Please see Lecture Slides for information on now to obtain a VM.  We now also have an OVA version available in the same directory.

Here's how to get started:

  1. Log into the VM using sysadmin as the user and result of the following as the password: 
    $ echo "buy it, use it, break it, fix it" | awk -F, '{print $3 $4}' | awk '{print $1 $2 $3 $4}'
  2. (warning) See VM Network Configuration for how to configure your networking (warning) .
  3. Start Apache by running sudo /etc/init.d/apache2 start
  4. Go to http://ctf-portal.ctf.csail.mit.edu - you should be able to see your Wordpress site.
  5. If you want to tinker with things, look at the following places
    1. /usr/share/wordpress is a fairly standard Ubuntu installation of Wordpress
    2. Web root is located in /srv/www/ctf-portal.ctf.csail.mit.edu/ and points to the installation above
    3. Plugins and such go into /usr/share/wordpress/wp-content/plugins
    4. All these directories are owned by root:www-data, so you'll need to become one of those users to explore.  The simplest way is to run 
      sudo su
      and enter the password above - this makes you root. Alternatively, you could run 
      sudo su www-data
      to become the www-data user.
  • No labels

This event is brought to you by MIT Lincoln Laboratory, MIT CSAIL, and Northeastern University.