Announcement

**TheCotMan** · January 21, 2005, 16:08

Originally posted by Vyrus

lol guess ill try again since my previous message went un answered :P

He is a very busy guy. Several years ago, a buddy and me had an idea for a presentation which used the hacker mentality to solve interresting problems that had nothing to do with computers. It would have been filled with entertainment, information and comedy....
However, a by-product of the presentation could have lead to a number of con attendees running around the con with homemade weapons hurting each other.

After about 3 weeks without a response, my buddy asked again about this and got a reply. DT wondered about the very problem stated above and the presentation never went anywhere.

Be patient. After about 1 to 3 weeks, if you get no reply, reply to your own message (so threading will work) and provide a reminder. If still no response wait much longer before sending another reminder. If after 3 reminders are sent or 3 months (whichever comes first) and you do not have a reply, assume a "pocket veto."

Lack of reply does not mean he does not care, it just means he is busy. :-)

Good luck.

**spongie** · January 26, 2005, 16:43

It is an honor to see that people would like to see our games at defcon. Linsys and I have thought about talking with dt about taking our network to con but haven't yet per we don't know if we are gonna be able to make it this year. We would like to stay in the loop of the progress of this and if this is still on the table for an option at this years con. At this time Intrusionsec has moved to a different location and are still working on getting it back up. We have to rebuild the monitor box and reload the os's. Please keep visiting to see the progress we have made.

**bascule** · January 26, 2005, 21:00

Originally posted by Vyrus

so is that a yes ?

As long as those securing the system only get points so long as they can keep a particular service which is periodically polled up and running. Otherwise you could win by disabling all services and firewalling all network traffic except one incoming port (for say, a copy of ssh you built yourself), or even remotely reinstalling the entire operating system.

**TheCotMan** · January 26, 2005, 21:18

Originally posted by bascule

As long as those securing the system only get points so long as they can keep a particular service which is periodically polled up and running. Otherwise you could win by disabling all services and firewalling all network traffic except one incoming port (for say, a copy of ssh you built yourself), or even remotely reinstalling the entire operating system.

Or trivial services such as "echo" and "chargen" :-D

**Vyrus** · January 27, 2005, 00:09

Originally posted by spongie

It is an honor to see that people would like to see our games at defcon. Linsys and I have thought about talking with dt about taking our network to con but haven't yet per we don't know if we are gonna be able to make it this year. We would like to stay in the loop of the progress of this and if this is still on the table for an option at this years con. At this time Intrusionsec has moved to a different location and are still working on getting it back up. We have to rebuild the monitor box and reload the os's. Please keep visiting to see the progress we have made.
Reply With Quote

WOW :P, it is nice to see that

1) our group is not the only one promoting this event and

2) we have the intrest of the group we are trying to emulate :P

I would love to post more info on the setup's final prosses as defcon growes closer, however i have no info to give you :P. On a positive note though... i HAVE recived a response email from DT only he thought i was asking about THE CTF, to wich my response was "dude we arn't THAT l33t :P". So when he and i get on the same page and i get "Offical" permition to set up as an event then ill post the latest .

till then, check this thread :P

**Bounty** · March 30, 2005, 22:36

Your contest sounds kewl

I'm not sure how you're planning on keeping track of 'rooters' but it would be fun if securing it wasn't part of (or maybe after a certain point?) the game. That way the game is open to us lesser peons longer. Especially if over wireless, so we can sit by the pool and play. Perhaps you get points for each server or service owned. Reward variety of knowledge, instead of being the first to root it, then patch it. Also a wide variety of servers / services would show who knows more than one trick. This would require more boxes setup on the target network, but if many could access this game, I'm sure you could get some donated hardware... I would.

-Bounty

(also, any other boxes other than win/mac/*nix such as Cisco devices, printers etc. would be fun to play on.)

**Vyrus** · March 31, 2005, 07:24

Originally posted by Bounty

I'm not sure how you're planning on keeping track of 'rooters' but it would be fun if securing it wasn't part of (or maybe after a certain point?) the game. That way the game is open to us lesser peons longer. Especially if over wireless, so we can sit by the pool and play. Perhaps you get points for each server or service owned. Reward variety of knowledge, instead of being the first to root it, then patch it. Also a wide variety of servers / services would show who knows more than one trick.

yea, people will score points by the amount of time they are able to hold a service (ftp, ssh, etc...) so you will get points per service per hour of time

Originally posted by Bounty

This would require more boxes setup on the target network, but if many could access this game, I'm sure you could get some donated hardware... I would.

