Please read the entire README thoroughly before modifying anything on this computer.
You will receive points for answering any "Forensics Questions" on your Desktop correctly. Valid (scored) "Forensics Questions" will only be located directly on your Desktop. We highly recommend reading all "Forensics Questions" thoroughly before doing anything to this computer, because you could destroy information necessary for answering the forensics question.
Help! The kingdom of Narnia has set up a new Minecraft server, but all sorts of stuff have gone wrong! They have asked you, an honorable CTF player, to secure their system for them. It's of utmost importance, because rumor has it that the White Witch is on the move!
In this image, you will be scored based on how many security misconfigurations and vulnerabilities in the image that you can mitigate. You will recieve the flag upon reaching 90 points. At that time your should screenshot your "Scoring Report," which contains information about the vulnerabilities you have fixed and your progress in the image. This is located on your Desktop as a shortcut. Send the screenshot to Eth007#0804 on Discord for the flag.
Notes:
This server is a minecraft server, so minecraft should be running. Please make sure that it runs under the minecraft user.
Please disable any ways to run minecraft commands without logging into the minecraft world.
We've recived reports about the Nether dimension not working. Please make sure this works so that our players can get those blaze rods!
We've had some massive trolling and griefing going on. As a result, we want to disable PVP temporarily. Please do that ASAP.
The system is authorized to serve /var/www/html and /srv/files on the web.
Aslan is a lion, and therefore cannot be bothered with SSH keys. Please make sure password authentication on the SSH server remains enabled.
Engine scores every minute or two approximately. Depends on how beefy of a computer you have. If it's not scoring please run systemctl restart scoring
Engine is REALLY slow initially. Solve stuff and reboot, then it'll score faster
lucy:Pa$$w0rd10 (YOU)
edmund
susan
peter
aslan
caspian
gregory
minecraft (service account)
SSH (openssh-server)
HTTP (nginx)
Minecraft server (located at /opt/minecraft/)