Capture the Flag Game
in the KYPO Cyber Range
Valdemar Švábenský, Jan Vykopal
Masaryk University, Czech Republic
PA197 Secure Network Design
April 3, 2019
2
▪ Game-like activity for exercising cybersecurity skills
▪ Origins: hacker conference DEF CON, 2002
▪ We focus on Attack-only games (penetration testing)
Capture the Flag (CTF) game
3
KYPO infrastructure for CTF games
4
CTF games in KYPO: topology and machine view
5
Your tasks
1. Log in at kypo2.ics.muni.cz via Shibboleth (use Chrome browser)
2. Open two browser tabs: Game and Topology
3. In the Topology tab, access the Attacker machine
(login/password: root/toor)
4. In the Game tab, start the game and read the instructions
5. Have fun and try everything! :)
6
Resources
▪ https://www.youtube.com/watch?v=ThBpRBpyxLI
▪ https://github.com/CSIRT-MU/edu-resources
▪ https://www.kali.org/
▪ https://defcon.org/
7
CTF game enhancement
Create new levels, hints, better texts and descriptions, or other types of
content that would improve the educational aspects of the game you have
played.
See IS MU for detailed assignment.
Due Wednesday, April 10, 10:00 (to be submitted in IS MU)
Homework
8
Join us!
▪ You will learn practical cybersecurity topics
▪ Join us to cooperate on interesting projects
Cybersecurity Laboratory at FI MU - kypo.fi.muni.cz
Computer Security Incident Response Team of Masaryk University
Interested in cybersecurity?
@csirtmu csirt.muni.cz
THANK YOU! QUESTIONS?
JOIN US AT CSIRT-MU :)
Valdemar Švábenský et al.
svabensky@ics.muni.cz
csirt.muni.cz, kypo.fi.muni.cz
@csirtmu