Hope everyone had a great weekend!
We’ll be having our next meeting this Thursday at 7:30PM in Osborne/Science & Engineering A210. A rudimentary, semi-unhelpful, and fruitless map is located here. The room is on the ground floor, take right through the sliding double doors, go down the hallway and take another right.
We’ll be working on getting everyone introduced to the security world and involved right away. I have constructed a fully interactive presentation/exercise. You will not have access to the training network until the night of the meeting, but the slides are available here.
Please bring a working laptop, preferably running Linux or running a Linux VM. It is very boring watching everyone have fun, trust me and if you aren’t behind the keyboard you’re not learning. Bring your gear please.
If you have any questions on how to install a Linux VM here’s an example that will work with Ubuntu on Windows 7: https://www.youtube.com/watch?v=0WiiswmOH1Q
A huge shout-out to the UCCS Computer Science department who will be sponsoring us this year!
Thank you UCCS CS!
Congratulations to all of the teams that participated! All of the teams did an incredible job. The top 2 teams below have advanced to the next round of competition. The top 2 teams have won free hotel stays at the Hilton Atlanta, and free entrance to the Hacker Halted along with Team jerseys, and over night hotel stay. We will email the top teams more details regarding the regional prizes and how to participate in the final competition.
2. Secure Mission Solutions – White
3. Team Merica
4. Digital Fight Club
We recently participated in the first round of the CyberLympics, which consisted of a 3 hour challenge to dissect a packet capture and answer a series of questions about it. We ended up tied for 4th place, allowing us to proceed to the second round.
2. MC Cyberwatch
3. Cyber Security Athenaeum
3. Digital fight club
3. SMS – White
3. Team Merica
5. Cyber Padawans 3
This previous weekend, we gathered to compete in PlaidCTF, a competition hosted by Plaid Parliment of Pwning of Carnegie Mellon. The theme they used this time was an evolution of last year’s competition, going from a simple single player RPG to a full multiplayer game where all of the competitors who were logged in could see each other. This was accomplished entirely through HTML5.
The challenges themselves were extremely binary-heavy. Even though the usual spread of categories existed (Reversing, Pwnables, Web, Crypto, Misc, etc…), almost everything relied on reverse engineering to some degree.
In the end, we scored 370 points, putting is in 114th place out of 908 teams. The challenges we managed to solve were….
Unnnnlucky: A misc challenge based on the movie Hackers. This involved finding the account number of the bad guy, which is shown on screen near the end of the movie.
charsheet: A web challenge based around finding the character name of the admin of a Dungeons and Dragons role playing site. Using SQL injection, it was possible to get the site to show a dump of all the characters stored in the database.
hypercomputer 1: A binary challenge similar to another challenge in last year’s PlaidCTF called ‘supercomputer’. The idea is that the program will compute a key, but has several contrived inefficiencies built in to it. To solve the problem, we analyzed the program, then generated patches to speed it up. Common issues were calls to sleep functions (which we could simply remove), and replacing loops which were very slowly multiplying numbers with single instructions.
three eyed fish: Another binary which, at first glance, appeared to do nothing for awhile, then exit. Analysis revealed that the program was actually flashing a code out through the keyboard LEDs (hence the name of the problem), which is not immediately obvious since most people are probably running the program in a virtual machine. By analyzing the order of function calls which were setting the state of the LEDs, and calls to pause the program, we were able to recreate the flashing pattern. Once we had that, we realized that the pattern was actually morse code, which gave us the key.
Overall, there were several very interesting challenges this year. The upcomming writeups should provide us with several insights for future competitions.
Recently, we collaborated with a local group of high school students to help them prepare for CyberPatriot V, a nation cyber defense competition sponsored by the Air Force Association. The competition revolves around a teams of students being given control of a set of insecure computers, which they must then secure and defend in a live security exercise. Each computer is responsible for providing a number of services, which the team must make sure continue normal operation, while preventing an enemy team (the “Red” team) from compromising the system.
In order to help the team prepare, PeakChaos created a set of very problematic servers covering a wide range of operating systems, which could then be virtually hosted on a single physical computer. Using this setup, we were able to take part in a mock competition with the team, where they attempted to secure the servers in one room, while members of PeakChaos acted as the Red team in a different room attempting to break in to the servers. Overall, the event was a big success, allowing both sides a good learning experience.
The actual CyberPatriot V competition took place last week, where the Colorado Springs Cadet Squadron managed to score highest among the Civil Air Patrol teams. Good job!
Last weekend, we participated in Ghost in the Shellcode IV, a 48-hour jeopardy-style competition hosted by ShmooCon. At the end of the day, we ended up placing 64th out of 125 teams which managed to score points. This competition was extremely heavy on reverse engineering and exploitation, which we have been pretty weak at so far. Since PlaidCTF is coming up quickly, we plan on running a few workshops to get people up to speed on tools such as IDA Pro and valgrind in the near future.
iCTF’s new date has been announced, and will be happening on March 22nd, 2013. Details are still scarce, but past competitions have been roughly 8 hours, involving 70+ teams from universities around the world. We’re currently busy preparing our Attack/Defense infrastructure, which should mostly be in place by the end of this month. After that, we will be focusing on additional tools to help us during the competition.
Our recent meetings have been focusing on the basics, which will be continuing this Sunday (February 24th, 2013) with an overview of SQL. Our meetings are generally interactive and hands-on, so feel free to bring a laptop if you want to participate.