Today I am going to shed some light on how to create a virtual machine for CTF gaming. This tutorial came to life after a discussion on my Discord server on how to distribute CTF games among friends.
In this tutorial we’ll create a Debian based virtual machine, prep it with some software – then pack it all together for distribution. This tutorial is written with CTF’s in mind, but can also be used as a step by step instruction for distributing virtual machines in a more professional setting. For instance, setting up development machines and servers. The sky is the limit here.
Prerequisites
To begin with there are only two prerequisites for this tutorial:
Even though this tutorial is based on VirtualBox and Debian, you can opt for using VMWare and a different Linux distribution instead. If so, the approach might be somewhat different, though.
Planning
With the prerequisites in place we begin planning. Regard the following list a mere starting point:
- What do we want to achieve?
- What kind of CTF are we planning?
- What software must be included to support our goal and game?
With that in mind, also consider writing a manuscript for the entire game taking the user through each level/flag. Finding plausible attack vectors for each level/flag is very important.
Creating Virtual Machine
Open VirtualBox and click the New button. This will open the following dialog window. A handy tip, set a relevant name for this virtual machine.
Clicking Create will take you to the next dialog window. A handy tip, find the absolute minimum file size. No one want to deploy a CTF hogging too much space. Same goes for RAM, btw.
You’re done. The disk has been created. At this point you might want to right click the newly created image and set some custom settings. Perhaps taking a look into the network settings? Note that any settings here will be carried over to the exported image, so choose wisely.
On the first boot VirtualBox will ask for a installation disk. This’ll be the Debian ISO file you downloaded earlier.
You can also select the installation disk from within the settings.
Installing the operating system
The Debian installation is a straight forward process and will not be covered here in much detail, however I’ll provide some information on which options I often use.
When it comes to disk partition I often use the Guided – use entire disk and set up LVM.
And just having one partition
I often deselect everything but Standard system utilities from the Sofware selection menu. I prefer to keep my image mostly clean manually installing whatever I need later on.
Progressing forward you’ll encounter where to install GRUB. Just go ahead and install it on MBR but remember to set boot loader device or else the system wont boot!
Then just follow the installer to the end and you’ll have a working Debian installation!
Installing LAMPP stack
Once the installation is done and you’ve rebooted the machine and logged in, it is time to fill the image with some software. For this tutorial I have chosen to install the LAMPP stack. Your choice of software may differ. That’s cool too.
Most of these commands are runned under SU or SUDO. Debian comes with support for PHP 5 and we want PHP 7 instead. To solve this we must first add references to the DotDeb repository holding the PHP 7 packages:
| Command |
|---|
| echo ‘deb http://packages.dotdeb.org jessie all’ >> /etc/apt/sources.list |
| echo ‘deb-src http://packages.dotdeb.org jessie all’ >> /etc/apt/sources.list |
| cd /tmp |
| wget https://www.dotdeb.org/dotdeb.gpg |
| apt-key add dotdeb.gpg |
| rm dotdeb.gpg |
With these references in place we update Debian to retrieve the software list needed:
| Command |
|---|
| $ apt update |
With an updated software list we begin building our software stack. We’ll make use of the apt command. The database installation will need some attention during the installation. Don’t fear, it’ll just ask you to set a password.
| Software | Install command |
|---|---|
| Apache webserver | $ apt install apache2 |
| MariaDB database server | $ apt install mariadb-server |
| MariaDB database client | $ apt install mariadb-client |
| PHP | $ apt install php7.0 |
| PHP MySQL | $ apt install php7.0-mysql |
| PHP Pear | $ apt install php-pear |
| Lib Apache2 | $ apt install libapache2-mod-php7.0 |
| SSH | $ apt install ssh |
The entire installation can be made into a one liner by putting each software package name after each other separated by a space, like so:
| Command |
|---|
| $ apt install apt install apache2 mariadb-server mariadb-client php7.0 php7.0-mysql libapache2-mod-php7.0 php-pear ssh |
Go ahead and try that last one liner command!
Making sure services are running upon boot
After the software has been installed we make sure services start at boot time:
| What | Command |
|---|---|
| Apache | systemctl eneble apache |
| MariaDB | systemctl enable mysql |
Making the game
Making the game is actually the hardest part. Luckily you penned some great ideas in the planning stage. This is where those ideas come into play! Please feel free to experiment. Keep in mind to test your ideas and setup throughout the process and prior to release!
Export appliance for distribution
At this stage you’ve completed what you wanted to achieve. The time has come to share your efforts with friends and other players. It is time to export the virtual machine! Exporting is easy.
Step 1: Shutdown your machine
We start turning the virtual machine off. From experience, don’t just issue the shutdown command from within Linux. It’ll just leave the machine at the last prompt displayed after shutdown leaving users to manually reboot the image. Instead, log out and use ACPI Shutdown instead.
Step 2: Export
With the virtual machine properly shut down, select Export Appliance from File menu:
Select which virtual machine to export. Here we’ve chosen the one we made for this tutorial.
Click Next. In Storage settings, select where to save the exported virtual machine. For this tutorial, just go on accepting the defaults.
Click Next. In Appliance Settings, feel free to fill in the fields with relevant information. When done, click on Export button.
Congratulation, you just completed this tutorial! I’ll leave you with an assignment. Import the image for further testing to weed out bugs and to make the image even more portable!
reedphish 
Can you minimize the size of ctf ? Like include only apache service and run it using .iso file?
LikeLike
Sure. You can include anything you want or need. For instance you can base the machine on a minimalistic Linux distribution and build from there.
LikeLike
Waiting for part2! How to make it vulnerable?
LikeLike
I’m open for ideas, so perhaps I will.
LikeLike