Table of contents
The environment I used this time is
1. You can create a folder first
2. Start mysql and create a database
3. Build the Cardinal platform
4. Log in to the management background
Get SSH root user password for docker container
5. Deploy the target drone on cardinal
View player login ID and password
Change database password, game start and end times
6. Connect to Asteroid large screen
Come on everyone ( •̀ ω •́ )y look forward to seeing you again
Let me show you a rendering first, to attract your attention hahaha
start of text
1. Introduction
Cardinal is an AWD racing platform developed by Vidar-Team, written in Go. This program can be used as a CTF offline competition platform, and can also be used for AWD simulation exercises within the team.
Cardinal System
The name Cardinal comes from the game system in the work "Sword Art Online", which is described in the novel as being able to independently monitor players, maintain game data balance, automatically generate new game tasks, and perform self-repair without any manual external input with perfect...This is also our vision for the AWD competition platform. We hope to have a platform that monitors and manages the dynamics of players’ target drones, accurately calculates scores, automatically updates the status of target drones, and can provide timely feedback and even self-adjusting repairs when abnormalities occur. Therefore, I named this project Cardinal.
Documentation Guidelines
https://cardinal.ink/
2. Environment introduction
- Operating system: Windows/Linux/macOS
- Memory: 512Mb and above available
- Disk space: 2Gb and above available
The environment I used this time is
- kali-linux-2022.3-installer-everything-amd64
- docker
- docker-compose
- mysql uses the mysql that comes with kali, you need to start it yourself
The target machine is using
The target machine uses https://github.com/glzjin/20190511_awd_docker
Cardina version used
Cardina version used http:// https://github.com/vidar-team/Cardinal/releases
To download Cardina and the shooting range to the local in advance
Then pass it to Linux kali
3. Start to configure AWD
1. You can create a folder first
mkdir AWD
then go into the folder
cd AWD
Upload and unzip the Cardina you just downloaded
tar -zxvf Cardinal_v0.7.3_linux_amd64.tar.gz
Add permissions to Cardinal
chmod +X Cardinal
2. Start mysql and create a database
start mysql
service mysql start 启动mysql
Enter the password to log in to msql
mysql -u root -p 输入密码登入msql
Create 2 databases:
GRANT ALL PRIVILEGES ON *.* TO 'user'@'%' IDENTIFIED BY 'password' WITH GRANT OPTION;
CREATE DATABASE `cardinal` DEFAULT CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
Check for success:
show databases;
When this appears, it means that the database is built successfully.
3. Build the Cardinal platform
Run Cardinal
./Cardinal
┌──(root㉿kali)-[~/AWD]
└─# ./Cardinal
1 - en-US
2 - zh-CN
> type 1, 2... to select
2022/08/23 22:05:37 [ INFO] Please select a preferred language for the installation guide:
2
> 请输入比赛开始时间(格式 2020-02-17 12:00:00)
2022/08/23 22:05:40 [ INFO] Cardinal.toml 配置文件不存在,安装向导将带领您进行配置。
2022-08-23 22:10:00
> 请输入比赛结束时间(格式 2020-02-17 12:00:00)
2022-08-23 24:10:00
> 请输入比赛结束时间(格式 2020-02-17 12:00:00)
2022-08-23 23:10:00
> 请输入每轮长度(单位:分钟,默认值:2)
> 请输入后端服务器端口号(默认值:19999)
> 请输入每次 Checkdown 扣分(默认值:50)
> 请输入每次攻击得分(默认值:50)
> 是否自行另外部署前端?(true / false,默认值:false)
> 发送您的统计数据,帮助我们使 Cardinal 变得更好?(true / false,默认值:true)
> 请输入数据库地址(默认值:localhost:3306)
> 请输入数据库账号:
user
> 请输入数据库密码:
password
> 请输入数据库表名(默认值:cardinal)
2022/08/23 22:07:46 [ INFO] 创建 Cardinal.toml 配置文件成功!
2022/08/23 22:07:46 [TRACE] 加载配置文件成功
> 请输入管理员账号:
root
> 请输入管理员密码:
kali
2022/08/23 22:08:32 [ INFO] 添加管理员账号成功,请妥善保管您的账号密码信息!
2022/08/23 22:08:32 [TRACE] 比赛总轮数:30
2022/08/23 22:08:32 [TRACE] 比赛总时长:60 分钟
2022/08/23 22:10:01 [TRACE] New round: 1
Except for the circled ones, there are no special circumstances and the default is fine.
Follow the prompts to choose to install
Do you want to deploy the front end yourself? (true/false, default: false)
It is best to use the default for this item, otherwise errors may occur later, unless there are special needs
Note: If you are using a server, you must ensure that the port you need to use is opened on the console, otherwise you will not be able to access it. (The virtual machine kali does not need to be controlled)
4. Log in to the management background
IP: 19999 port is the player login page
IP: 19999/manager is the administrator page
192.168.2.249:19999/manager (the ip of kali in front, 19999 is the port number you wrote in the previous configuration file)
Open the website and enter the previous administrator account password
This is the data screen
But before that, you need to configure the team topic information
Add team and save password
Add topic, set visible
Update the Flag Shell:
echo { {FLAG}} > /flag
Create a flag file in the root directory and write something.Change the game name and flag logo as needed
configuration file
4. Build a shooting range
Range file construction https://github.com/glzjin/20190511_awd_docker
Upload files and compile
Create a new file for setting up the range
Upload the downloaded file to the file
Then unzip 20190511_awd_docker-master.zip
unzip 20190511_awd_docker-master.zip
Because the name is too long, let’s change the file name for later convenience
mv 20190511_awd_docker-master web1_1
View Files
Compile the docker-compose.yml file in it
vim docker-compose.yml
changed before
After the change
After compiling, wq save and exit
start docker
(If you haven't installed it before, please install docker first, I won't be strict here)
docker-compose up -d --build
If there is no problem with your docker, the normal situation is as shown in the above figure
查看镜像:docker images
查看正在运行的容器:docker ps
As shown in the picture, there is no problem
Access target machine
访问靶机
IP:8801
The following figure shows that there is no problem when accessing the target machine. The environment deployment is successful.
Get SSH root user password for docker container
docker exec -it 容器id passwd
This password is also the root user password of the target machine
Warm reminder: The container is configured here, but this is only one, and the target machine will be configured later, which is a target machine and a container
So you can add according to your needs
5. Deploy the target drone on cardinal
Open the management page and operate according to the picture
Note: Select the topic and team, IP is the IP of the target machine, port is the port of the target machine, and password is the password of the target machine just set.
Note that the Flag SSH here is the account password of the root of the container we set. It must have sufficient permissions, because the flag needs to be written into the container. If the permission is not enough, the Flag cannot be written
test ssh connection
generate flag
Explanation: A dynamic flag, if the background is not taken down, it is impossible for the players to know the flag in advance
View player login ID and password
at Dockerfile
The account number is glzjin and the password is 123456
test connection
Use Xshell or other tools to connect to the target machine
Enter account and password
The test as shown in the figure means the test is successful
Change database password, game start and end times
Find the conf file on the AWD page
Inside there is a Cardinal.toml configuration file edited with vim
You can change the database password, game start and end time here
6. Connect to Asteroid large screen
Download link https://github.com/wuhan005/Asteroid/releases
decompress
StandaloneWindows64\Asteroid_Data\StreamingAssets into this directory
Just change the IP to your own kali
Just run the program
there will be a cool page
There are more ways to play, you can explore it yourself