Virtual Machines
single series all timeline

Welcome to another boot2root / CTF this one is called Teuchter Twa. It is a direct sequel to the notorious Teuchter VM I released back in November 2016.

This VM is set to grab a DHCP lease on boot. As with all of my previous VMs, there is a theme. This VM can be a stand alone CTF, but for those who have completed wan, maybe draw up the notes, as if you don't know me by now, then maybe your name is Mick Hucknell...?

More hints for you:

This VM is designed to be a bit of a joke/troll so a translator might be useful.

The VM isn't over with root. There's a troll flag, secret flag and a final flag.

Here's a Brucie bonus for 10: Instead of rushing into things like you are chasing Haggis around Arthur's seat, take a step back. Things may not always work as they first appear to be.

When you locate the VM, maybe a little -Y "dns.flags.response eq 0" may help...?

As always, the CTF is chock full of cultural nuances & references, so it pays to act like Shareen Nanjiani: follow the money.

Wullie isn't as daft as he was in Teuchter wan, therefore, there will be improved security, failure to heed this warning will get you sent to Coventry.

Thanks to mrb3n, mr_h4sh, m0chan & Felamos for allowing me to torture them mercilessly in the testing phase of this VM. Thanks to Bob Beck's LibreSSL talk for sources of crontab entropy...

Best of luck. Do drop me a message on Twitter / Slack / IRC / etc. if you are struggling, or have completed this CTF. I'm always happy to give a hint, or to hear feedback on these challenges.

NB: You may need to set the NIC type to VMXNET3 or E1000, depending on your platform.