====== Assignments ======
Hands-on assignments follow the topics shown in the classes:
* Each student is assigned a docker container in the class infrastructure at the beginning of the class.
* Docker containers run Linux and contain all the tools needed during the semester to solve all assignments.
* All assignments are to be done in the containers unless stated otherwise.
* All assignments are in the form of Capture the flag: solving a problem yields a flag that can be submitted in the [[https://ctfd.bsy.stratosphereips.org/|CTFd]] system for evaluation.
Use university email for accessing the CTFd.
==== General Rules =====
**You can NOT**
- Attack others on the Internet from the docker we are giving you.
- Attack the assignment servers or CTFd servers
- Attack other servers and services in the university network (outside of the IP range given to you)
- Share your code or solution with other students
**You CAN**
- Attack the given docker **from** the Internet.
- Attack **from** the local docker network the dockers for other students (inside the local network)
Containers are to be used for the class only. Failing to comply with the rules will lead to a point deduction and failing the class!
==== Assignment List ====
^Assignment^Starts^Due^Points^
|[[courses:bsy:assignments#Assignment 1: Hello class infrastructure|Assignment 1]]| 5.10.2023 |12.10.2023 23:59|1|
|[[courses:bsy:assignments#Assignment 2: Network scanning | Assignment 2]]| 12.10.2023 20:00|6.11.2023 23:59|4|
|[[courses:bsy:assignments#Assignment 3: Packet capturing | Assignment 3]]| 12.10.2023 20:00|6.11.2023 23:59|2|
|[[courses:bsy:assignments#Assignment 4: Exploits & Vulnerabilities| Assignment 4]]| 19.10.2023 20:00|6.11.2023 23:59|6|
|[[courses:bsy:assignments#Assignment 5: Securing Linux devices| Assignment 5]]| 26.10.2023 20:00|10.1.2024 23:59|5|
|[[courses:bsy:assignments#Assignment 6: Honeypots| Assignment 6]]| 2.11.2023 20:00|10.1.2024 23:59|6|
|[[courses:bsy:assignments#Assignment 7: Persistance&Escalation| Assignment 7]]| 9.11.2023 20:00|10.1.2024 23:59|5|
|[[courses:bsy:assignments#Assignment 8: Reversing| Assignment 8]]| 22.11.2023 20:00|10.1.2024 23:59|4|
|[[courses:bsy:assignments#Assignment 9: C&C Client| Assignment 9]]| 30.11.2023 20:00|10.1.2024 23:59|6|
|[[courses:bsy:assignments#Assignment 10: Malware Detection| Assignment 10]]| 14.12.2023 20:00|10.1.2024 23:59|5|
|[[courses:bsy:assignments#bonus|Bonus Assignment]]| TBA |TBA| 100|
------
=== Assignment 1: Hello class infrastructure ===
- Log in [[https://ctfd.bsy.stratosphereips.org/|CTFd]] with given credentials (Check your email).
- Log in to the given docker with the given credentials.
- Get the flag and submit it to the [[https://ctfd.bsy.stratosphereips.org//|CTFd]]
----
=== Assignment 2: Network scanning ===
* Log in to your docker
* Scan and find running devices in the network **172.16.1.100-200**
* Find out which services are running on those devices
* Find the flag and submit it to the [[https://ctfd.bsy.stratosphereips.org//|CTFd]]
* Answer related questions in the [[https://ctfd.bsy.stratosphereips.org//|CTFd]]
PLEASE DO NOT SCAN HOSTS OUTSIDE OF THE GIVEN RANGE
=== Assignment 3: Packet capturing ===
* Log in to your docker
* Capture traffic for at least 1 hour
* Search the captured traffic for suspicious/anomalous traffic and potential attack
* Analyze the attacker's actions
* Find the flag
* Submit the flag in the [[https://ctfd.bsy.stratosphereips.org//|CTFd]]
----
=== Assignment 4: Exploits & Vulnerabilities ===
**Part 1:**
* Log in to your docker
* Find the library in and explore it
* Find the flag and answer the question in CTFd
//Useful tools: nmap, ls, ssh, cat//
**Part 2:**
* Log in to your docker
* Server has a vulnerability
* Find it and search for an exploit
*Exploit this vulnerability to read the flag file
//Useful tools: nmap, python, cat//
----
=== Assignment 5: Securing Linux devices ===
* The assignment has several parts. You will need to log in to your dockers, investigate potential breaches, and answer the questions in [[https://ctfd.bsy.stratosphereips.org//|CTFd]].
Do not block user access by SSH (pass or public key). Do not harden your dockers before the assignment starts.
----
=== Assignment 6: Honeypots ===
* Unordered List ItemYou have a Cowrie installation at your docker running SSH on port 2222
* Attackers will try to connect to this port and detect if it is a honeypot or a real service.
* You need to try and make the honeypot look more realistic.
* More details in [[https://ctfd.bsy.stratosphereips.org//|CTFd]]
----
=== Assignment 7: Persistance&Escalation ===
* Find a way to access the given server
* Make sure you can read all parts of the flag number 1
* Find a way to access flag number 2
----
=== Assignment 8: Reversing ===
* Log in to your dockers
* Analyze the traffic that comes to your container and try to make sense of it. (You can ignore traffic from past assignments)
* Find the flag and submit it to the [[https://ctfd.bsy.stratosphereips.org//|CTFd]]
* More details in [[https://ctfd.bsy.stratosphereips.org//|CTFd]]
----
=== Assignment 9: C&C Client ===
There is a bot server specified in [[https://ctfd.bsy.stratosphereips.org//|CTFd]]. Create a bot client that can interact with it, respond to the C&C server commands and obtain the flag. In order to register to the bot master you will need to provide proof of work. Check the attached `pow_solver.py` to see what is needed.
----
=== Assignment 10: Malware Detection ===
* Part 1: Download a PCAP from [[https://ctfd.bsy.stratosphereips.org//|CTFd]], analyze it and answer the questions
* Part 2: Modify the ML part in the class Colab according to the instructions in [[https://ctfd.bsy.stratosphereips.org//|CTFd]] and solve the questions.
==== Bonus Assignment ====
Bonus assignments will be announced before the winter break. Students who complete the bonus assignment can choose not to come to the final exam. More details and exact conditions for passing the bonus will be announced later in the semester.