Announcement

Collapse
No announcement yet.

CTF Submissions - There can be only one!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Re: Feedback

    Originally posted by ForSwitch View Post
    Uhhh...why would the organizers need to release the game image? A snapshot of the binaries would be more than enough...and would not be encumbered by any licenses. It would also have the benefit of being a few megs instead of a few gigs. That of course assumes that the organizers want to release that stuff. I can't speak for any of the potential organizers, though.
    The binaries alone are not necessarily enough. The ctfs I have participated in have been heavy in web apps, these need setup, a web server, and often a database back end, it is certainly easier for people to try things out if they come pre-configured in an image they can run right out of the box. There are all kinds of O/S images available as vmware appliances, why couldn't the defcon ctf image be released in that manner?

    As to whether the stuff should be released at all, I think it is a bit of a disappointment that the defcon ctf is run like a bit of a secret society that only 8 teams get to participate in. It is impossible to fully understand what the teams are doing during the game because they are always too busy to talk. One of the great things about Defcon is the way it gives back. Even if you can't attend the con, you can always see the videos later. I think it is too bad that the same can't be said of ctf. I am not saying that the organizers should release all of their backend stuff, but it would be fun to get my hands on the stuff the players get to see.

    -ZR

    Comment


    • #17
      Re: Feedback

      Don't worry about contest organizers having the authority to toss people out of the con, that can only be done by the hotel or by consulting with me or Zac if I am not available.
      PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

      Comment


      • #18
        Re: CTF Submissions - There can be only one!

        I'm a big fan of the relatively straight forward approach taken by the current CTF and suggestions #1/2; #3 is so complicated I'm certain no random spectators would understand it, even if the players/judges could eventually get a handle on it. And a contest throwing people out of DEFCON is a little overboard...

        Otherwise, #2s seems slightly better for exploiting web apps, but both suggestions are pretty similar.

        Comment


        • #19
          Re: CTF Submissions - There can be only one!

          Speaking as one who runs a contest- I welcome attacks in my contest that I have not thought of or accounted for. Isn't that the spirit of things?

          Just saying...

          1057

          Comment


          • #20
            Re: Feedback

            Originally posted by ForSwitch View Post
            The transition to Windows would make it harder for teams who have competed in the past and already have a library of shellcode/tools for the POSIX exploitation stuff.
            I disagree. You'd be suprised how many stock metasploit payloads are flying around on the game network. You want to exacerbate this problem?
            Metasploit Windows Payloads: 107
            Metasploit FreeBSD Payloads: 18

            Second, most of Kenshoto's services are so brain-breaking that you have to develop really custom shellcode that you can't possibly plan for. So unless you think teams are coming in with a BSD reverse shell that doubles as ASCII Goatse AND doesn't have any whitespace characters...

            So, I'd argue that the OS has no effect on how well prepared a team can be with its shellcode. There's standard payloads for stuff that requires a standard payload and teams have no way to plan for the stuff that doesn't.

            -exp

            Comment


            • #21
              Re: Feedback

              Tomorrow the decision is made, so get your comments in.

              While the final decision is not a popularity contest based on what is said here, it does help us when considering them.
              PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

              Comment


              • #22
                Only three remain.

                Due to resource requirements, the changing economy, and personnel time pressures #4 has withdrawn their submission.

                Tomorrow one will survive!
                PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

                Comment


                • #23
                  Re: CTF submission #2 of 4

                  From application 2:

                  Originally posted by Dark Tangent View Post
                  APPLICATION:
                  We've participated in others such as ictf, and will likely compete in CodeGate's game in Korea this April.
                  Was wondering if this is one of the seven teams listed here: http://hacking.beist.org/ Was looking to see if this group does what it claims before casting my vote for them. If listed great (I don't need to know which one), if not listed, wondering why this elite hacker group didn't qualify? This seems to be US team since briefing DoD, but not US teams listed for codegate. Maybe they have special invitation?

                  -ZR

                  Comment


                  • #24
                    Re: CTF submission #2 of 4

                    Wouldn't answering that question deanonymize the team, zork?

