Download   Report
  1. No category

Symantec Cyber Readiness Challenge Player’s Manual Version 1.6

Symantec Cyber Readiness Challenge
Player’s Manual
Version 1.6
January 20, 2014
Table of Contents
Introduction ...................................................................................................................................... 3 1 The Cyber Readiness Challenge ............................................................................................... 4 1.1 1.2 1.3 1.4 1.5 Your Credentials ............................................................................................................................................... 4 Accessing the Competition ............................................................................................................................... 4 Scoring.............................................................................................................................................................. 4 Obtaining Support ............................................................................................................................................. 5 Continuing Professional Education (CPE) Credit ............................................................................................. 5 2 Cyber Readiness Challenge Event Preparation ....................................................................... 6 2.1 2.2 2.3 Rules ................................................................................................................................................................. 6 Resources Required ......................................................................................................................................... 6 Using a Live CD or a Virtual Machine on Your System .................................................................................... 7 3 Connecting to the Event ............................................................................................................ 8 3.1 3.2 3.3 Requirements ................................................................................................................................................... 8 Settings ............................................................................................................................................................. 8 Connecting........................................................................................................................................................ 8 4 Using the Scoreboard and Team Chat ...................................................................................... 9 4.1 4.2 4.3 4.4 4.5 4.6 4.7 Preface ............................................................................................................................................................. 9 Accessing the Scoreboard................................................................................................................................ 9 The Scoreboard ................................................................................................................................................ 9 Navigating Between Levels .............................................................................................................................. 9 Viewing Your Progress...................................................................................................................................... 9 Support ........................................................................................................................................................... 10 Team Chat ...................................................................................................................................................... 10 5 VPN Configuration for Kali ...................................................................................................... 11 5.1 5.2 Launch Kali ..................................................................................................................................................... 11 Client Install .................................................................................................................................................... 11 6 VPN Configuration for BackTrack 5R3 with Gnome .............................................................. 14 6.1 6.2 Launch BackTrack .......................................................................................................................................... 14 Client Installation ............................................................................................................................................ 14 7 VPN Configuration for Windows ............................................................................................. 18 7.1 Client Installation ............................................................................................................................................ 18 8 VPN Configuration for Mac OS X ............................................................................................ 23 8.1 Client Installation ............................................................................................................................................ 23 Appendices..................................................................................................................................... 27 Appendix A: Resources .......................................................................................................................................... 28 2
© 2014 Symantec
Introduction
Welcome to Symantec’s Cyber Readiness Challenge!
Sun Tzu once said, "Know both yourself and your enemy and you can win a hundred battles without jeopardy."
The Symantec Cyber Readiness Challenge is an immersive, interactive “capture the flag” competition that models
scenarios after the current threat landscape using realistic, virtualized IT infrastructure. Designed for many levels of
technical skill and experience it puts participants in the hacker's shoes to understand their targets, technology and thought
processes so they can ultimately better protect their organization and themselves.
Offered as both online and live onsite events at numerous locations around the world, participants will have the
opportunity to test, practice and develop their security skills within a unique and real world inspired environment
developed by Symantec, the global leader in security. While participating in this event, you will have the opportunity to:





Sharpen skills such as forensics, ethical hacking and more
Expand your awareness of targets and threats
Learn and try new techniques and tools
Compete against your peers for prizes and bragging rights
Earn Continuing Professional Education, or CPE, credit
Bringing together some of the world's leading experts in IT security, this innovative competition will offer a keynote
presentation by renowned security experts on the current security landscape and provides a fantastic environment for
networking and knowledge sharing.
For more information on future events, rules and technical requirements, please visit the following URL:
http://go.symantec.com/cyber-readiness
Please read this manual for important information about connecting to
and playing in the event.
3
© 2014 Symantec
1 The Cyber Readiness Challenge
This section will provide an overview of the Cyber Readiness Challenge experience.
1.1 Your Credentials
Every participant has their own username and password for the event. Your username and password are used to connect
to the event via a Virtual Private Network (VPN), and to log into the scoring system (the “Scoreboard”) to get your
objectives and enter your answers. The username (“handle”) and password you registered or were provided at the event
are used to log into the VPN and the scoreboard. Do not lose or disclose your password to anyone.
1.2 Accessing the Competition
The online environment for the Cyber Readiness Challenge is run from several datacenters globally. Prior to the start of
the event each participant will receive an email providing information about how to access their event. Each participant
will need a computer or a virtual machine to access the environment.
There are two main ways to participate:

