Most attack-defend CTFs (including DEFCON Finals) have a segregated game network, which is not directly connected to the internet. The server which each team must defend from other attackers has no route to the internet. This causes problems when trying to disseminate time-critical information, like when a CTF service is being exploited.
This project is effectively a fifo that sits on the game box at /home/ctf/slack. Write to it, and data gets forwarded to Slack an accomplice machine which is connected to both the game network and the public internet (e.g. a competitor's laptop).
The first two space-delimited fields are the username and channel, for example funbot and #ctf. The rest of the line is interpreted as the message to post.
The script ./slack.sh runs on a machine which has a connection both to the game network and the internet.
This code is terrible and is full of command injections.
If an attacker can send data to the FIFO, you're fucked.
Requires some Python 2.7 on whatever machine has the internet connection.
$ pip install -Ur requirements.txtThere are a few configuration points, which are managed via environment variables. You can either specify them explicitly, or modify the configuration files.
config/00-gameboxDEPLOY_SERVERis the "game server"DEPLOY_PORTis the port SSH is running on, onDEPLOY_SERVERDEPLOY_USERis the user to log in as onDEPLOY_SERVER, e.g.ctf
config/40-slackSLACK_URLis the incoming webhook URL for your Slack team
After configuration, just run ./slack.sh. It should load the configuration, and automatically connect to DEPLOY_SERVER and start monitoring a FIFO at /home/$DEPLOY_USER/slack.
To send a message to slack, just write to the FIFO. For example:
$ echo 'bot-name #general Hello, world!' > slackOne idea for usage is to hook up an inotify listener to it.