- Every challenge has its own directory in the /challenges directory
- Every challenge has at-least 1 task. Each task is solved by submitting a correct flag.
- Create a new directory in the /challenges directory (preferably copy and update a prepared challenge template located at /challenges/template)
- Create/update mandatory files:
meta.jsonspecifies metadata of the challenge such as name, id, description, difficulty and all tasks with appropriate flags. The file is used by the dashboard server to show tasks' descriptions and to verify submitted flags.docker-compose.ymldefines services started for the challenge when user starts the challenge from the dashboard- Use external network
playground-netto connect a container to the base lab network - Assign a static IP address to every service. Look below to a table of IP allocations, choose free IP and add a record to the table.
- Ideally set
stop_grace_period: 0sfor all services to speed-up stopping of containers
- Use external network
README.mdwith simple description of the challenge and a section with steps how to solve the challengeauto_solve.shbash script that tests challenge functionality. This script is automatically imported by the root run_tests.sh script and is executed from the hackerlab container. The script should ideally perform all required steps to solve all tasks and submit the flags in the dashboard via an API.- optional other source code, data or docker files for the challenge
- To test the new challenge, run the lab using command
docker compose up --force-recreateso the dashboard loads the new challenge information
- Create a new class directory in the /classes directory
- Create files:
meta.jsonspecifies metadata such as name, id and a description shown to the user in the web dashboard- optional
docker-compose.ymlfile- if present, the dashboard offers to start the defined services
- Use external network
playground-netto connect a container to the base lab network - Assign a static IP address to every service. Look below to a table of IP allocations, choose free IP and add a record to the table.
- Ideally set
stop_grace_period: 0sfor all services to speed-up stopping of containers
- optional other source code, data or docker files needed for the class
| Network | Subnet |
|---|---|
| playground-net | 172.20.0.0/24 |
| Network | IP address | Used By |
|---|---|---|
| playground-net | 172.20.0.5 |
Challenge Hello world |
| playground-net | 172.20.0.10 |
Challenge Famous Quotes LFI |
| playground-net | 172.20.0.30 |
Challenge What's the date? |
| playground-net | 172.20.0.35 |
Challenge What's that noise? |
| playground-net | 172.20.0.39 |
Challenge Shockwave Report |
| playground-net | 172.20.0.41 |
Challenge Intrusion |
| playground-net | 172.20.0.45 |
Challenge Jump Around |
| playground-net | 172.20.0.47 |
Challenge Jump Around |
| playground-net | 172.20.0.49 |
Challenge Jump Around |
| playground-net | 172.20.0.67 |
Challenge Leet Messenger |
| playground-net | 172.20.0.52 |
Challenge Cybernet |
| playground-net | 172.20.0.88 |
Class02 |
| playground-net | 172.20.0.90 |
Class03 |
| playground-net | 172.20.0.95 |
Class03 |
| playground-net | 172.20.0.98 |
Class06 |
| playground-net | 172.20.0.99 |
Class06 |
| playground-net | 172.20.0.108 |
Class07 |
| playground-net | 172.20.0.110 |
Class07 |
| playground-net | 172.20.0.115 |
Class08 |
| playground-net | 172.20.0.120 |
Class09 |
| playground-net | 172.20.0.125 |
Class10 |
| playground-net | 172.20.0.130 |
Class10 |
| playground-net | 172.20.0.131 |
Class10 |
| playground-net | 172.20.0.132 |
Class10 |
| playground-net | 172.20.0.101 |
Class11 |
| playground-net | 172.20.0.102 |
Class12 |
| playground-net | 172.20.0.103 |
Class12 |
| playground-net | 172.20.0.104 |
Class12 |
| playground-net | 172.20.0.105 |
Class12 |
| playground-net | 172.20.0.106 |
Class13 |
| playground-net | 172.20.0.107 |
Class13 |
| playground-net | 172.20.0.108 |
Class13 |
| playground-net | 172.20.0.109 |
Class13 |
| playground-net | 172.25.0.1 |
Class13 |
| playground-net | 172.25.0.2 |
Class13 |
| playground-net | 172.25.0.3 |
Class13 |
| playground-net | 172.25.0.4 |
Class13 |
| playground-net | 172.20.0.110 |
Class14 |
| playground-net | 172.20.0.134 |
ssh-server |
| playground-net | 172.20.0.133 |
attacker |
To run all tests, use script run_tests.sh. The script starts the lab, fires up all challenges and runs all existing
auto-solve.sh scripts from within the hackerlab container.
We use linters and auto formatters to maintain code quality in this repository. Currently, this is only the case for the dashboard (client and server). Please refer to the READMEs in the respective directories for instructions.
When introducing new code for challenges or classes, we recommend following the same guidelines.