway)
6473

6574
## Emergency Port Forwards
@@ -72,3 +81,10 @@ on every router
7281
7382
## Rsync stuff
7483
- `while true; do rsync /services/data/*.json [email protected]:/services/EnoCTFPortal_bambi7/scoreboard; sleep 5; done` TODO ask Lucas about loops and stuff
84+
85+
## Running the actual CTF
86+
* terraform easily takes 30-60 minutes
87+
* build more configs than you actually expect, to have a safeguard
88+
* to add a new team during the CTF
89+
* increase teamcount in terraform and run `terraform apply`
90+
* add new team on EnoEngine `ctf.json`, and reapply config (see there)

0 commit comments

Comments
 (0)