Cyber Security Challenge Australia Logo

Welcome to the CySCA2017 In a Box information page. With the information on this page you should be able to attempt most of the challenges from the 2017 Cyber Security Challenge Australia.


CySCA2017 InABox Virtual Machine

Download size is 1.9GB

About the Virtual Machine

The VM provided in the download section below is a self-contained machine that can be used to do most of the challenges from CySCA2017. Inside the VM's docker containers you can find a copy of the source code for some of the challenges, but we recommend attempting the challenges before looking at the code. The Virtual Machine root password is password. The VM download contains a VMware Workstation/Player and an Oracle VirtualBox config file. Make sure to adjust the network interface type to match your setup (bridged/nat).

This VM allows players to complete challenges in their own time, to learn and develop their cyber security skills. The VM includes a static version of the scoring panel with all challenges, required files and flags.

To use CySCA2017 in a box virtual machines, players will need to have either Oracle VirtualBox or VMWare Player installed on their machines. Additionally we recommend players have at least 4GB of RAM. If you have less RAM, you can reduce the amount of RAM available to the VM down to 2GB, however it may adversely affect the speed of some of the challenges.
CAUTION: The VM contains software that is deliberately vulnerable. We advise that you do not attach it to a critical network. Consider using your virtualization software's host‐only network functionality.

Getting Started

  1. Extract files from CySCA-in-a-box-2017.7z
  2. Navigate to the folder containing the extracted files
  3. Confirm that the checksums for the files matches the SHA1 hash above.
  4. If you are using VirtualBox double-click the CySCA2014InABox.vbox file. When you start the VM, you may be prompted that a "Centrino Advanced" adapter is not found. If this happens, click Change Network Settings and select the adapter that you would like the VM to bridge to.
  5. ‐‐ Or ‐‐
  6. If you are using VMWare Player double-click the CySCA2017InABox.vmx file. When you start the VM, you may be asked if the VM has been moved or copied. Select copied.
  7. If DHCP is available on the network adapter you have selected the VM will request an IP address and you will be prompted with the allocated IP.

  8. you will now need to add a couple settings to your host machine:
    1. set up your DNS to point to the {DHCP_IP} of the CySCA2017 In-a-Box
      • edit /etc/resolv.conf and add nameserver {DHCP_IP}
    2. add the following IP routes:
      • ip route add via {DHCP_IP}
      • ip route add via {DHCP_IP}
      • ip route add via {DHCP_IP}
      • ip route add via {DHCP_IP}
      ‐‐ Or ‐‐
      • change your gateway to {DHCP_IP}
  9. Now use your browser to connect to http://www.scoring.cysca/.


All code written for the challenges is covered under the Apache 2.0 licence unless specified otherwise. Check for individual licence files in each of the docker containers for full text and details. Shared libraries and modules may be under different licences. See their corresponding licence files in each sub directory.


Challenge Control have put together a number of write-up documents of their solutions for the challenge. You can download them below:


If you have any issues with the Virtual Machine or challenges not working, please contact the email address provided in the Virtual Machine MOTD.
Note: we are unable to provide support for completing the challenges.