Skip to content

Setup

SSH

Walkthrough

You will be sent a credential bundle from the Taskmaster. Please untar the files:

cd ~/Downloads
tar xf <id>.tar.gz
ls

You should see the following files:

cp_simulator_config  cp_simulator_rsa

We're now ready to connect onto the cluster, run the following ssh command:

ssh -F ./cp_simulator_config -oIdentitiesOnly=yes bastion

This will connect us into our Attack cluster. Please type yes when asked if you want to continue to connect.

The authenticity of host '*** (***)' can't be established.

ECDSA key fingerprint is SHA256:/***.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '***.***.***.***' (ECDSA) to the list of known hosts.


      _/_/    _/_/_/_/_/  _/_/_/_/_/    _/_/      _/_/_/  _/    _/
   _/    _/      _/          _/      _/    _/  _/        _/  _/
  _/_/_/_/      _/          _/      _/_/_/_/  _/        _/_/
 _/    _/      _/          _/      _/    _/  _/        _/  _/
_/    _/      _/          _/      _/    _/    _/_/_/  _/    _/


Welcome to Kubesim | with ❤️ from ControlPlane | https://kubesim.io

For the third scenario, you will need access to a web interface via port-forward. Please run the following command to make it available locally on port 8080.

ssh -F cp_simulator_config -L 8080:127.0.0.1:8080 bastion -N

Videos

Attack

When you are connected onto the cluster, you're ready to go! Remember:

  • The scenario instructions have useful info, and tips about where to start the hunt
  • Flags are in the format flag_ctf{636f6e74726f6c706c616e65}
  • Pay attention to your starting point

TIP: keep a track of what you're doing, copy the tips from the start and keep notes to track your own progress as you work through the attack.