Leading up to this year’s BSides Atlanta we were contacted by the organizer to see if we would host the Net King of the Hill Competition for the Conferences. Jumping at the opportunity we began to work on how to possibly host this CTF in the best possible way. We started with beginning to set it up in AWS so that we could quickly spin it up and down and use a VPN.
We quickly began to work on setting it up using Terraform and created a module to allow more people to replicate it. This allowed us to quickly iterate and work to provide a fully featured setup. This also provided a quick way to tear down everything after the competition was over. You can check out our module here: https://github.com/Kammerdiener-Technologies/terraform-aws-netkoth
Ultimately this was our first time hosting a CTF like this. So we made a lot of mistakes along the way.
- AMI replication did not work as expected — Since we were running within AWS we figured we could replicate AMIs. However, it seemed as though the way in which we configured machines caused SSH to not properly come back up.
- Not enough exploits — We were originally going for very few exploits. Ultimately this seemed to be the wrong way to go. There was the realization that if you got a system you could very easily lock everything down and just own the box.
- Not available in the room — We went to many of the talks and this meant that the room did not have someone available to respond to these issues quickly.
- Lack of planning — This was quickly thrown together which introduced some unexpected issues. Ultimately there is more planning that needs to go into a CTF
Ultimately many of these things were purely just being a noob at running these. People gave great feedback to help push it forward for the next year.
We are already beginning to plan for next year. We want to help create a very well-planned system and are even working on ways to deploy the servers in a way that causes some randomness in how it is deployed.
The ultimate goal that we will maintain is doing all of this through Terraform and Ansible so that we can quickly work to make changes and add some amount of randomization across the machines. The goal to come out of this is allowing someone a quick and easy script to run to stand this up for learning.
Ultimately we learned a lot from running this competition and we are working to plan it so we can do it better and start running more CTFs all over.