Battlegrounds - Cyber Mayhem

Introduction on how to play Battlegrounds - Cyber Mayhem mode on HTB Labs.

Ryan Gordon avatar
Written by Ryan Gordon
Updated over a week ago

Cyber Mayhem is an Attack / Defense style game where two sets of Machines are spawned, each belonging to a team. Each team is given root access to their own set of Machines and is tasked to secure them while trying to attack the opposing team’s Machines.

What are your Objectives, you ask?

  • Form or join a team and start the game

  • Download VPN keys to get access to the Machines your team has been tasked to attack

  • Work with your team to come up with a strategy for defending and attacking

  • See the progress of the match on the battle page

  • Οwn Machines’ user and system accounts tο win!

First, invite all your friends to one single team. Once your team is ready to deploy, click on the Play Battlegrounds button and then Find Match. Further settings for this section will be available once we bring out more features like region selection, solo gameplay, and Server Siege.

You will be then placed in a queue. Your team will be matched with other teams looking to play Cyber Mayhem at that time. If you wish to cancel the Matchmaking sequence, click on the Cancel Match button, which will stop the sequence and allow you to further organize with your team.

Once a match has been found, a message will pop up, displaying the readiness status of the users on both teams. Each user will have to click on the Accept button within 60 seconds to "ready up" and proceed with the game.

From this point on, if all users have Accepted, the teams are locked in, and the game starts loading.

Once on the loading screen, you can still chat with your team and the opposite team. You can take this moment to make sure everything you need is set up and download the .ovpn pack from the prompt.

The status at the bottom will display the progress of the game during start-up. Once the bar is filled, the teams are dropped into the game with the 8 Machines ready and running.

Once in, the game announcer will let you know that the flags have been planted on both your and the rival team's Machines. You can immediately start discussing with your team to form a plan of attack.

Your team status is displayed at the top left, along with the Match Settings button. Here you can see how many points your team accumulates during the match and, by hovering over each of the members' profile pictures, the traffic generated by each team member.

The other team is also at the top, on the right side. In the middle, you can spot the match timer. Once this timer reaches 00:00, the match is over, and the winning team is announced. Another way to end the match is for one team to surrender.

The Machines for both teams are right below this top bar. In the middle, you can switch between the Battle Log, Team Chat, and Battle Chat. The first one will display in detail (depending on the filters you apply to it) what is happening during the match. Event triggers such as flags being planted, Machine user or root owns, and other such triggers will appear here.

The latter two tabs define your team's private chat to coordinate actions, respectively the global chat for the whole match, to instigate violence towards the opposite team.

During the match's initial phase, it's considered good practice to assign yourself to the tasks you want to perform. Pictured below is how you can assign yourself to defend a certain Machine. You can also apply this to attacking a certain Machine.

You have access to the Defended Machine's root password to connect to it remotely through SSH from the same submenu. Using this password, you should immediately scan your Machine for vulnerabilities and perform patches on them to deny entry for the enemy team.

Going back up to the Match Settings menu, you can quickly Download VPN, Disconnect from the match or initialize a Surrender vote.

At the bottom of the Battle Log, you have your filter options. From here, you can pick which type of information you want to see in the log. This can help declutter it during a match, leaving you only with the information you are interested in, depending on your role in the team.

At the bottom right of the page, you can submit any flags you find from the opposite team's Machines. This allows you to quickly paste them on the page without needing to click on the user or root buttons for each Machine separately. The platform will automatically identify the flag for you and assign the needed points to your team.

Once some owns have occurred, and the flags have been submitted, you will notice the progress bars for each of the teams at the top, right below the score amount and the time left.


If one of your Machines has been completely owned by the enemy team, you will receive a notification regarding the status of the breach. The Losing Points status refers to the continuous loss of points due to the Machine having a broken service. This will only revert if a patch is applied or if the service is reset. You can also see that the status of both flags is set to breached.

Enemy Machines that your team has successfully breached will be marked with green, marking the fact that the flags have been successfully taken.

Towards the end of the match, the difference in points will be all that matters. Use any advantage at your disposal to increase this as the match approaches its end.

If any of the teams see no possible way of winning the current match, the option to Surrender exists. This avoids wasting time on a lost match until the timer reaches 00:00. Any team will need 3/4 successful surrender votes to pass the vote and end the game.

After each finished game, an after-action report will be available. This will contain all of the match's information, events, final points value for each time, and a summary of the activity for each player.


Rules of Engagement

Also, during your gameplay, it's imperative to take note of the following rules:

General Rules

  • Players aren't supposed to shut down Machines.

  • Players are not allowed to change the root password of Machines.

  • Processes/commands that are marked with the `HTB=1` prefix should not be

    considered part of the exploitation process since they are system checks to ensure that the legitimate functionality of the Machines is preserved.

  • Surrenders can’t be called before the 15-minute mark.

  • Helping the opponent team in any way and for whichever reasons can lead to disqualification. Any actions against the platform and HTB infrastructure itself are prohibited.

Defender Rules

  • Defenders are not allowed to massively "kill shells" to secure their systems. They should focus on patching the actual vulnerabilities.

  • Defenders aren't supposed to kill a service to patch vulnerabilities.

  • When defenders try to patch vulnerabilities, it's their responsibility to ensure that no underlying functionality has been stopped due to their patch. For example, there is a reason for sudo entries, so they should still serve their original purpose when they are modified. Removing a sudo entry is not a "fix", and defenders should consider fixing the insecure "sudo entry" instead of removing it.

  • If a system check has been fired in the middle of a service restart or Machine reset/reboot, there is a chance that the game will punish defenders with a loss of points. This is intended, and the reason behind that is to "award" the players who didn't restart/reboot many times.

Did this answer your question?