Cyber Range - Multiplayer CTF Getting Started Guide

In a Capture the Flag (CTF) event, a "flag" represents the solution to a challenge or problem. Flags can take various forms and are submitted to the scoreboard, which tracks the progress of both individuals and teams. The scoreboard is also where the grading for the competition takes place, determining each participant's standing in the event.
 
It might be a fully qualified domain name or FQDN like this: 

webmail.acmecorp.info 

It could be a string of text from an html script: 
WWT{18090f4-0e24-6651-v65f-22sp3267aa} 

It could be a user password combination that is found: 
admin:acme123! 

It could be clear text within a flag file that was found: 
in the fileflag.txt, clear text inside is: 
DrinkYourOvaltine 
 

These are just a few examples of the types of flags you can expect in WWT Cyber Range CTF events. Additionally, the structure of the flags and any hints may be provided directly within the in-game scoreboard. Be sure to check the scoreboard for the correct flag formatting.

*Hint:  If you see a strict structure like Xxxx xx X xxXx Then it's likely the response would match the structure.  [ This is A flAg } would be a properly formatted answer. 

1. Details Tab: Specifies the details of the event

2. Resources Tab:  Provides resources to be utilized prior and during the Cyber Range event

3. Team Tab:  Displays CTFd and Rocket Chat credentials, as well as team members. Only the team/teammates have access to this tab.

4. Event Overview: Provides details about the Cyber Range event

5. What to Expect / Goals and Objectives/ Agenda: Scroll to see additional information about the event.

6. Launch GameSpace:  Clicking this button launches the lab in a new tab.  This button is not clickable until the start of the event.  Please see additional details under Gameplay – ATC Lab Gateway and Chat Platform section.

7. Date/Time: Day and start time of the Cyber Range event

8. Host: Host of the Cyber Range event

Clicking Launch Gamespace opens the ATC Lab Gateway and chat in a new tab.  Please see below for additional details.  (note:  your desktop may not appear exactly the same due to operating system differences, but all resources are still available) 

1. Player Desktops: There are four desktops available for each team.  Team members can view each desktop.   Click the arrow within the tab of each player desktop to open the desktop in a new tab.

2. Live Chat: Provides a way to submit a technical support request.  The Live Chat screen will open at the bottom right of the player desktop.  Enter your name and email then select an option with the Cyber Range Support Agent and a support representative will be in contact.

3. Rocket Chat: Enter the Rocket Chat credentials provided on the event page team tab (see above). All game play videos, messages, and hints are deployed through Rocket Chat.  Click the arrow within the tab of each player desktop to open the desktop in a new tab.

4. gameInfo: Document with necessary credentials

5. Zenmap: Nmap tool

6. Putty: SSHTelnet client players can use to access systems

7. Chrome Shortcut: Click to access the CTFd tool and the Iron Guardian website. Within the CTFd tool, users can view challenges, view the scoreboard, and submit flags.  Team credentials to access CTFd are provided on the event page team tab (see above).  For additional CTFd details, please see the section titled Submitting Flags and Viewing Scoreboard - CTFd.

8. Wireshark: Opensource network protocol analyzer tool

9. Network Diagram: Ironguardian's network diagram

10. Statement of Work: Game rules for players

11. Team Specific Player Chat Channel: Each player has access to a team specific chat.  Only team members and the Cyber Range Admin can see this chat.  The team's name is located within the Event Page.

12. Announcements Player Chat Channel: Each player has access to view this channel.  Game play videos, messages, and hints are deployed within this channel.

13. General Player Chat Channel: Each player has access to a general chat for all players. This channel is utilized to interact with proctors and other teams within the game.  The name of the general chat channel is the event title.

Copy/Paste from your host system to a system in the ATC through the ATC Lab Gateway is possible with several restrictions. 

Browser Setup 

• The ATC lab Gateway supports copy/paste in Google Chrome and Microsoft Edge.
• When users first access the ATC Lab Gateway, a prompt will display.  To enable copy/paste select Allow.  Please note the below snapshots are for Chrome.

If you accidentally blocked or closed the prompt, you can adjust these settings by:

To update the settings, click the pad-lock icon next to the site URL.  Click Reset Permissions.  Toggle the Clipboard to on/off. 

The CTFd tool is accessed via the browser shortcut on your player desktop in the ATC Lab Gateway (insert hyperlink for above section). The CTFd tool is used for submitting flags and accessing the scoreboard.  Challenge flags are submitted to CTFd under the Challenges tab, and the scoreboard is accessed via the Scoreboard tab within the CTFd tool. 

• Scores are not tracked individually; instead, the team as a whole share an account which is evaluated with a single, collective score.
• The CTFd platform itself is not a target for attacks.
• You won't have access to all challenges upfront, as progression is tied to completing certain challenges within the game.