mirror of
https://github.com/cliffe/BreakEscape.git
synced 2026-02-22 03:38:03 +00:00
a0231e7692
Added comprehensive technical challenges breakdown (600+ lines):
Break Escape In-Game Challenges:
1. RFID Keycard Cloning (NEW MECHANIC)
- Proximity-based (2 GU range, 10-second window)
- Visual feedback: Progress bar, particle effects, audio cues
- Success: Cloned keycard added to inventory
- Alternative: Social engineering (victoria_trust >= 40)
- Tutorial: Agent 0x99 pre-mission briefing
- Educational: RFID vulnerabilities, proximity attacks
- Implementation: Proximity detection, progress tracking, inventory integration
2. Lockpicking (Reinforced from M1-M2)
- 4 locks: IT cabinet (easy), executive office (medium), security room (medium), safe (PIN)
- Safe combo: 2010 (WhiteHat founding year)
- Clues: Reception plaque, computer file
- Skill reinforcement, no tutorial needed
- Contains: LORE Fragment 2 (Exploit Catalog)
3. Guard Patrol Stealth (Reinforced from M2)
- Night security guard, 4-waypoint patrol (60s loop)
- LOS: 150px range, 120° cone
- Detection states: Unaware → Alert → Suspicious → Hostile
- Strategies: Timing-based stealth, social engineering, distraction
- Educational: Operational security, pattern recognition
4. Social Engineering (Advanced)
- Victoria Sterling: Influence system (50 start, 40+ for bypasses)
- Trust unlocks: Office info (30+), server access (40+), double agent (80+)
- James Park: Information extraction (office layout, schedules, security)
- Night Guard: Cover story validation
- Educational: Trust exploitation, corporate infiltration
5. Multi-Encoding Puzzle
- Message 1: ROT13 whiteboard ("MEET WITH THE ARCHITECT...")
- Message 2: Hex client list (Ransomware Inc, Critical Mass, Social Fabric)
- Message 3: Base64 email (ProFTPD exploit pricing)
- Message 4: Double-encoded USB (ROT13 + Base64 nested - Architect's directives)
- Discovery: Conference room, Victoria's computer, email, desk drawer
- Educational: Pattern recognition, multi-stage decoding, persistence
- CAMPAIGN REVEAL: First direct Architect communication!
VM/SecGen Challenges (Information Gathering: Scanning):
1. Network Port Scanning
- Tool: nmap
- Target: 192.168.100.50
- Output: Ports 21 (FTP), 22 (SSH), 80 (HTTP), 3632 (distcc)
- Flag: flag{network_scan_complete}
- Educational: Port scanning, service enumeration
- Difficulty: Easy
2. Banner Grabbing (FTP)
- Tool: netcat, ftp
- Banner reveals: Client codename "GHOST" (M2 connection!)
- Flag: flag{ftp_intel_gathered}
- Educational: Intelligence from banners, netcat fundamentals
- Difficulty: Easy
3. HTTP Service Analysis
- HTML contains Base64 in comment
- Encoded: ZmxhZ3twcmljaW5nX2ludGVsX2RlY29kZWR9
- Decoded: flag{pricing_intel_decoded}
- Educational: Web reconnaissance, Base64 (reinforced)
- Connects: Victoria's pricing email
- Difficulty: Medium
4. distcc Exploitation (CVE-2004-2687)
- Vulnerability: distcc daemon RCE
- Tools: Metasploit or manual exploitation
- Shell access → operational logs
- CRITICAL REVEAL: ProFTPD sold to Ghost for $12,500 (M2 hospital!)
- Flag: flag{distcc_legacy_compromised}
- Educational: Legacy exploitation, CVE research, RCE
- Difficulty: Advanced
Challenge Integration Matrix:
- 9 challenges total (5 in-game, 4 VM)
- Difficulty: Easy → Advanced scaling
- Educational: NSS, SS, ACS, SOC, HF, AB knowledge areas
- Unlocks: Server access, intel, LORE, M2 connection, Architect reveal
Difficulty Scaling:
- Easy: 5s RFID, slower guard, tutorial VM
- Normal: 10s RFID, standard guard, all encoding types
- Hard: 15s RFID, fast guard, additional obfuscation
Educational Assessment Rubric:
✅ Network reconnaissance (port scanning, service enumeration)
✅ Service exploitation (distcc CVE-2004-2687, Metasploit)
✅ Encoding analysis (ROT13, Hex, Base64, nested decoding)
✅ Intelligence correlation (physical + digital evidence)
✅ Physical security (RFID, lockpicking, stealth, social engineering)
Implementation Priority:
- Phase 1: RFID, guard, VM challenges, drop-site integration
- Phase 2: Social engineering, encoding puzzle, LORE, safe
- Phase 3: Tutorials, scaling, alternative paths, feedback
Status: Stage 0 technical challenges COMPLETE ✅
Next: narrative_themes.md, hybrid_architecture_plan.md
BreakEscape Rails Engine
Cybersecurity training escape room game as a mountable Rails Engine.
Features
- 24+ cybersecurity escape room scenarios
- Server-side progress tracking with 2-table schema
- Randomized passwords per game instance via ERB
- JIT Ink script compilation for NPC dialogue
- Polymorphic player support (User/DemoUser)
- Pundit authorization
- RESTful API for game state management
- Session-based state persistence
Installation
In your Gemfile:
gem 'break_escape', path: 'path/to/break_escape'
Then:
bundle install
rails break_escape:install:migrations
rails db:migrate
rails db:seed # Optional: creates missions from scenarios
Mounting in Host App
In your config/routes.rb:
mount BreakEscape::Engine => "/break_escape"
Usage
Standalone Mode (Development)
export BREAK_ESCAPE_STANDALONE=true
rails server
# Visit http://localhost:3000/break_escape/
Mounted Mode (Production)
Mount in Hacktivity or another Rails app. The engine will use the host app's current_user via Devise.
Configuration
# config/initializers/break_escape.rb
BreakEscape.configure do |config|
config.standalone_mode = false # true for development
config.demo_user_handle = 'demo_player'
end
Database Schema
break_escape_missions- Scenario metadata (name, display_name, published, difficulty)break_escape_games- Player state + scenario snapshot (JSONB)break_escape_demo_users- Standalone mode only (optional)
API Endpoints
GET /games/:id/scenario- Scenario JSON (ERB-generated)GET /games/:id/ink?npc=X- NPC script (JIT compiled from .ink)GET /games/:id/bootstrap- Initial game dataPUT /games/:id/sync_state- Sync player statePOST /games/:id/unlock- Validate unlock attemptPOST /games/:id/inventory- Update inventory
Architecture
ERB Scenario Generation
Scenarios are stored as .json.erb templates and rendered on-demand with randomized values:
<%= random_password %>- Generates unique password per game<%= random_pin %>- Generates unique 4-digit PIN<%= random_code %>- Generates unique hex code
JIT Ink Compilation
NPC dialogue scripts compile on first request (~300ms):
- Check if
.jsonexists and is newer than.ink - If needed, run
inklecateto compile - Cache compiled JSON for subsequent requests
State Management
Player state stored in JSONB column:
- Current room and unlocked rooms
- Inventory and collected items
- NPC encounters
- Global variables (synced with client)
- Health and minigame state
Testing
rails test
License
AGPL v3 - See LICENSE file for details
Documentation
See HACKTIVITY_INTEGRATION.md for integration guide.