Commit f016da8

@@ -1,3 +1,15 @@
+## NICE_TO_HAVE
+
+### bchd
+
+``` bash
+apt update
+apt install -y man less
+unminimize
+```
+
+## STEPS
+
 ### bchd
 
 ``` bash
@@ -31,6 +43,52 @@ ssh -i /map.txt admin@127.0.0.1 -p 2111 # Opening Moves
 # TODO: proxychains nmap line to scan for port 2222 on server_1
 ssh -i /map.txt admin@127.0.0.1 -p 2111 -NfL 127.0.0.1:2222:172.16.2.31:2222
 ss -antp | grep 2222
-# create file on bchd with provided key called shaibel
+# create file on bchd with provided key called wshaibel
 ssh wshaibel@127.0.0.1 -p 2222 -i wshaibel # Novice Tournamanet
 ```
+
+### server_1
+
+``` bash
+cat /etc/ssh/sshd_config | grep GatewayPorts # Novice - Game 1
+file evidence_found_lens.enc # it's a zip!
+base64 evidence_found_lens.enc
+exit
+``` 
+
+### bchd
+
+``` bash
+# copy back the b64 cotents to bchd to file evidence_found_lens.enc.b64
+base64 -d evidence_found_lens.enc.b64 > evidence_found_lens.enc
+apt install unzip
+unzip evidence_found_lens.enc
+# Password 123456
+cat evidence_found_lens.txt # Novice - Game 3
+ssh wshaibel@127.0.0.1 -p 2222 -i wshaibel -NfR 0.0.0.0:1031:127.0.0.1:1031 #1031-1225
+ps aux | grep ssh # note the 1031 process id
+apt install -y netcat
+nc -nvl 1031 | tee game-2.txt
+# within 60s data should be received - Novice - Game 2
+# remove the flag from game-2.txt
+chmod 0400 game-2.txt
+ssh-keygen -y -f game-2.txt
+ssh wshaibel@127.0.0.1 -p 2222 -i wshaibel -NfL 22109:10.10.10.109:22
+ss -antp | grep 22109
+ssh hmelling@127.0.0.1 -p 22109 -i game-2.txt # Expert Tournament
+adduser vborgov
+su vborgov
+cd ~
+mkdir .ssh
+vim ~/.ssh/authorized_keys
+# add provided key
+exit
+apt install -y openssh-server rsyslog
+/etc/init.d/ssh start
+/etc/init.d/ssh stop
+/usr/sbin/sshd -D -d
+ssh hmelling@127.0.0.1 -p 22109 -i game-2.txt -NfR 0.0.0.0:1666:127.0.0.1:22
+ps aux | grep ssh
+# watch for inbound connection
+
+```