Stone Template - Project

7 tips to help you on your journey

Use search engines to find more about attacks, tools or other topics. It is not cheating. Try to avoid finding spoilers to a challenge unless you get really stuck as you will make it harder to progress in later levels.
When you don't see the answer work in phases - solve, reflect, solve, reflect. Take some time to investigate and search, browse around the code or try to solve it. Then take some time to step back and think. It is very easy to spend all your time focused on the solution and miss something obvious. Step back and the solution may come to you!
Can you use a tool or do you need to do it manually? Depending on where you are up to in CyberStart you may or may not need a tool to solve your problem. In some cases, a tool can save your hours of manual work, but in others it can be inflexible and you need to write a Python script to solve it, or do it by hand. Think about the problem, try and visualize how the solution might work and you can often 'place a bet' on which path may be quicker.
It is OK to be wrong! Lots of agents will spend their time focused on the very first solution they came up with. That is wonderful if the solution is right, but what if you are headed down the wrong path? You should bravely pursue what you think the solution might be but be prepared to admit you took the wrong path. In the end you solve challenges and learn faster.
Working with friends and community members is just smart! Some of us like to work alone for fear of any tiny spoiler that might suggest we didn't solve the challenge alone. It makes sense to now want to rob yourself of learning opportunities, but learning with friends will also expand your horizons of different solutions. Many challenges have more than one path or method.
Follow the white rabbit - research topics further. If you are enjoying a topic and are interested in how something works, search for more background information. Perhaps you have just successfully used ssh for the first time and connected to a server but want to know how it is secured. It may not help you solve the challenge, but this technology is amazing! Every bit of background knowledge you gain will help you progress further and build a library you can draw on in the future. It will also help you get a job in this industry if you love your CyberStart experience.
Find and follow industry experts and newsletters. You will be amazed at how much you can pick up from hearing industry experts talk about new problems or flaws. Perhaps sign up to the SANS NewsBytes newsletter and learn about the latest tactics cyber criminals are using. Find some top cyber security personalities and see what they have to say. You will learn about new tools and solutions, which will help you in later challenges! Keep a list of relevant articles or tools and while you are learning scan over it from time to time.

Most importantly

Above all else, don't give up. CyberStart is designed to be challenging and the time you spend confused before overcoming a challenge is what makes it rewarding. Countless others have solved that challenge before you, and you can too!

What is wire shark?

Few tools are as useful to the IT professional as Wireshark, the go-to network packet capture tool. Wireshark will help you capture network packets and display them at a granular level. Once these packets are broken down, you can use them for real-time or offline analysis. This tool lets you put your network traffic under a microscope, and then filter and drill down into it, zooming in on the root cause of problems, assisting with network analysis and ultimately network security.

wireshark abilities

Packet Capture: Wireshark listens to a network connection in real time and then grabs entire streams of traffic – quite possibly tens of thousands of packets at a time.

Filtering: Wireshark is capable of slicing and dicing all of this random live data using filters. By applying a filter, you can obtain just the information you need to see.

Visualization: Wireshark, like any good packet sniffer, allows you to dive right into the very middle of a network packet. It also allows you to visualize entire conversations and network streams.

Download Wireshark

What is a virtual machine?

Virtual machines are entirely separate from the actual computer that runs them so they can't access files on your normal computer but can connect to the network. Virtual machines are used extensively in cyber security, so having them as a tool will be essential to completing several Cyberstart challenges.

Running the CyberStart Game VM in VirtualBox

Download the VirtualBox version of the CyberStart Game Virtual Machine from inside the Field Manual
Unzip the files into aplace you will remember
In the unzipped folder, double click the file: 'cs_game.vbox'. If you have file extensions disabled, then you can recognise the file because it is the only file both called cs_game and with a blue box icon. Note there are other files with a similar icon in the directory, but only one of the names match.
After double clicking, the virtual machine should launch in VirtualBox. You'll see there will be a sidebar which the virtual machine has also been added to. In the future you won’t need to find the '.vbox' file to launch the virtual machine, opening Virtualbox and selecting the virtual machine from the sidebar will be enough (as long as you don’t delete the files from the computer).
You can then press the green 'play' button to boot the virtual machine.
IMPORTANT: The login details are username: agent and password: agent.
To turn off the virtual machine, just shut it down as if you were shutting down a normal computer.

Virtual Box Manual Download Vmware Field Manual in Cyberstart