cybersecurity/BreakEscape
1
0
Fork 0
mirror of https://github.com/cliffe/BreakEscape.git synced 2026-02-20 13:50:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Mission 3 Stage 0 progress summary

Browse Source 
Created comprehensive Stage 0 development summary document:

Progress: 50% Complete (2/4 documents)

 Completed Documents:
1. Scenario Initialization (820 lines)
   - Mission overview, CyBOK areas, 3-act structure
   - NPCs, LORE fragments, victory conditions
   - Educational objectives, campaign connections
   - Critical decisions made (RFID, scanning, choices)

2. Technical Challenges (812 lines)
   - 5 in-game challenges (RFID cloning NEW, lockpicking, guards, social eng, encoding)
   - 4 VM challenges (nmap scan, FTP banner, HTTP/Base64, distcc CVE-2004-2687)
   - Integration matrix, difficulty scaling, assessment rubric
   - Implementation priority (3 phases)

🔄 In Progress:
3. Narrative Themes - NEXT
4. Hybrid Architecture Plan - PENDING

Key Achievements:
 RFID cloning mechanic fully specified (proximity, tutorial, alternatives)
 Campaign arc advanced (Architect first communication, M2 connection)
 Educational value defined (9 challenges → 6 CyBOK areas)
 Moral complexity created (Victoria double agent, James protection)
 LORE framework set (4 fragments connecting Season 1 cells)
 NPC voices established (Victoria ideologue, James innocent, Cipher mystery)

Mission Features Defined:
- New Mechanic: RFID cloning (2 GU, 10s, visual feedback, tutorial)
- M2 Revelation: ProFTPD sold to Ghost for $12,500 (hospital ransomware)
- Architect Reveal: First direct communication (Q4 priorities, coordination)
- Moral Choices: Victoria (arrest vs double agent), James (protect vs ignore)
- 3 Acts: Daytime recon (20-30%) → Nighttime infiltration (50-55%) → Choice (20-25%)

Educational Objectives:
- Network reconnaissance (nmap, netcat, service enumeration)
- Service exploitation (distcc CVE-2004-2687, Metasploit)
- Multi-encoding (ROT13, Hex, Base64, nested ROT13+Base64)
- Intelligence correlation (physical + digital evidence)
- RFID security vulnerabilities, social engineering

Victory Conditions:
- 100%: All flags, all LORE, both choices, stealth
- 80%: 3/4 flags, 2/3 LORE, choices made
- 60%: 2/4 flags, server accessed, choice made

Next Steps:
- Complete narrative_themes.md (setting details, NPC voices, tone)
- Complete hybrid_architecture_plan.md (VM + ERB integration spec)
- Proceed to Stage 1 (Narrative Structure Development)

Status: Stage 0 - 50% COMPLETE
Target: Ready for Stage 1 by end of session
This commit is contained in:
Z. Cliffe Schreuders
2026-01-14 09:46:32 +00:00
parent 7c9d471eaf
commit e93aa1e876
1 changed files with 356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

356
planning_notes/overall_story_plan/mission_initializations/m03_ghost_in_the_machine/STAGE_0_SUMMARY.md Normal file
View File