Using the participant’s computer with a native operating system or an ethical hacking toolset such as Kali or
BackTrack installed or dual-booted, such as using a live CD/DVD, connecting with VPN software provided by the
online environment

Using the participant’s computer with an ethical hacking toolset running in a virtual machine, with the VM
connecting with VPN software provided by the online environment
More information about these options, including detailed setup instructions, will be provided in later sections of this
document.
1.3 Scoring
The objective is for individuals, or their teams for team events, to capture as many flags as possible during the event. All
participants should log into the Scoreboard to see the questions and to enter their answers to score points. Each question
and answer set is referred to as a flag.
The competition is broken into levels, starting with level one (1), with flags for each level. A flag is any piece of information
requested in the Scoreboard and is the only thing points will be awarded for. As you make your way through the event
additional levels with more flags will open.
Scoring is based on the capture of flags for each of the five (5) stages of a cyber attack: Reconnaissance, Incursion,
Discovery, Capture and Exfiltration. There will be varying degrees of difficulty for sets of flags: easy (worth 300 points),
moderate (worth 500 points), and hard (worth 1000 points).
Hints will be available for some of the early levels. Up to three (3) hints may be taken to help with capturing a flag.
Taking a hint will reduce the point value of a flag; taking all three hints will reduce it to zero (0) points.
If you get stuck on a flag, don’t get discouraged! The hints are there to
help make this a fun learning experience. Don’t be afraid to take them –
it’s your opportunity to learn something new about security and the risks we face.
Scoring a Flag Capture
Description: A list of flags will be provided in the Scoreboard. Examples include:
1. Provide the clear text password of a fictional user.
2. Breach a system or application and retrieve a credit card number.
3. Find a specific file and provide the MD5 value.
4
© 2014 Symantec
Scoring using the “Scoreboard”:
1. Successfully find the answer to a flag (question) requested on the Scoreboard.
2. If you are not already, log into the Scoreboard using your username (handle) and password. Note that
this is only available while connected to the event; it is not an Internet site.
3. Enter the answer for the flag. You will receive immediate feedback if the answer is correct. You will not
be penalized for incorrect answers.
To View Your Score
To view your score, the list of flags, or to submit captured flags, log on to the Scoreboard using your username
and password while connected via VPN to the online event.
1.4 Obtaining Support
Support during the competition will be available several ways:

From Symantec employees staffing the event

Through support options available in the Scoreboard once connected to the environment (documented in a later
section)

By email to [email protected] at any time, including if participants are having problems
connecting to the environment to access support in the Scoreboard
1.5 Continuing Professional Education (CPE) Credit
You will be eligible for continuing education credits, or CPEs, towards certification requirements from organizations such
as (ISC)2 and ISACA, and possibly from others as well. A Verification of Attendance form will be provided onsite or 2-4
weeks after completion of the event. Please refer to your accreditation guidelines for specific guidance including reporting
requirements. Changes to the 2013 (ISC)2 “Continuing Professional Education (CPE) Policies & Guidelines” allow for
Group A credit for this type of activity under “Performing unique projects and activities on-the-job.”
5
© 2014 Symantec
2 Cyber Readiness Challenge Event Preparation
2.1 Rules
Please refer to the Contest Rules on the Cyber Readiness Challenge site at http://go.symantec.com/cyber-readiness/ .
The objective of this test is to try to breach the environment without causing disruption or damage. As such testing that
may disable services, alter or destroy files or content, interfere with other participants’ ability to play, or be a Denial of
Service (DoS) may not be conducted unless otherwise directed during the event.
Any individual found intentionally interfering with game play may be disqualified.
2.2 Resources Required
Participants will need to have access to certain resources, such as an ethical hacking (or attack) environment, for game
play. There are several options to meet these resources. Some participants may have existing resources at their
disposal, including a preferred attack environment and tools for their use; you are encouraged to use what you are familiar
with.
1. Participants will provide their own computer, such as a laptop, with the following minimum recommended
requirements:

