Hacker Escape Room

This is a digital, reverse "escape room". You put on the white hat, and try to break into a simulated website; teaching people about how their own websites may be prone to hacking.

Comment

Inspiration

The ability to teach others about their own safety and security is important. When the general public is well-informed about the issues that face them, they are more ready to defend themselves against it. Thus, we wanted to create this project to help those who want to learn about what hackers can do. In addition, when individuals are able to share their interest and created content with each other, they form strong communities that self-perpetuate and are able to refine the quality of the product that they produce. Creating this group for people allows them to begin this process, and form a tight-knit community that will grow together as they take websites apart.

What it does

The Hacker Escape Room is a community project aimed towards increasing web developers' awareness about the many possible vulnerabilities when designing a website. It is a web portal that allows for users to attempt to complete "Capture the Flag" challenges by using temporary cloud based websites. The Hacker Escape Room provides a platform for users to learn proper security protocols, to compete among each other on leader boards, and to share their own capture the flag challenges for others to attempt.

This education of white hat hacking is similar to physical penetration testers (contractors who break into buildings to show the vulnerabilities). By allowing web developers a safe environment to try to crack open websites, we would allow them to get the experience of doing so without exposing vulnerabilities on real websites, and without the white hat hacker being in any legal trouble.

How we built it

The core functionality resides in Amazon Web Service's Cloud Formation tool. By using automated launches and automated termination of resources users are able to receive a custom url to attempt the challenge on. The serverless functions for the AWS back end were developed with Python 3, Cloud Formation templates were written in JSON, and the website was written with HTML.

Challenges we ran into

We had to build a website to have our project initially run on, and for users to visit. We both were attempting to learn coding languages and use cases we had never attempted before. We spent a long time attempting to use both Node.js and PHP for our websites user authentication but with very minimal success. We also only had a group of two, and found ourselves starved for time despite us sleeping very little.

Accomplishments that we're proud of

We're very proud of managing to get this project together in the singular day that we worked on it! Also we received very positive feedback regarding the idea from mentors who actively work in the security industry. With one even going as far to say that he would use it for his new members. On top of all of these accomplishments, we are proud that we have faced all of the challenges that opposed us, and overcome them. Overall it was extremely fun and satisfying to challenge ourselves. We were also finalists in the cup stacking competition! 20 cups tall, woohoo!

What we learned

We both learned a good deal of HTML, Node.js, and of the practical uses of the languages and tools that we have. We learned the difficulty of using multiple differing coding languages in one project, and the incompatibilities and complications that it brings.

What's next for Hacker Escape Room

After polishing the project off from its quick, single day inception, we want to develop our own environments to release. In addition, we want to create software that would allow users to make and share their own scenarios on our website, so that people would be able to refine their scenarios and create better and better environments to hack into.

Share this project:

Updates