@@ -0,0 +1,356 @@
# Mission 3: Stage 0 Development Summary
**Mission:** Ghost in the Machine
**Stage:** 0 - Scenario Initialization
**Status:** 🔄 IN PROGRESS (2/4 documents complete)
**Date:** 2025-12-24
---
## Overview
Mission 3 "Ghost in the Machine" is an undercover intelligence gathering operation where players infiltrate WhiteHat Security Services (Zero Day Syndicate's front company) to scan their network and intercept evidence of cross-cell ENTROPY coordination. This mission introduces RFID keycard cloning mechanics and reinforces network reconnaissance skills.
---
## Stage 0 Completion Progress
### ✅ Completed Documents
#### 1. Scenario Initialization (00_scenario_initialization.md) - 820 lines ✅
**Contents:**
- Mission overview (tier, playtime, ENTROPY cell, SecGen scenario)
- CyBOK knowledge areas (NSS, SS, ACS, SOC, HF, AB)
- Technical challenges summary
- 3-act structure with scene breakdown
- Key NPCs (Victoria Sterling, James Park, Cipher, Agent 0x99)
- 4 LORE fragments
- Victory conditions and failure states
- Educational objectives
- Campaign arc connections (M1, M2, M4, M6, M7-9)
- Post-mission debrief script
- Critical decisions documented
**Key Decisions Made:**
- ✅ RFID cloning: Proximity-based (10s) + social engineering alternative
- ✅ Network scanning: Automated flags + educational tutorial
- ✅ Double agent choice: Long-term intelligence vs. immediate disruption
- ✅ Architect reveal: Name only (identity reserved for M7-9)
- ✅ Setting: WhiteHat Security Services corporate office
- ✅ Structure: Daytime recon → nighttime infiltration
#### 2. Technical Challenges (technical_challenges.md) - 812 lines ✅
**Contents:**
**Break Escape Challenges:**
1. RFID Keycard Cloning (NEW) - Proximity (2 GU, 10s), visual feedback, tutorial
2. Lockpicking (Reinforced) - 4 locks, safe PIN 2010, LORE access
3. Guard Patrol Stealth (Reinforced) - 60s loop, LOS detection, timing strategies
4. Social Engineering (Advanced) - Victoria trust system, James intel, guard cover stories
5. Multi-Encoding Puzzle - ROT13, Hex, Base64, double-encoded (ROT13+Base64)
**VM/SecGen Challenges:**
1. Network Port Scanning - nmap, service enumeration, flag{network_scan_complete}
2. Banner Grabbing (FTP) - netcat, codename "GHOST", flag{ftp_intel_gathered}
3. HTTP Analysis - Base64 in HTML, pricing intel, flag{pricing_intel_decoded}
4. distcc Exploitation - CVE-2004-2687, M2 connection reveal, flag{distcc_legacy_compromised}
**Integration:**
- Challenge matrix (9 total: 5 in-game, 4 VM)
- Difficulty scaling (Easy/Normal/Hard modes)
- Educational assessment rubric
- Implementation priority (3 phases)
---
### 🔄 In Progress Documents
#### 3. Narrative Themes (narrative_themes.md) - NEXT
**Planned Contents:**
- Recommended theme deep dive (corporate espionage setting)
- Full inciting incident (Zero Day intelligence leak)
- Stakes across all levels (ENTROPY coordination discovery)
- Central conflict (undercover operation + moral choice)
- Beat-by-beat narrative arc (all 3 acts expanded)
- NPC deep dives with voice examples
- Tone and atmosphere (espionage thriller, professional facade)
- Setting details (WhiteHat Security office layout conceptual)
#### 4. Hybrid Architecture Plan (hybrid_architecture_plan.md) - PENDING
**Planned Contents:**
- VM scenario role (network reconnaissance validation)
- ERB narrative content plan (encoded messages, client lists)
- Dead drop system integration (VM flags → intelligence unlocks)
- Objectives system integration (VM tasks + in-game tasks)
- In-game education approach (Agent 0x99 tutorials)
- Flag-to-unlock mapping table
- Technical specifications for integration
---
## Key Mission Features Defined
### New Mechanic: RFID Keycard Cloning
**Specification:**
- **Method:** Proximity-based (2 GU range, 10-second clone window)
- **Visual Feedback:** Progress bar, particle effects (blue glow), audio beeping
- **Success:** Cloned keycard added to inventory → server room access
- **Alternative:** Social engineering (victoria_trust >= 40) → Victoria grants access
- **Tutorial:** Agent 0x99 pre-mission briefing + first-use overlay
- **Educational:** RFID security vulnerabilities, proximity attacks, physical security bypass
### Campaign-Critical Revelations
**Revelation 1: M2 Connection (distcc VM Challenge)**
> "ProFTPD exploit (CVE-2010-4652) sold to Ransomware Incorporated for $12,500"
> "Client: Ghost - St. Catherine's Hospital target"
**Player "Aha Moment":**
> "Zero Day sold the exploit used in Mission 2's hospital ransomware attack!"
