Capture the Flag

I was going to enter my system, but I was just too uncomfortable with there not being a check-in. I lost a power cable at DC8; didn't want to have anything else walk away.

I also would like to see the rules put out and clairified a lot earlier. I didn't know where I would fit into CTF this year until the last minute, and that just didn't give me enough time to get ready.

But the key thing is to get some real competition going on. Sure, I can say my Red Hat 6.1 system survived DC8.. Yay me!... But so did a default install of 6.0 (I think it was Ghent's, IIRC).

Some of the ideas I was hearing about, like the giant war board that Ghent was working on, sounded like they'd make CTF a fun experience. I think a lot of the problem was just that the con kinda snuck up on a lot of people, and so nothing was really ready.

BVT 2600 CTF

The local 2600 crew and I are working on setting up a regular CTF games so if anyone has rules/protocals they want to try/discuss let me know. The current Defcon rules are kinda ackward for us so we are thinking about setting up a simple team on team with No Man Lan(d) machine. Still working on it though

What 2600 local do you attend?

BVT 2600

Burlington, Vermont.

New rules ideas

My team last year, the Green Team, was elite. But the CTF rules sucked and continually changed durring the competition. I have come up with a MUCH better set of rules that seems fair and is more like a real game of capture the flag. Let me know what you think:





Each team sets up their servers, and somehow list the services they provide. Each server then gets a rating based on how risky it is. So a server providing open shell accounts on a redhat 6.0 box, default install, may get a rating of 1000, while a OpenBSD box running Apache and SSH only with no user access may get 10 points.





Once registered the team starts building points. Each hour that a box remains up and functional the server will earn it's points. So after 2 hours on continuous operation the 2 servers above would earn 2000 points and 20 points, respectively.





Then, if an elite hacker from another team hacks the redhat box, that team steals all the points the server aquired durring it's uptime.

The hacker must aquire root, and prove it by marking the root directory with a team message.



At the end of the competition, each team adds up the points from their remaining *unhacked* servers, plus the points they got from hacking other team's servers. The team with the most points at the end wins.





These rules seem fair, and promote risky servers. Also, teams will get more points for difficult hacks. This happens because if a box stays up for 2 straight days without being hacked, the person that eventually hacked it must be very elite.

Re: New rules ideas

Sounds like the idea is to scan for two days, and attack a couple hours before the final bell... be a pretty boring couple days.

The system I put up at DefCon 8 had everything listed on its web page... Every RPM (it was RH 6.0), every tarball, every config change, including diffs at various points of installation. I think only two or three people actually bothered viewing the web page. They were all too busy running nmap, nessus, and ISS.

I planned to give out chrooted shell accounts, but didn't get access to the system during the con to respond to any requests. There was one open, though... I hadn't advertised it, though I gave out the login/password as being an ftp account. Nobody found the shell (mp3/mp3, btw... tough, eh?). One guy from GH planted a perl script in /tmp, but they couldn't execute it. ;)

Actually, didn't look like it would have done anything, anyway. I figure it was just a test... But I may be giving him too much credit.

Three days, tons of scans, and only one person showed the slighest glimmer of intelligence.

Re: Re: New rules ideas





Why would people only scan for 2 days? First, there would be little reason to scan, since it would be beneficial for the servers to advertise every open port on their box. It would also be dumb to sit and wait before rooting a box, that would give opportunity for enemy teams to exploit the box before you do. Once its owned, you can't say 'hey I was just about to own it too!'