WTF.uzz

PWN0 (http://pwn0.com) the hackers playground is a VPN where (almost) anything goes. You just need to sign up, connect to the VPN and start hacking. This is what the website says! I loved the domain name and felt to give it a shot. Here is how the home page looks like,

Pretty intriguing! Isn’t it? Anyways, I read the forum (only 1 informative post till date) and regular here and there stuffs. It requires (recommends) OpenVPN to connect to its servers. They have configuration files available on their website to connect pwn0 server. Once you create your register, you can browse the configuration archive here (ZIP) and here (TAR.GZ). Here is my configuration andsmall hands-on guide on how I performed the same,

Downloaded and installed OpenVPN for my Ubuntu using,

apt-get install openvpn

After installing the same, I played with it a while to look for configuration options and file imports etc. I was wondering how to change the default options, and then searching for the files on it for some minutes, I figured out the configuration directory (unzip the config file downloaded from pwn0) ideally can be placed at /etc/openvpn/. So, the structure looked like,

This structure shows the 6 files supplied in the archived package from pwn0. These files contains the certificates (ca.crt, <username>.crt) and key file (<username>.key) together with 3 configuration settings’ file (pwn0.conf, pwn0.ovpn, pwn0.ovpn.udp). To start OpenVPN with the ‘pwn0 configuration’, issue the following command:

[reboot:/etc/openvpn/config]# openvpn – – config pwn0.conf

After connecting to the pwn0 server, make sure you can see the tunnel IP in your list as 10.225.0.* and can ping the fellow IP addresses. If yes! then bravo, you are done with all the configurations. Time to play some tricks now. Here are some files (bash scripts) which should be executed from the same console of VPN connection (I used linux, and so scripts are developed in BASH).

List of Scripts,

1. uson.sh – A script that helps you find the online users to help you plan your strategy. The script when executed creates a new file by the name "uson" and saves the usernames in it. [ Script Code: View | Download ]
2. ipon.sh – A script that finds the IP addresses of the users that are connected to the pwn0 VPN. It creates a new file by the name "ipon" and lists the IP addresses in it. [ Script Code: View | Download ]
3. score.sh – A script that helps you perform one kind of attack where you access the URL: http://vpn.pwn0.com/score?user=<username> where ‘username’ is of any active online VPN user. This script does all the job automatically and takes the input as a Username File. Execute it as "./score.sh" [ Script Code: View | Download ]
4. rscore.sh – The same job as score.sh but scoring as root. (sorry, will update the script later.)

I am one day old in this CTF at pwn0.com so, will release other parts as and when I complete the levels :). Meantime, happy hacking to all and best wishes! Feel free to comment here for any suggestions or new techniques, or improvements.

PS: All these scripts are raw and have been created in some hours. Excuse me if there are better ways, but these are just home based cooking! *Not to be tested in production environments and random inputs*

Cheers!