**Revelation 2: The Architect Introduction (Double-Encoded USB)**
> "From: The Architect's Directives
>
> Cipher, Future exploitation priorities for Q4:
> 1. INFRASTRUCTURE EXPLOITS (PRIORITY)
> 2. CROSS-CELL COORDINATION
> 3. OPERATIONAL SECURITY"
**Campaign Impact:**
- First direct communication from The Architect discovered
- Confirms ENTROPY cells are coordinated network (not independent)
- Reveals strategic planning across cells
- Sets up M7-9 investigation of Architect's identity
### Moral Choices
**Choice 1: Victoria Sterling**
- **Option A:** Arrest (disrupt cell, blow cover, lose long-term intelligence)
- **Option B:** Double Agent (maintain cover, risk exposure, long-term intel feeds)
- **Variables:** `arrested_victoria`, `became_double_agent`
**Choice 2: James Park (Innocent Employee)**
- **Option A:** Protect James (warn privately, document innocence)
- **Option B:** Focus on Mission (James faces consequences for cleaner operation)
- **Variable:** `protected_james`
**Debrief Tracking:**
- All choices reflected in Agent 0x99's closing debrief
- Consequences tracked with global variables
- No "right" answer—both paths valid strategies
---
## Educational Objectives Defined
### Primary CyBOK Knowledge Areas
**Network Security (NSS) - Primary Focus:**
- Port scanning fundamentals (nmap)
- Service enumeration and banner grabbing (netcat)
- Network mapping methodology
- Service identification from port numbers (21, 22, 80, 3632)
**Systems Security (SS):**
- Service exploitation (distcc CVE-2004-2687)
- Legacy system targeting
- Post-exploitation enumeration
- Metasploit framework usage
**Applied Cryptography (ACS):**
- Multiple encoding types (ROT13, Hex, Base64)
- Multi-stage nested encoding (ROT13 + Base64)
- Pattern recognition for encoded data
- Encoding vs. encryption distinction (reinforced from M2)
**Security Operations (SOC):**
- Intelligence gathering and correlation
- Systematic investigation methodology
- Evidence collection from multiple sources (physical + digital)
- OSINT principles (reconnaissance before action)
### Learning Outcomes
**After completing Mission 3, players should be able to:**
1. Explain purpose of port scanning in penetration testing
2. Identify common port numbers and associated services
3. Conduct banner grabbing for intelligence gathering
4. Distinguish between encoding types (ROT13, Hex, Base64)
5. Decode multi-stage nested encoding
6. Understand RFID security vulnerabilities
7. Apply systematic investigation methodology
8. Correlate physical and digital evidence
9. Research and exploit CVEs (CVE-2004-2687)
10. Use nmap and netcat for network reconnaissance
---
## LORE Fragments Designed
### LORE 1: Zero Day Client List (Hex-Encoded)
- **Location:** Victoria's computer (executive office)
- **Difficulty:** Intermediate
- **Content:** Complete client roster showing Ransomware Inc, Critical Mass, Social Fabric
- **Significance:** Reveals cross-cell coordination, all Season 1 cells working together
### LORE 2: Exploit Catalog & Pricing (Safe, PIN 2010)
- **Location:** Executive office safe
- **Difficulty:** Intermediate
- **Content:** Systematic pricing model, ProFTPD sale details ($12,500 healthcare premium)
- **Significance:** Shows exploit marketplace economics, M2 connection confirmed
### LORE 3: The Architect's Requirements (Double-Encoded USB)
- **Location:** Hidden USB in Victoria's desk drawer
- **Difficulty:** Advanced
- **Content:** Q4 priorities, cross-cell coordination, "Phase 2" reference
- **Significance:** First direct Architect communication, campaign arc progression
### LORE 4: Victoria Sterling's Manifesto (Whiteboard)
- **Location:** Conference room (daytime visible)
- **Difficulty:** Easy
- **Content:** "Information asymmetry is market value" philosophy
- **Significance:** Victoria's true believer status, free-market ideology
---
## NPCs Characterized
### Victoria "Vick" Sterling (Antagonist)
- **Age:** 38, Former NSA contractor, MIT MBA
- **Philosophy:** Free market of vulnerabilities, no moral responsibility for client use
- **Voice:** Professional corporate language, economic/libertarian logic
- **Role:** Double agent recruitment target OR arrest target
- **Quote:** "Security is an economic problem, not a moral one."
### James Park (Innocent)
- **Age:** 29, OSCP certified pen tester
- **Awareness:** Genuinely believes WhiteHat is legitimate
- **Function:** Intel source, moral complexity character
- **Role:** Optional protection choice (protect innocent vs. mission efficiency)
### "Cipher" (Cell Leader)
- **Status:** Referenced but not seen
