Monday, August 29, 2011
Binjitsu III, game scoring
By the way, at the beginning of the CTF, we were given the following sheets explaining the CTF and game scoring:
Friday, August 12, 2011
Defcon 19 CTF - Sheepster
sheepster: ELF 32-bit LSB executable, Intel 80386, version 1 (FreeBSD), dynamically linked (uses shared libs), for FreeBSD 8.2, stripped
This service classically listens on port 5775 and drops to privileges of user "sheepster". For every connection, a child is forked and handler function is called.
Thursday, August 11, 2011
Defcon 19 CTF - Castle
castle: ELF 32-bit LSB executable, Intel 80386, version 1 (FreeBSD), dynamically linked (uses shared libs), for FreeBSD 8.2, stripped
This service listens in IPv6 on port 7629. When connecting, the service drops its privileges and forks to call the function at offset 0x08049340. This function begins reading a buffer sent to the socket, ending by "EOF\n". The read buffer is then written in a temporary file, created by a call to the mkstemp() function with the "/tmp/castleXXXXXXXX" template. Finally, castle redirects stdin, stdout and stderr to the socket, using the dup2() function and the "/usr/local/bin/sandy" binary is called with "-o <our ipv6> -d -s " and the temporary file as parameters.
Defcon 19 CTF - Bunny
bunny: ELF 32-bit LSB executable, Intel 80386, version 1 (FreeBSD), dynamically linked (uses shared libs), for FreeBSD 8.2, stripped
This service classically listens on port 15323 and drops to privileges of user "bunny". For every connection, a child is forked and handler function is called.
Wednesday, August 10, 2011
Defcon 19 CTF - CTF Inside
ddtek ran their third contest since they took over the CTF's organization: "Binjitsu III" (or as the scoreboard had it "binjutsu" ;)
This edition was located for the first time at the Rio and ddtek teased us with an authentication passphrase related to the casino switch.
Organizing such an event represents a heavy workload as there are in fact two separate contests to run: the quals - online - and the CTF itself - in Vegas. Although not perfect in all aspects, ddtek is doing quite a good job at making this happen. Thanks to them.
This edition was located for the first time at the Rio and ddtek teased us with an authentication passphrase related to the casino switch.
Organizing such an event represents a heavy workload as there are in fact two separate contests to run: the quals - online - and the CTF itself - in Vegas. Although not perfect in all aspects, ddtek is doing quite a good job at making this happen. Thanks to them.
Subscribe to:
Posts (Atom)