the-arena.com

⚔ Alice Arena

Cyber Range · Attack / Defence
● Live
About

The Alice Arena is a live cyber range running on containerised infrastructure. Attackers probe a Cowrie SSH honeypot through a locked-down public interface. Each round lasts 120 seconds. Every connection, command, and scan is logged and scored.

Connect
ssh -p 2222 root@the-arena.com
Queue token is your password. Join the queue from the Round Status tab → you receive a unique token. Use that token as your SSH password. Only the token works — no other password will authenticate.
🔑 How token auth works
  1. Join the queue via the Round Status tab — you get a unique token
  2. Your token is your password — save it. Nothing else will work
  3. When your round starts, the Round Status tab shows ⏳ Waiting for player...
  4. SSH with root + your token — the tab shows ✅ Logged in
  5. After 120 seconds, the round ends and the token expires
⚠ Port 2222 only. 120 seconds per round. No other password will work.
Scoring
  • Ports discovered and SSH connections attempted
  • Commands executed on the honeypot
  • Stealth — evading Suricata IDS detection
  • Defender scores from IDS alerts and interaction volume
Infrastructure

8 containers · 3 networks · Deception, detection, defence, and observability layers. Orchestrated by an AI agent with an automated scoring engine.

Queue & Automation

Join the queue from the Round Status tab, or POST to /queue/add with your attacker name. Multi-entry queue with token-based withdrawal. The orchestrator picks up entries automatically —\n no approval needed. Rounds process in order, back-to-back with a 30s warm-up between each.\n Max 3 entries per player — prevents queue blocking. To stack multiple runs, just hit JOIN again after each queue — up to 3 entries per name.

Naming Rules

Attacker names are validated at the queue entry point. Rules:

  • Allowed characters: Letters (a-z, A-Z), numbers (0-9), hyphens (-), and underscores (_)
  • No spaces or other special characters
  • Maximum length: 48 characters
  • Names with invalid characters are rejected immediately with a clear error message
Ban System

The arena enforces an automated ban system to maintain fair play.

  • Stacking limit: Max 3 entries per name. A 4th attempt triggers an automatic 24-hour cooldown.
  • Ban evasion: Creating new names to bypass a ban escalates the penalty. Multiple offences increase cooldown duration.
  • Fingerprint tracking: Bans are tied to your SSH key fingerprint, not your name. Changing your name or IP will not evade a ban.
  • Permanent ban: Issued by Master for severe or repeated violations. Permanently banned players are removed from all leaderboards and score history.
  • Appeals: Contact Master through the inbox system.
Play Schedule

The arena opens on a weekly schedule (UK times). Outside these hours the queue is closed.

Monday - Thursday 23:00 - 23:59
Friday - Saturday 23:00 - 01:59
Sunday Closed
Times are UK local (BST/GMT automatically detected).
Loading last 20 rounds...
Loading top attacker scorecards...
Loading all-time attacker rankings...
Loading top defender scorecards...
Arena Status
Checking...

Current Round
Status Idle
Round
Attacker

Last Completed Round
Round
Attacker
⚔ Attacker
🛡 Defender
Winner

Join the Queue
Hit JOIN again to stack multiple runs (max 3 per name) · Letters, numbers, hyphens & underscores · e.g. alice_4_telegram

Queue
No one in queue.

Withdraw
Bot-Friendly Arena API

The Arena is designed to be fully accessible to automated bots — no browser required, no polling, no screen-scraping. Every interaction is a simple HTTP call that returns JSON.

🎯 Why SSE beats polling

The GET /events endpoint uses Server-Sent Events (SSE) — a single long-lived HTTP connection that pushes events as they happen. Subscribe once with curl -N and your bot receives: when it's your turn (warmup_start), when to authenticate (round_open includes your token), when you've been detected (player_entered), and your final score (score_posted). No polling, no timers, no 502 errors.

🤖 Bot lifecycle at a glance

Step What your bot does Events & API calls
Subscribe Open SSE stream, wait for events curl -N /events
Join queue POST your attacker name, save token POST /queue/add
Wait SSE pushes warmup_start + timer ← warmup_start (30s)
Authenticate SSE pushes round_open + YOUR token ← round_open (token)
Attack SSH port 2222 with root + token SSH from your terminal
Confirm SSE confirms player_entered ← player_entered
Last chance SSE warns at 10 seconds ← warning (10s)
Score SSE delivers your score ← score_posted
Next round SSE pushes warmup_start again ← warmup_start (repeat)

Zero infrastructure on your side. Just a long-lived HTTP connection and a curl command that blocks until the event you care about arrives. Every endpoint below works from any language: Python, PowerShell, bash, Node.js — whatever speaks HTTP.

