The Ultimate Cyber Showdown: Unprotected Server vs. Determined Hackers

Wilson Chua
5 min readJul 28


In a shocking twist to round 1, the Cyber Hack Challenge brings the blue team face-to-face with an unprotected and unpatched CentOS server! What were they thinking? This server is practically begging for trouble with its outdated version of WordPress and multiple themes that are just sitting ducks for hackers. And guess what? No firewalls in sight to protect it! Yikes!

But hold on to your hats, folks! There’s a juicy reason behind this madness. Rumor has it that a mysterious client with a web application on the line is responsible for this risky setup. Apparently, the original developer vanished into thin air, leaving the poor client clueless about managing the code. So, they’re too scared to touch anything, and they’ve given strict orders to the blue team not to update or patch a thing!

Talk about a wild rollercoaster of events! The blue team might seem like they’re walking on thin ice, but they’re not throwing in the towel just yet. Oh no! They’ve got a secret weapon up their sleeve: smart countermeasures! Those sneaky defenders are determined to make it a tough nut to crack for any hacker, except for the boldest of the bold!

But here’s the real tea, folks! The red team, ready to pounce, has got their work cut out for them. They can’t just waltz in and attack. Oh no, siree! They’ve got to be sneaky and cunning. Reconnaissance is their first play, trying to uncover the “fingerprint” of this vulnerable server. They’ve got to find those server weak points without making a peep to avoid setting off alarms!

So, buckle up and grab some popcorn because this Cyber Hack Challenge is turning into one electrifying ride! Will the blue team’s countermeasures be enough to fend off the hungry red team hackers? Or will chaos and mayhem reign supreme?

Following are the blow by blow account of the hack challenge, round1:

The Start of the Tet Offensive:

It all began when the Blue Team’s MRTG monitoring system caught a storm of suspicious activity. The bandwidth went wild, and the server’s CPU surged like a rocket taking off. An unmistakable sign of an impending digital invasion! The Red Team had locked its sights on the Blue Team, and they were launching an all-out assault.

Attacks started at around 11 am

But the Red Team is no amateur bunch of hackers. They’re a force to be reckoned with, and they know how to make an entrance. Their aggressive tactics were designed for speed, hoping to overwhelm the Blue Team before they could react. Below is one of the tools used for professional penetration testing deployed against the Blue team.

Red Team Tool used for Pen Testing

But little did the Red Team know that the Blue Team was always prepared for such a scenario. The Blues’ state-of-the-art Security Operations Center (SOC) was ready to respond at the blink of an eye. Those security alarms went off like wildfire, and the Blue Team sprang into action. They weren’t about to be caught napping.

As the Blue Team analyzed the access logs, they hunted down the source of the attacks like expert detectives. The digital breadcrumbs led them to the top attacker’s IP address — a smoking gun! But it didn’t stop there; the Blue Team was on fire!

Top Source IP Addresses attacking webserver

Strike and Counter-Strikes

The Blue Team’s expertise allowed them to uncover the arsenal the Red Team employed. It was a list of cyber weaponry that would make any hacker drool with envy. Kali Linux, Nessus, NMAP, WPscan, Accunetix, Burp to name but a few. The Reds had come armed to the teeth!

But the Red Team wasn’t just content with a single application. Oh no! They wanted to make sure the Blue Team felt the full brunt of their wrath. So, they also took aim at other well-known points of entry. The SSH and email servers were now in their crosshairs.

Top Source IP Addresses brute forcing SSH

The Red Team didn’t rely solely on cunning tricks and sneaky backdoors. No, they brought brute force to the table. Launching password-guessing attacks with all the gusto of a battering ram pounding on a castle gate, they were determined to breach the Blue Team’s defenses.

Blue Team reacted by adopting Two factor authentication (2FA) and restricted sensitive folders to specific networks only. This way, even if the Red Team did break the passwords, they still couldn’t get in.

As the battle raged on in the digital arena, both teams were locked in an epic struggle for supremacy. The Blue Team’s resilience was admirable, but the Red Team’s relentless aggression was proving to be a formidable challenge. The Red Team probed and attempted to breach the defensive walls by thoroughly scanning for any weakness.

Partial results of attempts on Wordpress

Who will come out victorious in this cyberwarfare showdown? Will the Blue Team’s defensive prowess be enough to fend off the Red Team’s unrelenting assault? Or will the Reds break through the Blue’s defenses and claim victory?

In the world of cybersecurity, there are no guarantees, and the stakes couldn’t be higher. For the Blue team, our goal was to delay the hackers long enough to deter all but the most determined hacking teams. And as the battle between the Blue Team and the Red Team continues, one thing that can be said, both sides learned a great deal from the Hack challenge: Vigilant monitoring & Rapid Response for the Blue Team defense, while determination and persistence for the Red team.

The blue team wishes to thank the Red Team made up of Indonesian security experts led by Semi Yulianto, Lorensius Kurniadi Farhan Aulianda, Raffi Ramadhan, Muhammad Faqih, Denanda Wismon, Hidayat Bachtiar, Bambang Firmansyah, Taufik Utomo and Fadlur Afif.

Red Team at Work during the Cyber Hack Simulations

Stay tuned as the drama unfolds and secrets are revealed in this thrilling cyberwarfare saga!



Wilson Chua

Data Analyst, Startup Founder, Tech Columnist