- **Role:** Zero Day Syndicate leader, builds mystery for future missions
- **References:** Email approvals, operational logs, Victoria's comments
### Agent 0x99 (Handler)
- **Role:** Briefing, tutorials, closing debrief
- **Function:** RFID cloning tutorial, network reconnaissance guidance
- **Debrief:** Reflects all player choices with specific acknowledgments
---
## 3-Act Structure Defined
### Act 1: Undercover Infiltration (20-30% / 15-25 minutes)
1. **Briefing:** Agent 0x99 explains undercover mission, provides RFID cloner
2. **Daytime Recon:** Pose as corporate client, meet Victoria Sterling
3. **RFID Cloning:** 10-second proximity window during conversation
4. **Optional:** Meet James Park, gather office layout information
5. **Build Trust:** Social engineering for alternative paths (victoria_trust >= 40)
6. **Extraction:** Leave office, regroup with Agent 0x99, plan nighttime infiltration
### Act 2: Investigation & Escalation (50-55% / 30-40 minutes)
7. **Nighttime Infiltration:** Return after hours, navigate guard patrol
8. **Server Room Access:** Use cloned RFID card OR lockpick security room
9. **Network Reconnaissance:** Scan network (nmap), banner grab (netcat), exploit distcc
10. **Evidence Collection:** Decode whiteboard (ROT13), client list (Hex), email (Base64)
11. **LORE Discovery:** Find USB with double-encoded Architect communication
12. **Correlation:** Connect VM flags + physical evidence → "Zero Day sold M2 exploit!"
### Act 3: Climax & Choice (20-25% / 10-15 minutes)
13. **James Discovery (Optional):** Realize James will be collateral damage if firm exposed
14. **James Choice:** Protect innocent OR focus on mission
15. **Victoria Confrontation:** Double agent offer OR arrest decision
16. **Major Choice:** Become double agent (long-term intel) OR arrest Victoria (disrupt cell)
17. **Closing Debrief:** Agent 0x99 reviews choices, M2 connection, Architect revelation
---
## Victory Conditions Specified
### Full Success (100%)
- ✅ All 4 VM flags submitted
- ✅ All 4 in-game encoded messages decoded
- ✅ All 3 LORE fragments collected (4th optional)
- ✅ RFID card cloned successfully
- ✅ M2 connection discovered
- ✅ Architect communication found
- ✅ Victoria choice made (arrest OR double agent)
- ✅ James choice made (protect OR ignore)
- ✅ Never detected by guard (stealth bonus)
### Standard Success (80%)
- ✅ 3/4 VM flags
- ✅ 3/4 encoded messages
- ✅ 2/3 LORE fragments
- ✅ Server room accessed
- ✅ M2 connection discovered
- ✅ Victoria choice made
### Minimal Success (60%)
- ✅ 2/4 VM flags
- ✅ 2/4 encoded messages
- ✅ Server room accessed
- ✅ Victoria choice made
---
## Next Steps
### Immediate (Complete Stage 0)
1. **Create narrative_themes.md** (Expanded narrative details, NPC voices, tone/atmosphere)
2. **Create hybrid_architecture_plan.md** (VM + ERB integration specification)
3. **Update README.md** with Stage 0 completion status
### After Stage 0 Complete
4. **Proceed to Stage 1:** Narrative Structure Development
- Scene-by-scene breakdown (12-15 scenes)
- Dramatic moments identification
- Emotional arc mapping
- Pacing chart design
---
## Stage 0 Deliverables Checklist
- [✅] `00_scenario_initialization.md` (820 lines) - Complete mission initialization
- [✅] `technical_challenges.md` (812 lines) - Detailed challenge breakdown
- [🔄] `narrative_themes.md` - IN PROGRESS (Next)
- [⬜] `hybrid_architecture_plan.md` - PENDING
- [⬜] Update README.md with Stage 0 completion
**Progress:** 50% (2/4 documents complete)
---
## Key Achievements
**New Mechanic Designed:** RFID keycard cloning with full specification
**Campaign Arc Advanced:** First direct Architect communication designed
**M2 Connection Established:** ProFTPD exploit sale revelation planned
**Educational Value Defined:** 9 challenges mapping to 6 CyBOK areas
**Moral Complexity Created:** Victoria double agent choice, James protection choice
**VM Integration Planned:** 4 flags with narrative context (network scan, FTP, HTTP, distcc)
**LORE Framework Set:** 4 fragments connecting Season 1 cells and Architect
**NPC Voices Established:** Victoria (free market ideologue), James (innocent), Cipher (mysterious)
**Victory Conditions Scaled:** 100% (perfect), 80% (standard), 60% (minimal)
---
**Status:** Stage 0 Scenario Initialization - 50% COMPLETE
**Estimated Remaining:** 2-3 hours for narrative_themes.md + hybrid_architecture_plan.md
**Target Completion:** Ready for Stage 1 by end of session
---
**Document Version:** 1.0
**Last Updated:** 2025-12-24
**Next Milestone:** Complete Stage 0, begin Stage 1 (Narrative Structure)
---