1 Ghz Intel x86 compatible processor (2 Ghz with virtualization extensions recommended)

2 GB of RAM

20 GB of free disk space

Operating system including Windows 2000 or later, OS X 10.4.11 or later, Linux 2.4.10/2.6.4 or later, and/or
Kali Linux (BackTrack is no longer recommended as it has been replaced by Kali)

Virtualization, if desired, including VMware Workstation or Player (for Windows or Linux), VMware Fusion (for
Mac OS X), or VirtualBox (multiple OS')

The latest version of Java on Mac OS X
2. Participants will provide their own ethical hacking toolkit, such as Backtrack or Kali
3. Internet access may be required for events, such as online Challenges; for onsite events, a wired and/or wireless
network may be used
Network requirements for all participants:
Participants will be using a VPN from their system and will need to have access to the Internet to connect (e.g. home
network, coffee shop or Internet café, permitted office or corporate network, etc.) Since an encrypted networking such
as the Virtual Private Network (VPN) will be used to access the online competition network, Internet service providers
will not see or be affected by any attack traffic used during play. Remember to connect to the VPN before starting any
scans or event-related activity to prevent accidentally affecting others.
For participants using their own computer:
Participants are welcome to use their own computer, such as:

Dual-booting to an installed or a live CD/DVD/USB image such as Kali Linux

A virtual machine installed on their system (for example, using the free VMware Player or free VirtualBox with
Kali)
If you currently do not have an ethical hacking environment, or a “toolset,” we recommend trying Kali. It is free to
download and use. Due to some reported issues with the latest 64-bit version we recommend the 32-bit for now.
6
© 2014 Symantec
2.3 Using a Live CD or a Virtual Machine on Your System
Many participants may want to use the Kali Linux to play the game. Kali is pre-configured with a variety of ethical hacking
software and is a quick and easy way to get the tools necessary to participate. The latest version can always be found at
http://www.kali.org/downloads/. We recommend using the 32-bit version.
Unless you install Kali on your computer, which is an option, there are two main ways to run it:
1) Boot from a Kali Linux Live CD or Kali Linux Live USB Drive
This is the best option if you are a beginner to the information security world. By booting from a “live” CD, you get
to use a fully featured version of Kali Linux without actually installing it or modifying your hard drive in any way.
If you’re setting up for the event at the last minute, go with this option, as it will get you playing in the shortest
amount of time. However, know that the performance will not be as good as using a virtual machine or installing
to a hard drive, especially with a CD or a DVD. It will still be usable.
Once you have downloaded the appropriate ISO file from the Kali Linux website burn it to a CD or a DVD with
software such as ImgBurn. Alternatively, if you want to make a live USB drive, follow these instructions:
http://docs.kali.org/installation/kali-linux-live-usb-install
Finally, restart your computer and interrupt your normal system startup. Then, select the CD/DVD/USB drive from
the boot options menu.
2) Run Kali Linux in a Virtual Machine
A virtual machine is a virtual computer that exists inside your physical computer. By using free software such as
VMware Player or VirtualBox, you can run Kali Linux inside a virtual machine that will run inside the operating
system that you already have on your computer.
This option is useful if you want to have quick access to various Windows tools that don’t exist on Kali.
Additionally, with this method you can connect to the game network from inside the virtual machine, leaving the
network of your main operating system still able to access the Internet in case you have to do any research.
If you go with this option, make sure that you configure the machine’s network adapter to use the “bridged”
option, which gives Kali direct access to the network. Using this mode will ensure that you bypass several
networking and hacking pitfalls.
Once the virtual machine is created, you can either “live” boot from the downloaded ISO file (if you are short on
time) or perform a normal Kali Linux install (if you want the best performance). More information on installing Kali
Linux can be found here: http://docs.kali.org/installation/kali-linux-hard-disk-install
7
© 2014 Symantec
3 Connecting to the Event
3.1 Requirements
Online events are accessed using a Virtual Private Network (VPN). The VPN software will be provided during the
connection and setup process, if required. Step by step setup instructions follow for several different environments:

Kali

BackTrack

Microsoft Windows

Mac OS X
Note that once you are “inside” the game using the VPN provided or by directly connecting in an in-person event you will
not be able to access the Internet (for security purposes). However, feel free to disconnect and reconnect from the
game to do research as many times as you like, or use another system for “Googling.”
Once connected to the provided VPN address:

