Skip to content
Snippets Groups Projects

Linear Training

Last edited by Dominik Pilár

The following actions need to be performed to test the functionality of the KYPO CRP sufficiently.

Prerequisites

Deployed KYPO instance including 4 users:

  • admin - all-mighty user
  • designer - instructor
  • organizer - instructor
  • trainee

Note: the name of the users may differ, the important are the roles of the users.

Sandboxes

  1. Create sandbox definition for linear training:
    • URI: git@gitlab.ics.muni.cz:muni-kypo-trainings/games/junior-hacker.git
    • Revision: master
  2. Create a pool of 3 sandboxes. Set the sandbox definition created in the previous step.
  3. Allocate all sandboxes.
  4. When all sandboxes are allocated, download the SSH access ZIP file (management access) and try to connect to the attacker, server, client, man, and uan nodes.

Linear Training

1. Manually create the Junior hacker training definition.

After each Save action, refresh the page and check if the changes are persistent.

Edit Definition panel
  1. Fill in all fields, including notes and outcomes:
    • Title: Demo Training Definition
    • Description: Some description
    • Notes: [ You need to be prepared ]
    • Outcomes: [ Knowledge ]
    • Show stepper bar: No
  2. Change field by field so it corresponds to the Junior hacker training definition. After each change of the field save the definition.
Edit Authors panel
  1. As admin add designer to the list of authors.
  2. Sign in to the platform as the designer.
  3. Check if you can edit the training definition.
  4. As admin remove the designer from the list of authors.
  5. Check that designer isn't allowed to modify the training definition.
Edit Levels panel
  1. Create levels according to the Junior hacker training definition. Create them in random order and then move them to the correct position. After each move check if there are no corrupted data or some mistake.
  2. Randlomly update some fields of the levels. Refresh the page and check if the data are persistent.

2. Export training definition

Export created training definition and check if the data are the same as here.

3. Import/clone training definition

Import exported definition, click edit definition and check all the data. Do the same using clone action.

5. Create training instance

Edit Instance panel
  1. Fill in all fields:
    • Title: Test training instance
    • Start time: optional, must be after the current date
    • End time: optional, must be after the current date and start time
    • Token: secret
    • Training definition: choose KYPO Cyber Range Training Platform - Demo Content definition
  2. Check that second part of the token (PIN) is the number in range 0000-4999.
  3. Update field by field to optional values and save it.
Assing Pool panel
  1. Assing pool for linear training created in the Sandboxes agenda.
Edit Organizers panel
  1. As admin add organizer to list of organizers.
  2. Sign in to the platform as the organizer.
  3. Check if you can edit the training instance.
  4. As admin remove the user from the list of organizers.
  5. Sign in as the user and check that you cannot access the training instance.

6. Access training run

Access training run using three different users (admin, instructor, trainee), follow the instructions, and perform the appropriate actions for each user.

1. Info Level - Junior hacker training
  • Proceed to the next level.
2. Game Level - Getting to know the environment
Admin Instructor Trainee
Take hint
Take solution

Proceed to the next level by submitting the flag wordlist.txt.

3. Game Level - Looking for server’s IP address
Admin Instructor Trainee
Take hint
Take solution

Proceed to the next level by submitting the flag 2049.

4. Game Level - Connect to the server
Admin Instructor Trainee
Take hint
Take solution

Proceed to the next level by submitting the flag ssh admin@10.1.26.9.

5. Game Level - Find interesting files
Admin Instructor Trainee
Take hint
Take solution

Proceed to the next level by submitting the flag .invoices2019.zip.

6. Game Level - Crack the password to the zip
Admin Instructor Trainee
Take hint
Take solution

Proceed to the next level by submitting the flag IhateMyJob.

6. Check the results of the participants.

Participant Game score Assessment score
Admin 200 0
Instructor 500 0
Trainee 300 0

Archive training instance and check all the data (logs, events, definition, etc.)