Capture The Flag – The Prairie Bytes

THS capture the flag challenges.

^{Learn by doing.
– Anonymous –}

CTF Rules

Leader Board	Points
ca*********27	1

There is a Raspberry Pi running on the school network. It’s name is Gumby.
Gumby’s IP address is: 192.168.129.176
Since you’re on a Chromebook you’ll have to use your web browser for the rest of the challenge.
There is a Webmin server running on Gumby on the default port. If you receive a “This site can’t be reached 192.168.130.95 refused to connect.” error, check your port number.
There is not an SSL certificate installed so your browser will give you an error. This error will say “Your connection is not private”. Just click the ‘Advanced’ button and then click on “Proceed to 192.168.129.176 (unsafe). In the real world you would not want to do this since it allows you to connect to the site but the connection is not encrypted so anyone in between you & the website would be able to see what you’re doing (and any login information). Since you’re not leaving the school network you’re safe.
Your login ID is: student
The password is for you to figure out. (Hint: think sports team name)…. Oh C’mon that’s too easy.
After logging in you’ll see the Webmin dashboard. Webmin is just a web based interface to the underlying Linux operating system (OS)
For now, students will see just a single menu item names ‘Tools’. Under that is the File Manager.
Using the File Manager, find a file with the CTF token in it.
That’s it. It’s up to you now.

Completing the Webmin Schwebmin challenge will get you your very own login to Webmin running on Gumby
You’ll receive an email with your login credentials
Using your credentials, login to Gumby’s Webmin & find the SSH servers Host SSH Key
Email the text of this key file to darrylp@terryschools.com to receive credit for completing this challenge