The scoreboard address will be provided; you should log into the scoreboard as soon as you are connected

The target address range will be provided; nothing outside this range should be attacked
3.2 Settings
VPN Settings
Field
Setting
VPN Address
Provided by email or at the start of the event
Username
Selected by each participant when registering, or provided at the event
Password
Set by each participant when registering, or provided at the event
Target Address Range
Provided by email or in the Scoreboard once the event starts
(These are the attack targets in the online event)
Nothing outside this range should be attacked!
Scoreboard
Provided by email or at the start of the event
Do not attack or attempt to brute force the scoreboard!
3.3 Connecting
When you connect to the online environment using the address (URL) provided and your web browser, you will be
presented with a login screen. Use your username (handle) and password set or provided for the event. The following
sections of this document will provide instructions for setting up the VPN software.
Once connected to the online environment:

You should log into the Scoreboard as soon as you are connected

The target address range will be provided in the Scoreboard; nothing outside this range should be attacked
8
© 2014 Symantec
4 Using the Scoreboard and Team Chat
4.1 Preface
This section documents some of the operation and features of the Scoreboard. The Scoreboard is used to obtain the
flags, or questions you will answer to score points. It also has a team chat so that you can talk to and work with your team
members, and support options to report problems and request support from the Cyber Readiness Challenge team.
4.2 Accessing the Scoreboard
You can access the Scoreboard using a browser. Note that it is only available while connected to the event; it is not an
Internet site.
4.3 The Scoreboard
As you can see in this example the Scoreboard shows several types of information, such as which level you are on, the
flags for the level, your score (points), the time remaining in the competition, hints available for each flag, etc.
4.4 Navigating Between Levels
On the top-left-hand corner near “LEVEL” you will see the list of levels that you currently have access to. At the
beginning, you will only have access to level 1, but as you progress through the game you will unlock more levels. Use
the links in this section to navigate back and forth between different levels to review your progress or work on flags you
may have skipped.
4.5 Viewing Your Progress
You can view information about your progress using the “Progress” link in the top menu.
9
© 2014 Symantec
4.6 Support
There is a trouble ticket system built into the Scoreboard. If you have problems at any point during the game, click on the
"Support" link on the top menu. From there, you can submit a trouble ticket that will be seen by the Cyber Readiness
Challenge team. When your ticket has been replied to, Scoreboard will automatically notify you via the top menu, like this:
If you are having a problem with an individual flag you can report it using the “Report a Problem” button found on each
flag. This will open a ticket noting the flag you are having problems with.
Additionally, administrators can also put out “global” tickets. If you have never submitted any tickets but you still see that
you have a support notification, this is probably the reason. Global tickets are used to convey information quickly to all of
the players at once. For example, a global ticket would be issued if a particular flag is malfunctioning.
4.7 Team Chat
From the “Team Chat” link on the top menu you can access a separate web page that will allow you to chat with your
team members. This provides a way for the team to exchange ideas and collaborate on flags.
10
© 2014 Symantec
5 VPN Configuration for Kali
Please note that these instructions should also apply to other versions of Linux. BackTrack is covered separately in this
document.
If you are using a virtual computer requested during registration you will NOT need to perform these steps. The
VPN software is already installed for you.
5.1 Launch Kali
Step 1 – Start Kali, either native or a virtual machine (VM). If you are using a VM, bridged mode is recommended.
a. Log in with your credentials (the default username is root, and password is the one that was set at the time of
installation).
b. Make sure you have a valid IP address and can access the Internet (see your network admin for help).
5.2 Client Install
Step 3 – Install AnyConnect Client.
a. Kali’s default Internet browser is called Iceweasel.
Start Iceweasel by clicking on the following icon on the menu bar.
b. Navigate to the VPN address URL that was given to you in email.
c.
Log in with your user name and password.
