Skip to content

Setup

SSH

Walkthrough

You will be sent a credential bundle from the Taskmaster. Please untar the files:

cd ~/Downloads
tar xf <id>.tar.gz
ls

You should see the following files:

simulator_config
simulator_rsa
simulator_known_hosts

We're now ready to connect onto the cluster, run the following ssh command:

ssh -F simulator_config -oIdentitiesOnly=yes bastion

This will connect us into our target cluster. Please type yes when asked if you want to continue to connect. Note that the exact message you see will vary from cluster to cluster.

The authenticity of host '*** (***)' can't be established.

ECDSA key fingerprint is SHA256:/***.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '***.***.***.***' (ECDSA) to the list of known hosts.


      _/_/    _/_/_/_/_/  _/_/_/_/_/    _/_/      _/_/_/  _/    _/
   _/    _/      _/          _/      _/    _/  _/        _/  _/
  _/_/_/_/      _/          _/      _/_/_/_/  _/        _/_/
 _/    _/      _/          _/      _/    _/  _/        _/  _/
_/    _/      _/          _/      _/    _/    _/_/_/  _/    _/


Welcome to Kubesim | with ❤️ from ControlPlane | https://kubesim.io

If a CTF challenge may require you to access the webpage via a browser, Please run the following command to make it available locally on port 8080.

ssh -F simulator_config -L 8080:127.0.0.1:8080 bastion -N

Other challenges may require different ports, please read the challenge text carefully for instructions.

Videos

Attack

When you are connected onto the cluster, you're ready to go! Remember:

  • The scenario instructions have useful info, and tips about where to start the hunt
  • Flags are in the format flag_ctf{IncludePrefixWhenSubmitting}
  • Pay attention to your starting point

TIP: keep a track of what you're doing, copy the tips from the start and keep notes to track your own progress as you work through the attack.