====== Assignments ======
Hands-on assignments follow the topics shown in the tutorials:

  * Students need to form teams of two to work on the assignments. 
  * Each team is assigned a docker container in the class infrastructure at the beginning of the class.
  * Docker containers run Linux and contain all the tools needed during the semester to solve all assignments.
  * All assignments are to be done in the containers unless stated otherwise.
  * Points for successfully solving an assignment are given to both team members.
  * All assignments are in the form of Capture the flag: solving a problem yields a flag that can be submitted in the [[http://aconcagua.felk.cvut.cz:8000/|CTFd]] system for evaluation.
<note important>Use university email for registration in the CTFd</note>

==== General Rules =====
**You can NOT**
  - Attack others on the Internet from the docker we are giving you.
  - Attack the assignment servers or CTFd servers
  - Attack other servers and service in the university network (outside of IP range given to you)
  - Share your code or solution with other teams
**You CAN**
  - Attack the given docker **from** the Internet.
  - Attack **from** the local docker network the dockers for other students (inside the local network)
<note warning>Containers are to be used for the class only. Failing to comply with the rules will lead to a point deduction and failing the class!</note>

=== Assignment List ===
^Assignment^Starts^Due^Points^
|[[courses:bsy:assignments#Assignment 1: Hello class infrastructure|Assignmment 1]]| 22.09.2022 |31.10.2022|1|
|[[courses:bsy:assignments#Assignment 2: Network reconnaissance using Nmap ⚔️|Assignmment 2]]| 29.09.2022 |31.10.2022|4|
|[[courses:bsy:assignments#Assignment 3: Network packet analysis with tcpdump and Wireshark 🛡️|Assignmment 3]]| 06.10.2022 |31.10.2022|4|
|[[courses:bsy:assignments#Assignment 4: Scanning services and gaining access ⚔️|Assignmment 4]]| 13.10.2022 |31.10.2022|6|
|[[courses:bsy:assignments#Assignment 5: Discovering Intruders in Your Server 🛡️|Assignmment 5]]| 20.10.2022 |13.01.2023|6|
|[[courses:bsy:assignments#Assignment 6: Gaining and maintaining access ⚔️ |Assignmment 6]]| 27.10.2022 |13.01.2023|5|
|[[courses:bsy:assignments#Assignment 7: Fine-tuning honeypots to avoid detection 🛡️|Assignmment 7]]| 10.11.2022 |13.01.2023|6|
|[[courses:bsy:assignments#Assignment 8: Automated attacks with a malware client ⚔️|Assignmment 8]]| 24.11.2022 |13.01.2023|7|
|[[courses:bsy:assignments#Assignment 9: Network analysis of a malware infection🛡️|Assignmment 9]]| 01.12.2022 |13.01.2023|5|
|[[courses:bsy:assignments#Assignment 10: Web attacks⚔️|Assignmment 10]]| 19.12.2022 |13.01.2023|6|
|[[courses:bsy:assignments#bonus|Bonus Assignment]]| TBA |TBA| 50|



==== Assignment 1: Hello class infrastructure ====
  - Form a team and register in [[http://aconcagua.felk.cvut.cz:8000/|CTFd]]. The team's name in CTFd should also be declared in the spreadsheet.
  - Log in to the given docker
  - Get the flag and submit it to the [[http://aconcagua.felk.cvut.cz:8000/|CTFd]]

==== Assignment 2: Network reconnaissance using Nmap ⚔️====

  -  Use your docker (see Class 1 document if you don't have one yet)
  -  Scan and find running devices in the network 172.16.1.100-200
  -  Find out which services are running in those devices
  -  One of the services will give you the flag. (2 points)
  -  Answer the two questions in [[http://aconcagua.felk.cvut.cz:8000/|CTFd]] (2 points)

==== Assignment 3: Network packet analysis with tcpdump and Wireshark 🛡️====

  -  Log in your docker
  -  Capture traffic for **at least 1 hour**
  -  Search the captured traffic for suspicious/anomalous traffic and potential attack
  -  Analyze the attacker's actions
  -  Find the flag
  -  Submit the flag in [[http://aconcagua.felk.cvut.cz:8000/|CTFd]] (2 points)
  -  Answer questions in [[http://aconcagua.felk.cvut.cz:8000/|CTFd]] (1+1 points)
==== Assignment 4: Scanning services and gaining access ⚔️====
=== Part 1: Hogwarts Library ===
  - Log to your docker
  - Find the library in <TBA> and explore it 
  - Find the flag and put it in the [[http://aconcagua.felk.cvut.cz:8000/|CTFd]] (1 point)
  - Answer the question [[http://aconcagua.felk.cvut.cz:8000/|CTFd]] (1 point)

----


=== Part 3: Mrs Norris ===
  - Log in to your docker
  - Find a vulnerable service in <TBA>
  - Find an exploit for the vulnerability
  - Use the exploit and find the flag
  - Submit the flag in the[[http://aconcagua.felk.cvut.cz:8000/|CTFd]] (2 points)


==== Assignment 5: Discovering Intruders in Your Server 🛡️====

==== Assignment 6: Gaining and maintaining access ⚔️====

==== Assignment 7: Fine-tuning honeypots to avoid detection 🛡️====


==== Assignment 8: Secure coding and binary exploitation ⚔️🛡️====

==== Assignment 9: Automated attacks with a malware client ⚔️====


==== Assignment 10: Network analysis of a malware infection🛡️ ====


==== Bonus Assignment ====