Tuesday, September 4, 2012

Defcon 20 CTF - CTF Inside



Well, that was hell of a game.

Lollers would have bet that DDTEK would screw this up but guess what... After herding all year long, they invoked their sheep for rescue to save their bad ass' smelly screwing power reputation.

They ruled it! Special Kudos for running a game of 20 teams x 8 individuals so smoothly. This was a big "first time ever" for the "Capture the Flag" exercise. Not to tell that there wasn't some fuck up but DDTEK were back with good binaries quality, much harder and pretty well thought compared to last year. Almost no problem all game long except the traditional "We R in Late..."


Some stuff to clarify huh...
  • 0ldEurope : shame on you for not being able to read a damn RFID token. We'd better help out European n0psled.
  • Occupy EIP: despite the rubbish way to get in the arena, you deserved your spot guys :)
  • Anybody saw the Pandas around this year?
  • That was fun to screw up the caps with some wireshark 0d :), replayers went back to stone age...
  • Believe it or not, we didn't steal a damn flag from PPP. There is always network sh1t happening every year; the No IPS and No ptrace rule made it clear for once... We should introduce the "Organizers Sucking Power" concept in the game rules.

Speaking of flags, this is how we scored on the various services:


And against the teams (and you see, nothing from PPP wtf):


Overall, that cyber pwn party was the best we ever got involved in since 5 years. DDTEK guys were cool and available (what a delighting change since last year!), the organization was fine, so were the exploited services: varied, interesting, various difficulty levels (yet mostly hard!), etc... Congratz to this one cool guy (Brian?) of DDTEK who made the challenges! And the beer party after the pwn one was an excellent idea ;)
We eagerly wait on kenshoto for their promised SNA over RS-232 and smoke signals token submissions 'innovation'.

For the crowd, here is some insider info:
  • At the start, a table is given to each team with a different color (in case you don't recognize your team name or mates)
  • You get 2 cables arriving at the table (some stickers to tell what it is: don't dream that much baby!)
  • What the fuck is that printer doing on the table... First thought: that must be something for @tlas: reversing is much easier on paper!  ;-)
  • There were some images of a RFID token printed on pages on the printer and just under was hidden the RFID. Funny to see all those guys trying to recover printer's hard drive data... for nothing, hahaha... ddtek's "we have a few tricks for you this year" indeed... Hope that teams didn't break too many of them :), rent printers, not the same model, think about it.
  • You had to read the RFID token as fast as possible in order to get the key that would allow you to decipher the archive given by the organizers on a USB stick.
  • You had to decipher the archive (gpg encrypted, using removed IDEA algorithm), otherwise no access to your server was possible because no credentials...
  • From there, you had to invoke your 1337 skills, reverse all the crap to find flaws, write sploits and pwn everybody as effectively as possible: this is what we are really good at. Guess stories are for pussies.
  • If you don't know IPv6, too bad...
How not to mention the samurais. Although they popped up with an impressive 30+50 members' team, they could have been owned. A 20 member team would have done the job. Exploitation reliability dilemma gave them a good advantage over the other teams (which were typically staffed with 10 to 20 l33t h4x0rs). We hope they will increase their staff to 200 next year.


Greetz to all CTF teams. Really nice show guys. Sorry to our neighbors for our noisy pwning engine. Crazy made it so it has to be that way.

Routards

1 comment:

  1. Hi there,

    Surfing the internet about CTF contests and stuff related I find your site and saw your interest about CTFs. My name is Marius Corici and I'm one of the founders for CTF365. Thought you might dig this: http://CTF365.com . Give a shout if interesting and please tell me your opinion.

    Cheers,

    Marius

    ReplyDelete