Elastic CTF 3.0 - Defence Cyber Marvel 4

Welcome to Elastic's DCM4 Capture the Flag

The CTF is composed of two components, a scoring platform, CTFd and an Elastic cluster in Instruqt (where you are now) where the data you will be looking at lives.

CTFd - (Scoring platform)

CTFd You're already here! This is where you will receive your questions and submit your answers. CTFd will track all participants scores and provide a winner.

To begin, please register with your email address

(you don't have to leave your email address but if you don't we may not be able to share any prizes with you!)

Instruqt - (The Elastic Cluster)

https://ela.st/ctf-25 It can take a few minutes for the environment to spin up.

Elastic UI Orientation

Don't click the 'Next' button in the bottom right corner! It'll end your session, you can restart it but why go there?!

There is a time range select at the top right. Make sure this is set correctly.

Many item will have "+" or "-" hover to filter in/out.

Filters are shown at the top under the query bar and persist so remember to remove filters you no longer need.

If you copy and paste in to CTF check for whitespace and remove it. All of the challenges answers are case insensitive.

The main places that are helpful will be Security, Discover, Dashboards.

Remember Elastic docs and blogs are all online so try "site:elastic.co blah" in Google if you need help.

CTF Challenges Orientation

We have tried to break the challenges in to 3 different difficulty levels, explained below.

All of the challenges are worth 10 points, some have a Hint, each hint will cost you 5 points.

You will not be penalised for incorrect answers and you can make unlimited submissions.

Beginner

Questions: 1.01-1.10

Maximum Points: 100

Overview
This challenge is aimed at people who are new to Elastic. The goal is to orientate people on how to use the Elastic platform while simultaneously scoring points.

Intermediate

Questions: 2.01-2.10

Maximum Points: 100

Overview
This challenge is aimed at people who have used Elastic before or fancy a challenge. You are required to leverage both the Elastic platform and underlying Cyber knowledge to complete the questions on this level.

Expert

Questions: 3.01-3.10

Maximum Points: 100

Overview
This challenge is aimed at people who are familiar with Elastic. You are required to leverage both the Elastic platform and underlying Cyber knowledge to complete the questions on this level.