Cyber Security Challenge Australia Logo

Welcome to the CySCA2017 IoT In a Box information page. With the information on this page and some hardware you should be able to attempt the IoT challenges from the 2017 Cyber Security Challenge Australia. You will need a Kali Linux Virtual Machine, the IoT VM from the download section on this page and two of the IoT Devices. You should also read the player IoT Information Pack.

About The Device

For the 2017 Challenge a modified Witty Cloud WiFi board was provided to all players. The modification was the addition of a AM2320 Temperature/Humidity Sensor.
The Witty Cloud WiFi board is a development board based on the ESP8266 SoC produced by Espressif Systems and is running MicroPython.
Five challenges divided up into two sets were created to use this device:
Set One used the Temperature/Humidity Sensor as a simple data logger.
Set Two used two of the devices as a virtual Door Control system with one device being the door Opener and the other being the door lock.

Virtual Machine

The VM provided in the download section below is a self-contained machine that can be used to do the five challenges after CySCA2017. Inside the VM is a copy of the source code for the devices, but we recommend attempting the challenges before looking at this code. The source code is located in \root\IOT_ESP8266 along with notes taken while developing the challenges and some test/build code. The Virtual Machine root password is password. The VM download contains a VMware Workstation/Player and an Oracle VirtualBox config file. Make sure to adjust the network interface type to match your setup (bridged/nat).

Downloads

CySCA2017 IoT InABox Virtual Machine2780dae2ca18ed89a245af1f5a1cb0e5874538ae
CySCA2017 IoT Firmware290723a270b6096d19fe06d77671b2c6e3e1b7a3
CySCA2017 IoT Information Pack

Building the IoT Device

For the best chance to complete all 5 challenges you will need 2 IoT Devices. The Temperature sensor is only used for challenges 1 and 2. If only attempting challenges 3, 4 and 5 then you just need any ESP8266 based board that has at least 4MB of Flash, some LEDs and a button.

If you do not have a CySCA2017 Witty Cloud WiFi board and wish to build your own using a different board, you will need:
  • ESP8266 board that has a USB to Serial interface
  • A 3.3 Volt regulator or supply for the ESP8266 module (included with some ESP8266 Dev Boards)
  • A button and 10KOhm pullup resistor
  • A 3 colour LED or 3 LEDs (red, green, blue) and some appropriate current limiting resistors for the LEDs
  • An AM2320 Temperature/Humidity Sensor.
If you use the Witty Cloud board you will have everything needed except the AM2320 sensor which needs to be purchased separately. The best option is to solder the AM2320 directly to the side of the board as shown in the IoT Information Pack pictures. The AM2320 has 4 PINS - PIN 1 is the supply pin and can be soldered to GPIO5, PIN 2 is soldered to GPIO0 and PINS 3 and 4 are soldered to GND.

If you are using another ESP8266 board then it will be a little more difficult to assemble as you will also need to connect extra components that come with the Witty Cloud board like the 3 colour LED and a button. Connecting the temperature sensor can be done with the same process as with the Witty Cloud board or alternatively the 3.3v PIN 1 and the 2 GND PINS 3 and 4 can be connected directly into a breadboard or project board instead of being soldered directly to the ESP8266 pins. The button needs to be connected to GPIO4 with a 10kOhm pullup resistor. For the LEDs, Red connects to pin GPIO15, Green to GPIO12 and Blue to GPIO13. Make sure you have the required current limiting resistors in place as the Witty GPIO PINS put out 3.3v which may be too much voltage depending on the LEDs being used.

Firmware

To use this VM and complete the challenges you will need to Flash the device with the base Firmware. The Firmware has been modified for CySCA2017 IoT In a Box. The new Firmware is available from the download links above.

Setup

In order to use the IoT Virtual Machine and IoT Devices there are a few different setup options. You can either connect the Virtual Machine and IoT Device together, or connect both to your existing network. In order to complete the challenges in the intended way you need to be able to Man in The Middle(MiTM) the network traffic from the device. If you are using VirtualBox then make sure you have the Oracle VM Virtualbox Extension Pack installed as you will need this to set the virtual USB port to USB2.0 or USB3.0. the Flashing of the IoT Device or the wireless adapter may not work without this being set.

If you have a USB WiFi network adapter

  • Start a Kali Linux Virtual Machine and connect it to either your regular network or to a private network with a DHCP server
  • Start the IoT Virtual Machine and connect it to the same network and record its IP address. This IP address is displayed as the IoT VM DHCP IP at the top of the console
  • On the Kali VM setup a portable Hotspot using the USB WiFi adapter into the VM (note that if you are using VirtualBox you will need to install the Oracle VM VirtualBox Extension Pack to use the USB WiFi as the USB ports need to be configured to match your host system)
  • On the Kali VM as root add a static route ip route add 10.13.37.0/24 via {IoT VM DHCP IP}
  • Connect the IoT Device to the hotspot on the Kali machine. Information on flashing firmware and connecting the device is in the IoT Information Pack

If you do not have a USB WiFi adapter

In this situation, you will need to connect the IoT Devices, a Kali VM and the IoT VM to your regular network or an isolated network that has its own WiFi access point and DHCP server. You will need to make sure that the network you connect the Virtual Machines on is not using the 10.13.37.0/24 network range.
  • Connect your Kali Virtual Machine to your network and record the Kali VM IP Address
  • Connect the IoT Virtual Machine to your network and record its IP address. This IP address is displayed as the IoT VM DHCP IP at the top of the console
  • On the Kali VM as root add a static route ip route add 10.13.37.0/24 via {IoT VM DHCP IP}
  • On the Kali VM as root enable IP forwarding sysctl -w net.ipv4.ip_forward=1
  • On the IoT Device using the instructions in the IoT Information Pack connect it to your network
    • When the device asks for STATIC or DHCP enter STATIC
    • Enter an IP address that is available on your network
    • Enter the corresponding subnet mask (eg. 255.255.255.0)
    • For the Gateway Enter the Kali VM IP Address
    • For the DNS server Enter 10.13.37.150

Setting up a Shared HotSpot

A number of challenges are designed around IoT devices that will require a hotspot to be set up this guild will help you setup your hotspot.

