🌐 Instances
Instances are web deployments of challenges. These are mostly applications which are made vulnerable deliberately with some known vulnerabilities, which the participants need to identify and exploit to obtain flags.
Configuration
Challenge instances are essentially dockerized web-applications, which are deployed into a kube cluster by the platform. These will be accessible to the participants either via a subdomain URL (if the instance has web page and serves via HTTP), or will be accessible through a host IP and port which the participants can access via netcat etc.
Deployment Types
There are two types of instances - Shared & Contestant.
Shared Instance
There will be only a single instance of the challenge deployment for all the participants (and even for organizers to test) in case of a shared instance.
Whenever an organizer starts an instance for a challenge, it is automatically deployed as a shared instance, regardless of whether the deployment is configured to be shared or not. Every organizer will share instance for challenges with every other organizer.
Contestant Instance
In case of a contestant instance, there will be a separate instance of the challenge deployment for each participant. If the participant/ contestant is a team, there will only be a single instance created which is shared among every team member.
Unique Flags & Flag Share Detection
If a challenge is configured to support contestant instances, then the challenge can also have unique flags for each participant. This works by setting up a uniquely generated flag as environment variable to the instance when the challenge is deployed. Since the platform can track which user was set with a particular generated flag, and every contestant gets a different flag for the challenge, the platform can detect and prevent flag sharing.
Read more about Unique Flags
Instance Lifecycle
Organizer can set a duration for the challenge instance to be active. The instance will be automatically stopped after the duration is over. The instance can also be stopped manually by the organizer or the participant, any time before the actual expiry.
This duration is global (for all challenges) and can be configured from the platform settings - Manage > Challenges > Deployment Configuration.
However, this time limit is not applicable for shared instances. Shared instances will be stopped only when the organizer stops them manually (just like how they can only be started manually by the organizer).
Managing Instances
Organizers can manage instances globally across all challenges, from the Manage > Instances
page. This page
lists all the instances which are currently active, and allows the organizer to view their details, including
logs, and stop them.
The organizers can switch between viewing -
- Individual Instances - those spawned by participants individually for a challenge
- Shared Instances - spawned by organizers either for themselves, or the common instance organizer started in case of a challenge that uses shared instance mode.
Organizer can search for instances in the current view by challenge name and participant name/username.