-Bounty

(also, any other boxes other than win/mac/*nix such as Cisco devices, printers etc. would be fun to play on.)

lol well we are only brinning a box to be 0wn3d and the score keeper but more attack boxes was the original plan... email me if you have some to donate so that i can program scorekeeper to handel them and get on the network :P

**bascule** · March 31, 2005, 14:33

Originally posted by Bounty

I'm not sure how you're planning on keeping track of 'rooters'

A service running on a low numbered port would be the easiest solution. Have a scorekeeper system periodically poll this service to see who is in control of it.

but it would be fun if securing it wasn't part of (or maybe after a certain point?) the game.

It inherently has to be... whoever gets control of it needs to keep control for the longest.

But, of course, the system should have as many holes as possible in its default configuration.

**Gadsden** · April 8, 2005, 10:41

One option would be to have either a few boxes with default installs of different OSes or a decent box running VMware (probably better, so you can go back to pre-0wned state). You could also set up a box that does nothing but sniff traffic and output it to a screen for all to see. You may want to talk to some of the folks doing "Hack or Halo" at Shmoocon.. they did a very nice job.

**Bounty** · April 20, 2005, 14:25

I'm guessing we would also want this advertised pretty well. In the booklet and on the website etc. In the past when I've put up servers (very open systems) over wireless networks with SSID's like HACKME, nobody does. Hell, hardly anyone even associates to the AP, even with decent coverage. I'd really like to see this happen, but it's pointless to set all this up, not to have anyone do it.

-Bounty

**Salem** · April 20, 2005, 15:02

Originally posted by Bounty

I'm guessing we would also want this advertised pretty well. In the booklet and on the website etc. In the past when I've put up servers (very open systems) over wireless networks with SSID's like HACKME, nobody does. Hell, hardly anyone even associates to the AP, even with decent coverage. I'd really like to see this happen, but it's pointless to set all this up, not to have anyone do it.

-Bounty

Perhaps it would work better if you set the SSID to something along the lines of "plz d0nt h4x0r me lolz" or "j00 k4nt hax0r th1s"

Fucktards tend to get hit more than willing recipients, I've noticed

But, If you wanted it to be organized you would have to voice it, and do so loudly. If it was a somewhat structured ordeal, I'm positive that there are many who are new to hacking that would like to try it. Perhaps have some sort of spiffy award.

If it gets on its feet, this will acctually be a cool event. Give the new guys something more to do than drink and shoulder sufing the real Root-Fu/CTF guys.

**renderman** · April 20, 2005, 19:25

Originally posted by che

One option would be to have either a few boxes with default installs of different OSes or a decent box running VMware (probably better, so you can go back to pre-0wned state). You could also set up a box that does nothing but sniff traffic and output it to a screen for all to see. You may want to talk to some of the folks doing "Hack or Halo" at Shmoocon.. they did a very nice job.

The hack or halo contest was very well thought out. Multiple vlans to images running under VMware. Everyone got different images each round keeping it from getting stale.

One thing though, to keep things fair, having everyone use auditor bootable CD's and making sure all the tools are there to do that hack would even the playing field.

Just my opinion

**Bounty** · April 25, 2005, 23:07

Yeah, vmware with different images might make for some interesting options. Maybe set it up so that a different OS, or set of apps/holes gets loaded every few hours. That way it keeps things fresh, if some good admin has rooted and patched a machine well, it will allow new attempts to hack it.

I see the regular CTF playing out like a RTS. (Things build up for a while, strategies are executed, alliances are made, fortifications are built.) I think the ameture version would be kewl if it was more like a FPS, with servers/targets re-spawning every so often. Drive by hacking, a few campers, not quite as many rules etc. Otherwise they should just expand the normal CTF

If participants are smart enough to bring Auditor (and leave their HDD's at home), then good for them! Auditor is very nice. I don't think it should be restricted to only Auditor though. I know there are die hards out there who want to do it their way.

I know setting this up will be alot of work though, with the scoring system etc. If there is something we can do to help Vyrus, let us know.

**Vyrus** · April 26, 2005, 01:55

Well because of resources and time (or rather lack there of), there will be only one victem box and one score keeper (but no worries we can always expand next year :P)

Originally posted by Bounty

I know setting this up will be alot of work though, with the scoring system etc. If there is something we can do to help Vyrus, let us know.

well so far we are up an running for the most part... the score keeper is up and the victem is installed, only problem is because of the way score keeper runs, we needed server apps that dont require a login to display dynamic information (the info line on a ftp screen) and we could only come up with 2 of those

ftp
http

im working on samba (smbclient -L) and probobly telnet but other than that if you can come up with any other services that can be used and send me the name of the daemon app as well as an example of a session with a host of that type, it would be greatly apreciated...

ps... i know spelling :P

**Bounty** · April 28, 2005, 18:25

You might setup a fairly secure ftp/web setup. That may force users to root other services that may require login/pass and then escalate their privlages until they can modify the ftp/web site.

Announcement

Amature CTF

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment