Summary: Since you last performed work for Hackme Corp, their little company has been through rough times. The latest of which started when they hired the militant John Pepper to be their system admin.
Those who respected John’s stern demeanor and unorthodox methods simply called him Sarge, firstly because he was once a drill sergeant and, quite ironically, because Sarge loved The Beatles.
John ran his network like he ran his platoon, and his motto was “It’s my way or no network access today.” At first, upper management thought John’s new way of doing things was a much needed improvement to the disorderly practices of admins past… but their elation quickly faded when many of them found themselves locked out due to various “infractions” (John once made the president of marketing do 20 push-ups to get his account unlocked after 5 failed authentication attempts).
The final straw was when John and his team shut down the network because he saw a several Bernie Sanders bumper stickers on employee vehicles. After some deliberation by management, John and his team were subsequently fired.
John trusted his team completely, and in turn, his team was unusually loyal. Even under threat of legal action, they are refusing to give up any passwords. Although this will eventually play out in a court of law, the CEO needs to access the data faster than lady justice can move. Several bit-for-bit copies of the drive have already been made for legal use, so now it is your job to recover John Pepper’s password from the server however you can. John’s account contains the most critical information about the network, including plans that are vital to the survival of the company itself.
You and your team will be given connections to the network. After that, it’s up to you to gain access to the accounts of John’s and his team’s primary Linux system. Each milestone will be represented as a flag that will take you deeper into the system, ultimately leading to the account of their senior admin, Sergeant Pepper himself.
What you’ll need to bring:
1. Updated Kali Linux (either as your main OS or as a VM)
2. An ethernet cable (in case the wireless gets sketchy)
3. Earbuds or headphones (recommended so things don’t too get annoying)
4. A sense of humor
What you’ll need to know:
1. The stuff learned in the other DC970 CTF games
2. How to use nmap
3. Brute force authentication tools and techniques
4. How to brute force zip file passwords (helpful, but not critical)
5. How to transfer a file from the vulnerable machine to your own machine for manipulation and/or analysis purposes using SCP or other means (there are SSH applications that make easy, but you should still know how to do it from the command line… just saying).
There are four flags in this challenge, in the following format: flag_0*.txt.
This is a beginner-level CTF! On a scale of 1 to 10 in difficulty, I’d rank this at maybe a 2. Pros will find nothing challenging here (even if you ignore the hints), but if you don’t take things too seriously you’ll still have a good time hanging out with a group of security enthusiasts who enjoy playing games and solving puzzles. Hope to see you on Thursday!