DEF CON "Capture the Capture The Flag" Data 107
pablos writes "Each year DEF CON hosts the famed Capture The Flag contest. Hackers from all over the world duke it out on the network for 72 hours, hacking for the title. The Shmoo Group diligently logs every packet for posterity, we "Capture the Capture The Flag." Now is your chance to download by far the most interesting, 'sploit ridden, 5.8GB of intrusion collusion ever published. Free for the bandwidth endowed, this is the ultimate IDS testbed."
Making waves... (Score:3, Funny)
They cheated us. (Score:5, Interesting)
Re:They cheated us. (Score:5, Funny)
Except when that password is
notepad c:\flag.txt
ghi
Now, at the time I damn near killed someone over that...but I realized pretty quickly it was a damn slick hack. Ask, and ye shall receive. Even from me.
--Dan
Re:They cheated us. (Score:2)
Wait, wtf are you talking about?
Dan... (Score:2, Funny)
-Joey
Re:They cheated us. (Score:1)
Ghetto Hackers + Digial Revelation = 0wned CTF 2001
Re:They cheated us. (Score:2)
1:9 there is a keystroke logger in place.
Granted, you were asking for it by not having
Oh, wait. Was that a C: ? };->
Re:They cheated us. (Score:2)
"But...but...it's the client pool...you're not supposed to be attacking the client pool...whine whine...bitch bitch...goddamn fuckers that was a good hack...whine whine..."
I did some serious penance for bringing a WinXP beta laptop to hack against Ghettohackers. Lets just say *my* Caesar's Challenge involved swimming on the bathroom floor and puking off of balconies the night before my big talk.
Man, that night was fun.
--Dan
Re:They cheated us. (Score:2)
Q: How do you hack someone's desktop?
A: Ask someone to let you check your mail.
--Dan
Re:They cheated us. (Score:1)
Re:They cheated us. (Score:1)
Where do I download... (Score:2, Funny)
*ducks*
Site is slashdotted (almost), so here are mirrors. (Score:5, Informative)
Capture the Capture The Flag Mirrors
If you have a mirror up, please let me [mailto] know.
If you're using wget to pull the data, please use the following command:
 wget -r -nd --no-parent -R "=A","=D" http://site/path/
US - Wisconsin (100Mbit):
http://www.wi2600.org/mediawhore/mirrors/shmoo/cc
US - Colorado (100Mbit):
http://www.ucar.edu/temp/shmoo-defcon9-ctf/ [ucar.edu]
US - Pennsylvania (T1):
http://www.bitsend.com/defcon9-cctf [bitsend.com]
US - Alaska (DSL):
http://cctf1.shmoo.com [shmoo.com]
Please be sure to read the license [slashdot.org].
Re:Site is slashdotted (almost), so here are mirro (Score:2)
It feels damn good to take over a 1/10 of a major pipe
Re:Site is slashdotted (almost), so here are mirro (Score:1)
On a completely offtopic note, a swarmcast like system would work great with the P2P file sharing programs, would it?
Re:Site is slashdotted (almost), so here are mirro (Score:1, Offtopic)
But, for a free site that simply runs off banner ads and donations
Why does Slashdot never get Slashdotted?
Sorry just had to ask....
Re:Site is slashdotted (almost), so here are mirro (Score:1)
To steal from Yogi Berra, because "no one reads Slashdot anymore, it's too popular."
Besides, we're all too busy slashdotting the other sites to spend time here
Re:Site is slashdotted (almost), so here are mirro (Score:1)
Re:Site is slashdotted (almost), so here are mirro (Score:1)
Re:Site is slashdotted (almost), so here are mirro (Score:2)
Bandwith Endowed (Score:1)
You would need alot of and bandwidth and evan more time on your hand to evan start on.
Now , let my see
Well I hope they Capture the Slashdot Effect. (Score:3, Funny)
Re:Well I hope they Capture the Slashdot Effect. (Score:1)
The wise look at it as an opportunity to test traffic shaping on distributed web clusters.
Bandwidth Cost (Score:2, Interesting)
This won't exaclty be payed for by a banner ad.
Re:Bandwidth Cost (Score:4, Funny)
Did you read who these people are? I don't expect acquiring bandwidth is much of a problem, if you know what I mean.
Re:Bandwidth Cost (Score:1)
Re:Bandwidth Cost (Score:1)
who say's everyone pays by the GB ?
Social engineering is the way forward (Score:1, Offtopic)
But after I became involved in tech support for major financial institutions, I realised that although security there was reasonably good, you could almost always circumvent it via social engineering.
