thebsdbox

# ebpf Summit 2024 Capture the Flag ⛳️🐝 

Welcome to the eBPF 2024 Summit CTF, this year the task will involve a number of challenges around various eBPF technologies. Some of the challenges will require use of CLI tools such as `bpftool` and some will require fixing or completing some partial code in order to complete the challenge.

## Getting the CTF up and running !

The CTF makes use of the [lima](https://github.com/lima-vm/lima) project to simplify the process of creating a virtual machine that will run the CTF. The virtual machine once created will contain:

- CTF program
- code-server (VS-CODE but accessed through a browser)

thebsdbox

                          <div layout-gt-sm="row">
                             <md-input-container>
                               <label>SSH</label>
                               <input value="ssh {{instance.proxy_host}}@direct.{{host}} -p 8022" type="text" readonly="readonly" size="50">
                               <md-icon ngclipboard data-clipboard-text="ssh {{instance.proxy_host}}@direct.{{host}} -p 8022"class="material-icons">content_copy
                                    <md-tooltip md-direction="top">Copy!</md-tooltip>
                               </md-icon>
                               <md-button class="md-raised" href="ssh://{{instance.proxy_host}}@direct.{{host}}:8022" target="_blank" rel="noopener noreferrer">
                                  <md-icon class="material-icons">login</md-icon> SSH
                                </md-button>

thebsdbox

#!/bin/bash

echo This should set up everything needed for Kubernetes

sudo modprobe overlay
sudo modprobe br_netfilter
cat <<EOF | sudo tee /etc/sysctl.d/99-kubernetes-cri.conf
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
net.bridge.bridge-nf-call-ip6tables = 1

thebsdbox

apiVersion: apps/v1
kind: DaemonSet
metadata:
  creationTimestamp: null
  name: kube-vip-ds
  namespace: kube-system
spec:
  selector:
    matchLabels:
      name: kube-vip-ds

thebsdbox

package main

import (
	"compress/gzip"
	"crypto/tls"
	"crypto/x509"
	"encoding/json"
	"io"
	"io/ioutil"
	"math"

thebsdbox

modprobe nbd
qemu-nbd --connect=/dev/nbd0 ./focal-server-cloudimg-amd64.img
partprobe /dev/nbd0
mkdir /mnt/image
mount /dev/nbd0p1 /mnt/image
cd /mnt/image
mount -t proc /proc proc/
mount --rbind /sys sys/
mount --rbind /dev dev/
chroot /mnt/image bash

thebsdbox

apiVersion: apps/v1
kind: Deployment
metadata:
  name: packet-cloud-controller-manager
  namespace: kube-system
  labels:
    app: packet-cloud-controller-manager
spec:
  replicas: 1
  selector:

thebsdbox

kernel:
  image: linuxkit/kernel:5.4.39
  cmdline: "console=tty0 console=ttyS0 console=ttyAMA0 console=ttysclp0"
init:
  - linuxkit/init:a68f9fa0c1d9dbfc9c23663749a0b7ac510cbe1c
  - linuxkit/runc:v0.8
  - linuxkit/containerd:a4aa19c608556f7d786852557c36136255220c1f
  - linuxkit/ca-certificates:v0.8
onboot:
  - name: sysctl

thebsdbox

The "perfect" virtual Tinkerbell environment on Equinix Metal

pre-requisites

This is a rough shopping list of skills/accounts that will be a benefit for this guide.

• Equinix Metal portal account
• GO experience (basic)
• iptables usage (basic)
• qemu usage (basic)

thebsdbox

sudo docker pull public.ecr.aws/eks-distro/kubernetes/pause:v1.18.9-eks-1-18-1;\
sudo docker pull public.ecr.aws/eks-distro/coredns/coredns:v1.7.0-eks-1-18-1; \
sudo docker pull public.ecr.aws/eks-distro/etcd-io/etcd:v3.4.14-eks-1-18-1; \
sudo docker tag public.ecr.aws/eks-distro/kubernetes/pause:v1.18.9-eks-1-18-1 public.ecr.aws/eks-distro/kubernetes/pause:3.2; \
sudo docker tag public.ecr.aws/eks-distro/coredns/coredns:v1.7.0-eks-1-18-1 public.ecr.aws/eks-distro/kubernetes/coredns:1.6.7; \
sudo docker tag public.ecr.aws/eks-distro/etcd-io/etcd:v3.4.14-eks-1-18-1 public.ecr.aws/eks-distro/kubernetes/etcd:3.4.3-0; \
sudo kubeadm init --image-repository public.ecr.aws/eks-distro/kubernetes --kubernetes-version v1.18.9-eks-1-18-1