The task is to maintain a server running multiple services, while simultaneously trying to get access to the other teams servers. Each successful penetration gains points, as well as keeping services up and functional during the course of the game.
The exercise consists of multiple teams, each hosting a server that has multiple services running, The services contain typical security vulnerabilities that allow to compromise the server to a certain extend. The goal is to maintain the services up, functional and uncompromised for the duration of the game. Additional scores can be gained by patching the vulnerabilities of the services and exploiting the knowledge of the found weaknesses at the other teams servers.
There are some alternatives to CFT like: ◦ WarGames : a Typical server program or VM the you can Download and attack without any Time pressure ◦ Crakme’s : Programs where you try to Reverse Engineer and make a Serial number generator ◦ Non safe Applikations : ” Damn vulnerable Linux” ” Web Goat ”