d. You will be prompted to install missing plugins since Java is not automatically configured for use within Iceweasel.
Do NOT install the missing plugin. Wait until the Sun Java applet install times out and then click on the Linux
i386 link to download the VPN software installer.
e. Download the vpnsetup.sh file to the /root folder of the file system.
f.
Execute the ls command in a terminal window and you should see the vpnsetup.sh file.
11
© 2014 Symantec
g. Change the permissions on the file by performing: chmod +x vpnsetup.sh
h. Execute the ls command again to ensure that the file is now executable. If the file is green, then it can be
executed.
i.
Execute the vpnsetup.sh script by typing: ./vpnsetup.sh
j.
Start the VPN client GUI by clicking on the menu icon in the lower left corner, navigating “Applications” to
“Internet,” and selecting the “Cisco AnyConnect Secure Mobility Client”.
12
© 2014 Symantec
Note: if you are on a live (not installed) version of Kali the AnyConnect option will not automatically be added to
the menu during installation. If this is the case you can start the client in a terminal window using the nohup
/opt/cisco/anyconnect/bin/vnpui & command.
k.
Enter the VPN URL address used previously (provided to you in email).
l.
When prompted, enter your username and password from registration.
m. The VPN should now start; to test, open Iceweasel and log into the scoreboard.
You are now connected – begin working through the flags in the scoreboard and attacking the permitted target address
range once directed to do so once the event begins!
13
© 2014 Symantec
6 VPN Configuration for BackTrack 5R3 with Gnome
Please note that these instructions should also apply to most versions of Linux.
6.1 Launch BackTrack
Step 1 – Start BackTrack, either native or a virtual machine (VM). If you are using a VM, bridged mode is recommended.
a. Log in with your credentials (the default username is root and password is toor).
b. Make sure you have a valid IP address and can access the Internet (see your network admin for help).
c. Start the Gnome desktop by typing startx and press the Enter.
6.2 Client Installation
a. Start Firefox by clicking on the top left hand corner.
Select Internet -> Firefox Web Browser.
b. Navigate to the VPN address URL that was given to you in email.
c.
Click on the NoScript icon next to the location bar and Allow cyberreadinesschallenge.com.
14
© 2014 Symantec
d. Log in with your user name and password.
e. Wait until the Sun Java applet install times out and then click on the Linux i386 link.
f.
Transfer the vpnsetup.sh file to the /root folder of the Linux OS.
g. Start the Terminal application and change directory to /root (cd /root).
15
© 2014 Symantec
h. Execute the ls command and you should see the vpnsetup.sh file.
i.
Change the permissions on the file by performing chmod +x vpnsetup.sh
j.
Execute the ls command again to ensure that the file is now executable. If the file is green, then it can be
executed.
k.
Execute the vpnsetup.sh script by executing ./vpnsetup.sh
16
© 2014 Symantec
l.
If the script asks you to accept the terms in the license agreement, press Y and Enter.
m. Start the VPN client GUI by clicking on the menu icon in the lower left corner, navigating to “Internet,” and
selecting the Cisco VPN GUI.
n. Enter the VPN URL address used previously (provided to you in email).
o. When prompted, enter your username and password from registration.
p. The VPN should now start; to test, open Firefox and log into the scoreboard.
q. You are now connected – begin working through the flags in the scoreboard and attacking the permitted target
address range once the event begins!
17
© 2014 Symantec
7 VPN Configuration for Windows
7.1 Client Installation
Step 1 – Start Windows, either native or a virtual machine (VM); if you are using a VM, bridged mode is recommended.
a. Log in with your credentials.
b. Make sure you have a valid IP address and can access the Internet (see your network admin for help).
Step 2 – Open Internet Explorer
a. Launch Internet Explorer.
b. Click on Tools and then Internet Options.
c.
Click on the Security tab.
18
© 2014 Symantec
d. Click on Trusted sites. Next click on Sites.
e. In the Add this website to the zone field enter the VPN IP Address or domain that you were given during
registration and click the Add button.
f.
Navigate Internet Explorer to the VPN URL Address that you were given during registration.
19
© 2014 Symantec
g. Login to the Cisco SSL VPN Service Portal with your user name and password.
20
© 2014 Symantec
h. Click on the yellow banner to allow the AnyConnect add-on to be installed.
i.
When the User Account Control pops up, click the Yes button.
j.
The web page might show an error that VPN connection establishment failed. However, if you click on the Cisco
