Announcement

Collapse
No announcement yet.

Finally.....

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Finally.....

    18 days, 19 hours, 1 minute, and 23 seconds.
    Finally cracked root and nb users.

  • #2
    Re: Finally.....

    Originally posted by PunkAB View Post
    18 days, 19 hours, 1 minute, and 23 seconds.
    Finally cracked root and nb users.
    Good gravy! Congrats, I think. If only the contest were three weeks longer you would totally have the NeXT, or something.
    "Raise a toast to ... I think he might have been our only decent ."

    Comment


    • #3
      Re: Finally.....

      Wow, to bad I wasted those good passwords on defcon.

      Kinda makes the point that three days with no prep makes for a tough contest...

      Comment


      • #4
        Re: Finally.....

        Originally posted by nbender View Post
        Wow, to bad I wasted those good passwords on defcon.

        Kinda makes the point that three days with no prep makes for a tough contest...
        Actually, I kind of liked the "no prep" element. I'm thinking that might be part of things next year. You get to bring a base OS and hardware, and get handed an app. Now go fix it. In an hour.

        Since so many people actually did builds and prep onsite anyway, might as well integrate it.

        Just a thought.

        I'm still working on integrating LED-adorned strippers and kegerators, though...
        "Raise a toast to ... I think he might have been our only decent ."

        Comment


        • #5
          Re: Finally.....

          I'll be freaking out for not noticing new posts here for weeks soon. :)

          I am amazed you actually stuck to your plan and continued cracking those hashes. At least now we all know that it would have been possible to 0wn the box.

          For the "here is your app - you got one hour"-part: That actually sound pretty cool. And it might make the whole thing more interesting. Just one more thought.
          How about there would be some sort of standard app that all contestants will have to run. Some app that will be as _vulnerable_ as possible featuring memory corruption on the heap as well as the stack, race conditions, logical weaknesses, setuid routines and WTF ever.
          Let's make it even harder: Everyone gets that app and all the weaknesses are known and documented. Hand out the sourcecode and tell people where the errors are. This way everyone can jump to exploitwriting right away. And there would be no further "default-security" either you are able to defend the box - no matter what - or you lose a box.

          Just a quick thought.
          "You have successfully out-nerded all of Full Disclosure. I commend your total commitment to being an awkward social outcast." Some guy on FD

          Comment


          • #6
            Re: Finally.....

            Originally posted by tatsumori View Post
            Just one more thought.
            How about there would be some sort of standard app that all contestants will have to run. Some app that will be as _vulnerable_ as possible featuring memory corruption on the heap as well as the stack, race conditions, logical weaknesses, setuid routines and WTF ever.

            Just a quick thought.
            Sorry I have been slow on the forum myself. Work is kicking my ass at the moment.

            That's more or less where I'm at -- a handful of apps to choose from, known vulns and each entry has to come up with good ways to defend them. There were quite a few suggestions along that line, and I have some ideas myself on what would make that kind of scenario defensible (and not).

            I promise to get an early start on this next year and have something worthy of a second year out. As I've said everyone had a lot of fun, and I think we found something that a lot of folks were excited about while still keeping it distinctly different from the other attack/defense related events.
            "Raise a toast to ... I think he might have been our only decent ."

            Comment

            Working...
            X