It's *highly recommended* that as a player you should use either a kali virtual machine or the kali live option for the game, as toolset available in kali will meet the requirements of this years challenges. Its also a requirement for some of the IoT Challenges that a bridged wifi network between the IOT device and their vpn to the game network be created. This can easily be accomplished from kali by connecting to the team vpn and then creating a hotspot with the provided USB wifi adapter.
Make sure that the virtual USB port in your virtual machine configuration is USB2.0 standard. If you are using VirtualBox you will need to install the Oracle VM VirtualBox Extension Pack to get USB2.0

NOTE SSID overlap:
  • The default SSID is the system hostname so anyone using kali live in the same area will have the same ssid of ‘kali’
  • So players in close proximity will need to change their Hotspot SSID to prevent overlap.
  • This can be done by editing the /etc/NetworkManager/system-connections/Hotspot file or by running the nmtui command and editing the HotSpot configuration.

Kali/Linux OS

Kali has a good built in hotspot from network manager that does not require a lot of changes to use, Once the hotspot is created you will have the to connect the IOT device to that hotspot.

Setup steps:

  • Connect the wifi dongle to the vm
  • Using the network manager:
  • (top right select click on the wifi icon or press windows type "Network" select the entry with the folder and wifi icon)
    • on the left select "Wi-Fi"
    • click the 'use as HotSpot...'
    • click 'Turn On'
    • add the wifi information to your esp8266
  • Manually setting up a hotspot
    • open a terminal and type nm-connection-editor
    • (navigate using the arrow keys and enter and tab, etc)
    • Under 'wifi' select ‘Hotspot’ then click edit
    • Or Add 'Hotspot' under ‘WiFi’
    • Under the General tab:
      • Tick all users many connect to this network
    • Under Wi-Fi Tab:
      • SSID = ‘anything’
      • Mode = Hotspot
      • Band = Automatic
      • MTU = Automatic
    • Under security:
      • Security = WPA & WPA2 personal
      • Password = ‘anything’
    • IPv4 settings tab:
      • Method = Shared to other computers
    • IPv46 settings tab:
      • Method = Ignore
  • Save settings

Known issues:

Hotspot not starting:
  • If when you try and start a hotspot and it does nothing.
  • Check your /var/log/syslog If the follow message is there:
  • kali gnome-control-c[]: Failed to add new connection: (2) A 'wireless' setting with a valid SSID is required if no AP path was given.
    Then you will need to restore the default Hostspot Config
Default Kali Hotspot config:
  • To restore the default config Copy and Paste below or download Hotspot into /etc/NetworkManager/system-connections/Hotspot.
    To edit the configuration you can use the nmtui or edit the file directly.
    Make sure that you set the SSID value to something that does not exist in your local area already and a password for your use(WPA/WAP2 requires minimum of 8 characters).
  • Note: For security, Network Manager will ignore files that are readable or writeable by any user or group other than root since private keys and passphrases may be stored in plaintext inside the file.
  • after you save the file make sure to change the permissions:
    • chown root:root /etc/NetworkManager/system-connections/Hotspot
    • chmod 600 /etc/NetworkManager/system-connections/Hotspot
    You will then need to restart network manager with /etc/init.d/network-manager restart
    [connection]
    id=Hotspot
    uuid=2d876419-e4ef-44e3-91bc-fba2ae0e0a19
    type=wifi
    autoconnect=false
    permissions=
    
    [wifi]
    mac-address-blacklist=
    mode=ap
    ssid=(SSID)
    
    [wifi-security]
    key-mgmt=wpa-psk
    psk=(PASSWORD)
    
    [ipv4]
    dns-search=
    method=shared
    
    [ipv6]
    addr-gen-mode=stable-privacy
    dns-search=
    method=ignore
                        

DNS Setup

On your client machine such as your Kali you will need DNS working to get to the required pages. There are 3 options to achieve this.

Set the DNS Server

Set your resolv.conf file to the DHCP IP address of the IoT Virtual Machine.

Use the proxy

Set your browser proxy to the DHCP IP address of the IoT Virtual Machine. This is a http proxy on port 3128
Note: If your local network is not one of the standard RFC1918 Internal network ranges, you will need to modify the /etc/squid3/squid.conf file and add your network to the acl localnet src section.

Set Host file

Set the hosts file on your system with the following entries:
  • 10.13.37.150 iot.cysca
  • 10.13.37.150 static.cysca
  • 10.13.37.150 time.cysca
  • 10.13.37.150 tempsensor.cysca
  • 10.13.37.150 fwdownload.cysca
  • 10.13.37.150 doorctrl.cysca

Getting Started

Once you have a device ready and all the Virtual Machines setup and connected, you can start by going to http://iot.cysca.

Licensing

All code written for the IoT challenges is covered under the Apache 2.0 licence. Check the licence file in the /root/IOT_ESP8266 directory for full text and details. Shared libraries and modules may be under different licences. See their corresponding licence files in each sub directory.

Issues

If you have any issues with the Virtual Machine or challenges not working, please contact the email address provided in the Virtual Machine MOTD.
Note: we are unable to provide support for completing the challenges.