Monday, August 12, 2013

Defcon 21 CTF - Binaries and environment

Vulnerable boxes were LXC containers with Ubuntu and Linux 3.8 kernel on ODROID-U2 boards (ARMv7 CPU). ARMv7 means you can't debug on your SheevaPlug (ARMv5) or RaspberryPi (ARMv6) so either you have an ARMv7 handy (e.g. Chromebook) or you need to use QEMU.

We were given 6 binaries (4 on the first day, 2 on the second day) so it's doable by a team of 8 people (the limit) and hopefully doesn't benefit larger teams. We didn't have root, but a user ctf with sudo access to users running the binaries, which were run by xinetd, so the teams didn't have to keep a server running. Binaries had one or multiple vulnerabilities, and some of them had bugs which were patched during the CTF.

The nice part is that the OS had ASLR and NX enabled, and some binaries were PIE. Finally stepping up the game!

Defcon 21 CTF

And here we are again in Vegas this year for Defcon 21 CTF!

New organizers this year: LegitBS, 8 people including members of Samurai (last year's winners).

In short, they did really good. Great game, good challenges, always on time and most of the things working.