C2Games Metadata File

Each Challenge Submission must contain a c2games.yml file describing the challenge. A template c2games.yml file is included in the template directory, and full examples can be found within each example role.

There are several fields in the c2games.yml metadata file:

Field Type Required Description Example
Title string yes Title of the Challenge "Netcat Bind Shell"
Version string yes Version of the Challenge (usually 1.0) "1.0"
Author string no Person or Persons that created the challenge "Brodie Davis, Bryer Esengard"
Organization string no Organization to attribute challenge too "C2 Games"
Type string yes Type of challenge. Typically, one of "Exploit" or "Misconfiguration" "Exploit"
Difficulty integer yes Expected Difficulty to resolve challenge, on a scale 1 (easy) – 10 (impossible) 4
Description string yes Description of the challenge. This will be used internally, and not displayed to participants. "Create a malicious Netcat listener that creates a shell session when connected to."
OSCompatibility List yes Operating Systems this challenge is compatible with. Note that only the least specific relevant field is required – for example, if a challenge works on any Ubuntu system, you only need to specifiy "Family: Linux" and "Id: ubuntu", not the version number.
OSCompatibility.Family string yes Operating System Family – One of "Linux or "Windows" "Linux"
OSCompatibility.Name string no Operating System Name, as retrieved by the variables in /etc/os-release. "Ubuntu"
OSCompatibility.Version string no Operating System Version, as retrieved by the variables in /etc/os-release. "20.04"
OSCompatibility.Id string no Operating System ID, as retrieved by the variables in /etc/os-release. "ubuntu"
OSCompatibility.IdLike string no Operating System ID LIKE field, as retrieved by the variables in /etc/os-release. "debian"
Exploitation List yes Examples of how to exploit the challenge. An Exploitation entry is required, but can be either a description or an example command (both fields are not required)
Exploitation.Example string no Example command to exploit the challenge "nc 192.168.1.15 4444"
Exploitation.Description string no Description of how to use the example command, or general description for exploiting the challenge. "Connect to a shell using a basic netcat connection to the port"
Mitigation string yes Description how the challenge can be Mitigated "Stop the netcat and shell processes, and remove the persistence method (ex, delete the cron job starting the listener)."
Training string yes This is a short description of how students might be trained on the skills required for this Challenge. This is a short description of how students might be trained on the skills required for this Challenge. This shouldn’t give away the exact challenge but should incorporate the skills required to hunt for the vulnerability. "Use Netstat or a similar tool to check for applications with an open port on the system"
Justification string yes The justification this challenge should be included as an Infrastructure Challenge. This documents the key educational elements or topics that are covered or reinforced by the challenge. It may also include specific skills that are required to be able to solve the challenge. This will be used to evaluate student competencies. "This challenge requires participants to search out suspicious processes and common persistence methods. When searching for the source of the netcat listeners, it is reasonable for a participant to find additional exploits, and encourages exploration of the system."

Submission File Structure

Each C2Games Infrastructure Challenge Submission will be in the form of an Ansible Role, with a c2games.yml Metadata File in the root of the role. The Ansible role should be packaged into a zip file to be uploaded as a single package.

For example, to submit a role named ssh_authorized_keys:

ssh_authorized_keys_challenge.zip
└── ssh_authorized_keys/
    ├── c2games.yml
    ├── defaults
    │   └── main.yaml
    ├── handlers
    │   └── main.yml
    └── tasks
        └── main.yaml

Only the c2games.yml and tasks/main.yml files are required, but any file supported by an Ansible role is supported within a submission.

Testing

All challenges should be tested against at least one Debian/Ubuntu-based system, and one CentOS based system.

Ansible files should also be able to pass Ansible Lint.