                    Comment


                    • #25
                      Re: CTF submission #2 of 4

                      Originally posted by Kelson View Post
                      Wouldn't answering that question deanonymize the team, zork?
                      If the truth is to be told, I don't think number 2 proposal is all that anonymous, but I don't speculate openly. But if they fail qualify codegate, why we think they so elite?

                      -ZR

                      Comment


                      • #26
                        Re: CTF Submissions - There can be only one!

                        Interesting...

                        Comment


                        • #27
                          Re: CTF Submissions - There can be only one!

                          With the exception of Proposal 4, which seems incredibly complicated from a scoring perspective, I vote for whichever of the other 3 submissions are least likely to act like a bunch of douchebags.
                          "Raise a toast to ... I think he might have been our only decent ."

                          Comment


                          • #28
                            Re: Feedback

                            Originally posted by ForSwitch View Post
                            The OS isn't what's being attacked. None of the heavy features of FreeBSD that make it so secure were being exercised. Yes, a team could throw an 0-day and win a Windows based game, but those chances are around in every game, regardless of platform...nothing is secure. The fact is that custom services are the target, and as such, the difficulty of the game remains the same.
                            Couldn't agree more, but the nature of the platform has historically enabled the game to focus on those custom services rather than poking at the OS. It was my understanding (from offhand discussion with invisigoth this year) that the apps were running under jails, and that the jail hosts were VMs, fairly well separating the targets from their hosts. He certainly could have been blowing smoke up my ass, as he seems given to such jokes, but I didn't get the impression he was.

                            I have also been told (NOTE: second-hand anecdote) that kenshoto actually did do one Windows host one year and that it became so "hosed" they swore off of it for the remaining future. I have no evidence to back that up. However, if true and assuming they were competent in their administration, it doesn't bode well for a choice to ignore that decision.

                            I'm not arguing against Windows per se, but against anything that may take away from the quality and level the game has achieved in past years. Past challenges have mostly been designed to be so unholy and twisted as to make even the most hardened hacker take a "brown" moment before moving on. Anything that *might* detract from that standard should be considered extremely carefully. Widening the appeal is fine, but I don't see that somehow making things easier for "new" or "inexperienced" teams (as some people have trumpeted) can be accomplished without reducing the quality of the game. Time (and today's choice) will tell.

                            Comment


                            • #29
                              Re: CTF Submissions - There can be only one!

                              Alright, after much deliberation a team has been selected to run CtF!

                              It was a much more difficult decision for all involved because unlike last time, where Kenshoto was an obvious stand out in the groups that applied after Ghetto Hackers stepped down, this time the submissions were very well thought out and the call was very close.

                              Every team has a strong grasp on how CTF contests run, all are experienced, all are very technically advanced, and all take pride in wanting to advance the state of the art and uphold defcon as the premier hacking contest.

                              At first I worried that Kenshoto had set such a high bar that no one dared step to it because the potential to fail in front of all their friends. Not! I was very happy with the submissions, all were serious, and none were lame. Over complicated for a weekend of play, maybe, but still all very well thought out.

                              The judges considered many factors, including ease of understanding the rules, skill of those devising the challenges with an eye to how realistic their goals are for a first time running the contest, past experience, street cred, overall concept, how well the contest will adapt if there are partial network or equipment failures, and more. We listened to what people said here, and it was a mirror of our conversations as well.. we all seem to think pretty much alike.

                              So, the winner is... submission #1!

                              I will be at liberty to talk in greater detail about the process closer to the con, and I will be calling all the teams to thank them and answer any questions they may have on Friday.

                              Thank you everyone for all of your awesome support.
                              PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

                              Comment


                              • #30
                                Re: Feedback

                                Originally posted by AoZ View Post
                                I have also been told (NOTE: second-hand anecdote) that kenshoto actually did do one Windows host one year and that it became so "hosed" they swore off of it for the remaining future. I have no evidence to back that up. However, if true and assuming they were competent in their administration, it doesn't bode well for a choice to ignore that decision.
                                It was the Ghettohackers that did a windows system (their last year of doing it, in fact). It was no more/less bothersome than the Unix systems. It did expose how little windows administration knowledge was at CTF that year though.

                                Comment

                                Working...
                                X