Warning
This page is located in archive. Go to the latest version of this course pages. Go the latest version of this page.

Table of Contents

Assignments

Hands-on assignments follow the topics shown in the tutorials:

  • Students need to form teams of two to work on the assignments.
  • Each team is assigned a docker container in the class infrastructure at the beginning of the class.
  • Docker containers run Linux and contain all the tools needed during the semester to solve all assignments.
  • All assignments are to be done in the containers unless stated otherwise.
  • Points for successfully solving an assignment are given to both team members.
  • All assignments are in the form of Capture the flag: solving a problem yields a flag that can be submitted in the CTFd system for evaluation.
Use university email for registration in the CTFd

General Rules

You can NOT

  1. Attack others on the Internet from the docker we are giving you.
  2. Attack the assignment servers or CTFd servers
  3. Attack other servers and service in the university network (outside of IP range given to you)
  4. Share your code or solution with other teams

You CAN

  1. Attack the given docker from the Internet.
  2. Attack from the local docker network the dockers for other students (inside the local network)
Containers are to be used for the class only. Failing to comply with the rules will lead to a point deduction and failing the class!

Assignment List

AssignmentStartsDuePoints
Assignmment 1 22.09.2022 31.10.20221
Assignmment 2 29.09.2022 31.10.20224
Assignmment 3 06.10.2022 31.10.20224
Assignmment 4 13.10.2022 31.10.20226
Assignmment 5 20.10.2022 13.01.20236
Assignmment 6 27.10.2022 13.01.20235
Assignmment 7 10.11.2022 13.01.20236
Assignmment 8 24.11.2022 13.01.20237
Assignmment 9 01.12.2022 13.01.20235
Assignmment 10 19.12.2022 13.01.20236
Bonus Assignment TBA TBA 50

Assignment 1: Hello class infrastructure

  1. Form a team and register in CTFd. The team's name in CTFd should also be declared in the spreadsheet.
  2. Log in to the given docker
  3. Get the flag and submit it to the CTFd

Assignment 2: Network reconnaissance using Nmap ⚔️

  1. Use your docker (see Class 1 document if you don't have one yet)
  2. Scan and find running devices in the network 172.16.1.100-200
  3. Find out which services are running in those devices
  4. One of the services will give you the flag. (2 points)
  5. Answer the two questions in CTFd (2 points)

Assignment 3: Network packet analysis with tcpdump and Wireshark 🛡️

  1. Log in your docker
  2. Capture traffic for at least 1 hour
  3. Search the captured traffic for suspicious/anomalous traffic and potential attack
  4. Analyze the attacker's actions
  5. Find the flag
  6. Submit the flag in CTFd (2 points)
  7. Answer questions in CTFd (1+1 points)

Assignment 4: Scanning services and gaining access ⚔️

Part 1: Hogwarts Library

  1. Log to your docker
  2. Find the library in <TBA> and explore it
  3. Find the flag and put it in the CTFd (1 point)
  4. Answer the question CTFd (1 point)

Part 3: Mrs Norris

  1. Log in to your docker
  2. Find a vulnerable service in <TBA>
  3. Find an exploit for the vulnerability
  4. Use the exploit and find the flag
  5. Submit the flag in theCTFd (2 points)

Assignment 5: Discovering Intruders in Your Server 🛡️

Assignment 6: Gaining and maintaining access ⚔️

Assignment 7: Fine-tuning honeypots to avoid detection 🛡️

Assignment 8: Secure coding and binary exploitation ⚔️🛡️

Assignment 9: Automated attacks with a malware client ⚔️

Assignment 10: Network analysis of a malware infection🛡️

Bonus Assignment

courses/bsy/assignments.txt · Last modified: 2022/12/19 19:16 by rigakmar