CyberLympics Round 1 Results

We recently participated in the first round of the CyberLympics, which consisted of a 3 hour challenge to dissect a packet capture and answer a series of questions about it.  We ended up tied for 4th place, allowing us to proceed to the second round.

1. Deadbeef

2. MC Cyberwatch

3. Cyber Security Athenaeum

3. Heartland

3. Digital fight club

3. SMS – White

3. Team Merica

3. Yetisneakers

4. PeakChaos

5. BlackLanternCorps

5. Cyber Padawans 3

PlaidCTF Results, Upcomming Competitions

This previous weekend, we gathered to compete in PlaidCTF, a competition hosted by Plaid Parliment of Pwning of Carnegie Mellon.  The theme they used this time was an evolution of last year’s competition, going from a simple single player RPG to a full multiplayer game where all of the competitors who were logged in could see each other.  This was accomplished entirely through HTML5.

The challenges themselves were extremely binary-heavy.  Even though the usual spread of categories existed (Reversing, Pwnables, Web, Crypto, Misc, etc…), almost everything relied on reverse engineering to some degree.

In the end, we scored 370 points, putting is in 114th place out of 908 teams.  The challenges we managed to solve were….

Unnnnlucky: A misc challenge based on the movie Hackers.  This involved finding the account number of the bad guy, which is shown on screen near the end of the movie.

charsheet: A web challenge based around finding the character name of the admin of a Dungeons and Dragons role playing site.  Using SQL injection, it was possible to get the site to show a dump of all the characters stored in the database.

hypercomputer 1: A binary challenge similar to another challenge in last year’s PlaidCTF called ‘supercomputer’.  The idea is that the program will compute a key, but has several contrived inefficiencies built in to it.  To solve the problem, we analyzed the program, then generated patches to speed it up.  Common issues were calls to sleep functions (which we could simply remove), and replacing loops which were very slowly multiplying numbers with single instructions.

three eyed fish:  Another binary which, at first glance, appeared to do nothing for awhile, then exit.  Analysis revealed that the program was actually flashing a code out through the keyboard LEDs (hence the name of the problem), which is not immediately obvious since most people are probably running the program in a virtual machine.  By analyzing the order of function calls which were setting the state of the LEDs, and calls to pause the program, we were able to recreate the flashing pattern.  Once we had that, we realized that the pattern was actually morse code, which gave us the key.

Overall, there were several very interesting challenges this year.  The upcomming writeups should provide us with several insights for future competitions.

CyberPatriot Collaboration and Results

Recently, we collaborated with a local group of high school students to help them prepare for CyberPatriot V, a nation cyber defense competition sponsored by the Air Force Association.  The competition revolves around a teams of students being given control of a set of insecure computers, which they must then secure and defend in a live security exercise.  Each computer is responsible for providing a number of services, which the team must make sure continue normal operation, while preventing an enemy team (the “Red” team) from compromising the system.

In order to help the team prepare, PeakChaos created a set of very problematic servers covering a wide range of operating systems, which could then be virtually hosted on a single physical computer.  Using this setup, we were able to take part in a mock competition with the team, where they attempted to secure the servers in one room, while members of PeakChaos acted as the Red team in a different room attempting to break in to the servers.  Overall, the event was a big success, allowing both sides a good learning experience.

The actual CyberPatriot V competition took place last week, where the Colorado Springs Cadet Squadron managed to score highest among the Civil Air Patrol teams.  Good job!



Ghost in the Shellcode IV Wrapup, iCTF, and Upcomming Meeting Topics

Last weekend, we participated in Ghost in the Shellcode IV, a 48-hour jeopardy-style competition hosted by ShmooCon.  At the end of the day, we ended up placing 64th out of 125 teams which managed to score points.  This competition was extremely heavy on reverse engineering and exploitation, which we have been pretty weak at so far.  Since PlaidCTF is coming up quickly, we plan on running a few workshops to get people up to speed on tools such as IDA Pro and valgrind in the near future.

iCTF’s new date has been announced, and will be happening on March 22nd, 2013.  Details are still scarce, but past competitions have been  roughly 8 hours, involving 70+ teams from universities around the world.  We’re currently busy preparing our Attack/Defense infrastructure, which should mostly be in place by the end of this month.  After that, we will be focusing on additional tools to help us during the competition.

Our recent meetings have been focusing on the basics, which will be continuing this Sunday (February 24th, 2013) with an overview of SQL.  Our meetings are generally interactive and hands-on, so feel free to bring a laptop if you want to participate.



PoliCTF This Weekend

This weekend, PeakChaos will be participating in PoliCTF, a challenge-based competition being hosted by Politecnico di Milano.  This competition will be starting on Saturday, November 17th, 2012 at Noon (Mountain Time).  This will be a quick one, since it is slated to last 24 hours.  Additionally, certain challenges will be speed-based, where the faster you solve it the more points you get.  More information can be found at the PoliCTF home page, located here.

We will be coordinating entirely online for this competition (information was just sent out through our mailing list), though we will still have our normal meeting on Sunday from 1PM to 3PM where we will do a wrap-up.

CSAW Wrap-up, RvB Updates, and Hack.LU 2012

Last weekend, we participated in CSAW 2012, ending up in 89th place, out of 639 teams who scored points, and 9th out of 62 teams in the graduate division.  Nice job!  We will add a list of links to writeups of the various challenges soon.

Our new round of Red versus Blue is underway.  We have sorted out many of the issues with the VPN that we encountered in the first week, which should allow for more seamless access to the relevant servers.  Check out the wiki for more information.

We have our next competition lined up as well: Hack.LU 2012.  This is another 48 hour challenge-based CTF, similar to CSAW.  Unfortunately, this one is somewhat poorly timed, as it takes place in the middle of the week.  As a result, we will be doing this one almost entirely remotely, using IRC and Teamspeak again as the main means of communication.

CSAW 2012 This Weekend!

We will be competing this weekend as a team in CSAW 2012, a challenge-based CTF competition hosted by NYU-Poly.  This competition will run for 48 hours.  We will be meeting in our usual room, Osbourne A210, at 4:00PM on Friday to get started.  Additional collaboration information will be sent out over email.

Challenge 03

Our third challenge is now up!  Detail can be found here.  We plan on running this challenge for at least two weeks, with hints being sent out over the mailing list regularly based on how people are progressing.

Upcoming Meeting: September 2nd

Our next regular meeting will be on this coming Sunday, September 2, 2012 from 1PM to 3PM in our new location in the Osborne Center in room A210, see link to map below.  We know that this is Labor Day weekend, so many people may be busy and unable to attend.  If that is the case, please attend our meeting two weeks from now on Sunday, September 9, 2012.
This week, we plan to go over several of the basic tools used in network security, such as setting up ssh keys, connecting to VPNs, virtual machines, and so forth.  Additionally, we would like to hear from everyone about which topics they might want more in-depth workshops on, such a scripting languages (python, perl, php, etc), dealing with packet capturing (Wireshark), or reverse engineering (IDA Pro).
We will also be introducing a new challenge this week, which will run for at least two weeks.  We are aiming to have a new club challenge every two weeks, so if you are interested in creating your own challenges, please start developing some ideas.

Club Recruitment Meeting this Wednesday!

This Wednesday, August 29th at 6:00PM to 7:00PM, we will be holding a recruitment meeting in Engineering 239, where we will be going information about what our club does, and what our plans are for this year.  We will be providing free pizza and drinks.  Anyone is welcome to show up.