No announcement yet.

Hacker Capture The Flag

  • Filter
  • Time
  • Show
Clear All
new posts

  • Hacker Capture The Flag

    Any news from Ghetto Hackers on new rules for CTF? I didn't see a thread on this, so I thought I'd bring it up. What can we do to help?

    Thoughts from DC9:
    I think last year's effort to get more "hackable" systems into the game was a good idea (OS Grab Bag, default builds, etc.), but the devil is in the details-- how to encourage contribution without changing the essence of the game...

    Also, there was much wasted time between 1am and 8am, when those who couldn't stay awake with vodka or caffine shut down and left for the night. It'd be nice if there was some place safe to leave stuff running for the duration-- the uptime could bring out a few more creative hacks (not that GH's social engineering root of Dan's laptop wasn't creative:)

  • #2
    Don't worry. The official rules will be coming out soon via the official page @

    In regards to GH, and their involvement. They did volunteer at the conclusion of last years con. However I have yet to be contacted by anyone.

    If you, or any reader has further information please feel free to email me @

    As far as a secure location for the server machines goes, we did this back at DC8 to combat the advantage of sysadmins under DC7 rules (people randomly rebooting, actively repelling attacks from console).

    This year I'm looking to return to having a cage in the CTF area for the admins to check in boxes on Friday and remove on Sunday. This is mostly due to the fact that running 20 Ethernet runs back to my switching gear in the NOC was a pain in the ass.



    • #3
      GHI CTF rules

      The ghettohackers posted their new CTF rules yesterday:



      • #4

        The cage idea rocks. We need a bigger cage for the center of the hangout room where people can pay to do the whole SUMO thing again this year. hahah DefCon 10 Sumo Ring Match!!!! We could make it a tournament... Ok, I'm calling Jeff. haha


        • #5

          Is the whole net at AP not on the internet, or just ctf? From GH announcement:
          This is a closed network that is not connected to the Internet, so
          bring all your tools. While not required, it might help your team to
          justazero -
          "Skepticism, like chastity, should not be relinquished too readily."
          - George Santayana


          • #6
            Net Access


            No we do have external connectivity via the Defcon Network of Ethernet Jacks in the walls and the Wireless Access Points.

            In the past the CTF network has been connected as well. And I suspect that each CTF team will cross-connect to the Defcon Network in relatively short order. So remember to bring a router!

            In the meantime, for those of you that have taken a look a the new rules, please drop some comments here.


            • #7
              wireless huh? hmmmm....
              if it gets me nowhere, I'll go there proud; and I'm gonna go there free.


              • #8
                I chewed on the rules for awhile. Hmmmm. They seem a bit cryptic, but that's normal. Let me see if I got this strait...

                Someone is writing a clear-text IP-based client/server app (telnet, perhaps?) that runs on an X86 platform. The systems that it runs on or the app itself will have some discernable flaws. The "server" portion will be the game scoring mechanism, maintained by GH.

                We are to get the application up and running on our systems, where it will call home and get monitored. Our "app" will have a "flag" (certificate?!), that will identify that that it is under our control.

                We'll need to find the vulnerabilitites and patch them on our own systems before someone else does, while at the same time trying to hack others' systems and replace their "flag" with our own before they can patch, so that we can collect their points. We continually collect points as long as servers are up with our flag on them.

                Did I get this right?


                • #9

                  Original quote:

                  - If required, the folks running the contest may step in to take the place of the press, judicial system or stock market.

                  I suppose that they can intervine as a part of the game...
                  Like a fake judicial system... right???
                  I think, therefore i exist.


                  • #10
                    The defcon->GHI CTF link is up, so apparently these rules have now been officially endorsed.
                    Last edited by jsyn; April 28, 2002, 09:57.


                    • #11
                      To make this even more realistic for the sysadmins, we ought to have a few know-it-all developers making unscheduled and un-tested changes to production code that introduce new security holes.


                      • #12
                        So no 64-bit Machines for CTF

                        I'm concerned about the X86 and open source limitations imposed by the new rules..

                        That means no 64-bit Alpha's no VMS or Unix? That means all tools must be Open Source or they can't be used?

                        This doesn't seem at all like the real world even in microcosm!

                        Last time I checked there were dozens of different server environments that don't require "Patching" the Kernel in


                        • #13
                          Deconstructing the rules

                          OK, let's see what we've got here (note: all of this is taken directly from the CTF rules posted at

                          One more time for the slow folks:
                          The contest is to maintain a given number of services, starting with an x86 operating system. As long as the scoreboard server sees that your services are up AND your server has your team's flag, you get points.
                          If the server is down, you don't get points. If the server is up with somebody else's flag, they get the points. Polling is done pretty often. You can join whatever team will have you, but teams can't merge.
                          So, yeah, it appears as though CTF is restricted to x86 operating systems this year (note: that's not an official statement, just a declaration of my perception of the rules). Which is a bummer, but just lightened the amount of crap I'll have to load into my car by around 20lbs. I'd planned on bringing a non-Intel machine running a Unix variant specifically to see what people tried against it, but it looks like there's no point now.

                          I can kind of see why they've chosen the rules they have, but it's really going to cut down on the nicely disparate nature of the network. We'll probably just end up seeing the same tired bunch of x86 exploits being used here as in the field.


                          • #14
                            Deconstructing rules

                            Here's my take on "What it says"

                            You get an OS given to you which you must protect. This OS is X86 based. Basic real world scheme. Keep it running without hacks.

                            The patches section is iffy - do the patches have to be already open source, or if hand crafted turned into open source? Ghent?

                            Attacks - use anything you want, but there is no direct connectivity to the 'net. This'll keep slam attacks off of both sides (none going out to annoy the ISP, and none comming in to be a nuisance to the ctf.)

                            "- If required, the folks running the contest may step in to take the place of the press, judicial system or stock market. " Need any help? More than willing to be an annoyance.

                            This is pretty straight forward when you break it down. Net admins get what management tells them to use and they have to make it work/safe. The hacker get all the tools and platforms they can lay their hands on. That's about as real world as it gets.

                            The only question not answered is when do the 48 hours start/stop.

                            Seriously Ghent, if you need any help, I'm available. I'll be there, and if not in a session I'd be up to anything - it's not like we're hot-siting Networld Interop. See ya Friday.
                            justazero -
                            "Skepticism, like chastity, should not be relinquished too readily."
                            - George Santayana


                            • #15

                              so it says starting with an x.86 system... what if you then MIGRATED the services over to a diff system? Real world stuff here.. migrate this application over to this platform..

                              just my thoughts..