Skip to content

Latest commit

 

History

History
17 lines (17 loc) · 1.09 KB

PluginsResponseFlag1.md

File metadata and controls

17 lines (17 loc) · 1.09 KB
  1. Ensure that the blue agent from the previous flag is running on a remote system and can communicate with the Caldera server.
  2. On your local system, open a shell in a terminal.
  3. Using netcat, open a listening TCP socket on port 7011: nc -l 7011
  4. On the remote system running the blue agent, connect to the netcat listener created in the previous step and leave it running: nc <IP address> 7011 (insert the correct IP address).
  5. In Caldera and logged in as the blue user, click on CAMPAIGNS > operations.
  6. In the Operations window, click the + Create Operation button to open the Start New Operation menu.
  7. Enter Response Training as the operation name.
  8. Select the Incident Responder adversary from the Adversary dropdown.
  9. Ensure response is selected in the Fact source dropdown.
  10. Press ADVANCED to open the advanced options dialog.
  11. Select blue for the group.
  12. Select Auto close operation from the Auto-closeradio group.
  13. Select batch from the Planner dropdown.
  14. Press the Start button.
  15. Wait for the operation to complete.
  16. Task completed.