My favorite trick to get into the server room was to put on an old hard-hat and a fluorescent jacket. I would stand outside the door until someone came along, then I would simply ask them to let me in. Which about 70% of the time, they did. At which point, I would point out to them that I could have been anyone, usually got an embarassed apology.
I was using social engineering to raise the security awareness of staff, but it was a real eye-opener to me just how easy it was to control people.
Re:Social engineering is the way forward (Score:5, Funny)
Yes, my favorite way to get into the server room is to dress up as a member of the Village People, and then wait for some random person to agree to take me into the closet.
Re:Social engineering is the way forward (Score:1)
You mean lying, right?
Question ... (Score:1)
Re:Social engineering is the way forward (Score:1)
its not like you are gonna say "uh, i dont work here, but could you give me access to the server room" of course your gonna lie.
Re:Social engineering is the way forward (Score:2)
Mirror in the making (Score:3, Informative)
Its currently chugging away at about 250 kbps, so it should be done within a few hours. There is already 1+ gig of data up there for your browsing pleasure, and its chugging away at around 250kbps. Enjoy. If it breaks email me or something.
Traces collected using ?? (Score:1)
n-ctf sucked this year, I hear... (Score:2, Interesting)
From a friend whom was on one of the teams:
We set up some 'reflectors', using the MIRROR target of the Linux netfilter and almost got booted of the net by the judges for this unique solution.
Bleh.
a bit of hyperbole (Score:2)
I don't know about defcon 9 (2001), but I seem to recall them only being able to get part of the traffic at defcon 8 (2000).
[*] my emphasis, not theirs
Re:a bit of hyperbole (Score:1)
even better (Score:5, Insightful)
Re:even better (Score:2, Informative)
Here's some pics:
My speech on behalf of Digital Revelation [irev.net]
Ceazar's speech on behalf of GH [irev.net]
And damn it was alot of fun this year.
Is there any commentary on the 5.8GB (Score:1)
Greed is Good - 1980's
Lazy is Good - 2001
Article's title (Score:1)
<P><H3>This useless comment was generated by a Cockpitful of Suicidal Fanatics for you</H3>
CTF Rules (Score:5, Interesting)
We (the GhettoHackers, with the much appreciated help of Jennifer Grannick) managed to slowly, over the course of the competition, convince Miles to change the rules to a set more conductive to an actual hacking competition. When teams began merging due to the rule changes, we merged with Digital Revelation, to both group's benefit. We gained their server points, and they gained our capture points.
Besides winning CTF, the GhettoHackers / Digital Revelation team also had the highest average Blood Alcohol Level of any group (check out http://cow.pasture.com/~tcroc for more details). As announced at the awards ceremony, we, the GhettoHackers, have retired from CTF after DC9. To help foster more competiton, and for a different application of our expertise, the GhettoHackers will be helping to run CTF at DC10.
Input from a member of the winning team. (Score:1)
Defcon 9 was my first time with CTF and I must say, it's not exactly what I expected. My buddy Thalakan got recruited to Digital Revelation and he recruited me over there. 90% of the time, everyone hacked systems that were difficult to hack. All the servers on the server segment (x.x.x.250-254) had either chrooted systems, patched servers and for a day and a half, nothing happened. During that time, the most exciting thing was when Dan got social engineered (see above link). However, 2 hacks did happen. I think it was prophet on digital revelation who rooted a win2k box with the unicode exploit. Then, the most exciting hack was the obsd 2.9 local exploit. Someone from the grey team finally setup a server with local access (he gave out login/password) and the race was on to apply the exploit. By this time, we were already merged with ghetto and everyone watched in anticipation. Eugene, from the ghetto hackers worked ferverntly and a bunch of us watched in anticipation. Because of the race condtion, two teams simultaneously rooted the server at the same time and split the points.
Since there was physical access to the box (they were located right next to the operator), I heard that people yanked network cables when they were about to be rooted.
There were many interesting systems and different programs that ran on the network but without source, 2 days is simply not enough time to do anything substantial. I hope next year, Caesar and the Ghetto Hackers will run a better job of providing more interesting hacks. I'm hoping the judges will put up servers that arent locked down. Those roots will be for maybe 10 points. Roots in servers with no known vulnerability (with source provided) will give 100 points. Something like that would provide with more hacks than the 3-5 roots we had. Having each team provide servers that are locked down is plain stupid.
-Nouveaux