AnyConnect Icon in the notifications area you will see that in fact the VPN is connected.
21
© 2014 Symantec
m. Open your browser and log into the scoreboard.
You are now connected – begin working through the flags in the scoreboard and attacking the permitted target address
range once the event begins!
22
© 2014 Symantec
8 VPN Configuration for Mac OS X
8.1 Client Installation
Step 1 – The following instructions are for Mac OS X, tested on the Intel 64 bit platform. OS X within a virtual machine
environment is not supported.
Pre-requisite: Make sure the latest version of Java is installed. Use java.com to download and install if needed.
a. Log in with your credentials.
b. Make sure you have a valid IP address and can access the Internet (see your network admin for help).
Step 2 –
a. Navigate Safari to the IP Address or host that you were given during registration.
b. Login to the Cisco SSL VPN Service Portal with your user name and password.
23
© 2014 Symantec
c.
If the following screen appears, you may not have Java installed. Obtain Java from java.com, install it, and retry
the previous step of logging into the SSL VPN Service Portal.
d. Click on “Yes” if the following security warning screen pops up.
24
© 2014 Symantec
e. Click on Run when the following screen pops up:
f.
At this point, the Client Downloader should appear:
g. If prompted for system credentials, enter them and click OK:
25
© 2014 Symantec
h. If the installation was successful, the VPN connection should establish:
i.
Once connected, the following icon should appear as a Menu Bar Extra:
j.
The VPN should now start; to test, open Firefox and log into the scoreboard.
k.
You are now connected – begin working through the flags in the scoreboard and attacking the permitted target
address range!
l.
To quit or disconnect the VPN, click on the menu bar extra icon and select “Disconnect” or “Quit Cisco
AnyConnect”.
m. After installation, the VPN client can be accessed in the future by opening Cisco AnyConnect Secure Mobility
Client from the Applications folder:
You are now connected – begin working through the flags in the scoreboard and attacking the permitted target address
range once the event begins!
26
© 2014 Symantec
Appendices
Appendix A: Resources ............................................................................................................ 28 27
© 2014 Symantec
Appendix A:
Resources
The following resources may be useful:
Kali Linux
Kali Linux is the “next generation” of BackTrack, is a penetration testing arsenal that aids security professionals in
the ability to perform assessments in a purely native environment dedicated to hacking. Based on open-source
tools it has been customized down to every package, kernel configuration, script and patch solely for the purpose
of the penetration tester. The i386 version is currently recommended for VPN compatibility, and VMware and ISO
images are available.
Kali Linux: http://www.kali.org/
Metasploit
A collaboration of the open source community and Rapid7, Metasploit® software helps security and IT
professionals identify security issues, verify vulnerability mitigations, and manage expert-driven security
assessments. Metasploit Community Edition simplifies network discovery and vulnerability verification for specific
exploits and is available at:
http://metasploit.com/download/
Rapid7 has some Metasploit tutorial videos that provide a quick introduction to network scanning and basic
exploitation. They will help in getting started with Metasploit Community and in understanding basic methodology.
https://community.rapid7.com/community/solutions/metasploit/blog/2011/12/21/metasploit-tutorial-an-introductionto-metasploit-community
The Armitage graphical user interface (GUI) makes working with Metasploit easier, and is built into BackTrack. A
good introduction and how-to is available at:
http://dl.packetstormsecurity.net/papers/general/Armitage-hacking_made_easy_Part-1.pdf
Setting up a Penetration Testing Lab
Rapid7 and Metasploit have a good how-to for setting up a penetration testing lab to learn or attempt exploits. It’s
available at:
https://community.rapid7.com/docs/DOC-2196
28
© 2014 Symantec
How to access ASE’s IT services via VPN – Windows... 1: 2:

How to access ASE’s IT services via VPN – Windows... 1: 2:

How to use my Avaya IP phone?

How to use my Avaya IP phone?

+

+

How to use Microsoft VPN ? Case:

How to use Microsoft VPN ? Case:

H o w

H o w

Scoreboard Stand

Scoreboard Stand

How to create a VPN connection in Win 7 SocksBaz.Biz

How to create a VPN connection in Win 7 SocksBaz.Biz

H o w

H o w

H o w

H o w

How to create IPSec VPN via NAT Topology: Environment:

How to create IPSec VPN via NAT Topology: Environment:

Document 243377

Document 243377

abcdocz.com

© Copyright 2024