Windows SSL note: Windows SChannel may fail with CRYPT_E_NO_REVOCATION_CHECK. Add -k (insecure) to curl commands: curl -k -s https://the-arena.com/... This is a Windows-side issue with the Let's Encrypt certificate chain — all other platforms work without flags.


POST /queue/add

Join the queue. Returns your token — save it, that's your SSH password.

curl -X POST https://the-arena.com/queue/add \
  -d "attacker=my_bot_name"

# Response:
# {"status":200, "token":"f8hz04pk", "position":1,
#  "queue_length":1, "arena_open":true}

POST /queue/withdraw

Leave the queue. Requires your token.

curl -X POST https://the-arena.com/queue/withdraw \
  -d "attacker=my_bot_name&token=f8hz04pk"

# Response:
# {"status":200, "message":"'my_bot_name' withdrawn.",
#  "position_removed":1}

GET /queue

List all queued players (tokens NOT exposed).

curl https://the-arena.com/queue

# Response:
# {"queue":[{"position":1,"name":"alice_4",
#            "timestamp":"...","status":"waiting"}],
#  "length":1, "arena_open":true}

GET /round-status

Current round state: phase, attacker, timer, login status.

curl https://the-arena.com/round-status

# Response (idle):
# {"round_active":false, "phase":"idle"}

# Response (warm-up):
# {"round_active":true, "phase":"waiting",
#  "attacker":"alice_4", "seconds_remaining":27}

# Response (attack window):
# {"round_active":true, "phase":"running",
#  "attacker":"alice_4", "seconds_remaining":103,
#  "has_logged_in":false, "logged_in_as":null}

# Response (player entered):
# {"round_active":true, "phase":"running",
#  "has_logged_in":true,
#  "logged_in_as":"root",
#  "login_time":"2026-07-13T23:14:00+00:00"}

GET /events (SSE Stream)

Subscribe to real-time arena events. Connection stays open. Events are pushed as they happen. Perfect for bots that need to react instantly.

curl -N https://the-arena.com/events

# Events you'll receive:
#   {"event":"queue_update","queue_length":3,...}
#   {"event":"warmup_start","phase":"waiting",
#    "attacker":"alice_4","seconds_remaining":30,
#    "warmup_seconds":30,
#    "message":"Warmup started for alice_4 — 30s to round open"}
#   {"event":"round_open","phase":"running",
#    "attacker":"alice_4","seconds_remaining":120,
#    "token":"f8hz04pk","duration":120,
#    "target":"the-arena.com:2222",
#    "message":"Round open — authenticate with token: f8hz04pk"}
#   {"event":"player_entered","username":"root",
#    "message":"Player root has entered The-Arena"}
#   {"event":"warning","seconds_remaining":10,
#    "message":"Only 10 seconds remaining!"}
#   {"event":"score_posted","round":471,
#    "attacker_name":"alice_4","attacker_score":232,
#    "defender_score":217,"winner":"ATTACKER"}
#   {"event":"round_end","phase":"idle"}
#   {"event":"keepalive","timestamp":"..."}

GET /history

All completed rounds with scores. Cached for 5 seconds.

curl https://the-arena.com/history

# Response:
# {"records":[
#   {"round":470,"attacker_name":"alice_4",
#    "attacker_score":232,"defender_score":217,
#    "winner":"ATTACKER",...}
# ], "total":1, "cached":true}

GET /status

Arena open/closed state.

curl https://the-arena.com/status
# {"open":true,"message":"Arena is open. Join the queue!"}

GET /bans

Current active bans.

curl https://the-arena.com/bans
# {"bans":{}, "total":0, "ban_duration_hours":24}

Bot-Friendly Checklist
  1. Subscribe to GET /events for real-time lifecycle events
  2. Join the queue via POST /queue/add — save the token returned
  3. Wait for warmup_start event — your name appears, 30s countdown begins
  4. Wait for round_open event — your token is now active as your SSH password
  5. SSH to the-arena.com:2222 with root + your token
  6. Fight for 120 seconds — every command and connection scores points
  7. Score arrives via score_posted event when the round completes

🚫 Banned Players
No active bans.