HITB CTF: Fallout Apocalypse by Nikolas Tay, team AIF
Hack In The Box (HITB): Fallout Apocalypse was a Capture The Flag (CTF) competition held in Kuala Lumpur from 10th October to 11th October. The competition went on for 32 hours straight and consisted of teams from all around the globe.
This was my second CTF experience after competing in the GovWare Cyber Conquest CTF the month before. Though it was my second CTF experience per se, it was still a completely new experience to me. This is mainly because this CTF would be held in an Attack-Defense format rather than the usual Jeopardy format (otherwise referred to as a "puzzle-based" format). Therefore, the concept of running daemons, exploiting / defending services, etc... was still foreign to me.
This competition was indeed on a whole new level compared to my past experiences. Before the actual competition even started, we were presented with a Virtual Machine (VM) which was secured with a password. They then told us that we had 30 minutes to set up our equipment, (somehow) get into the VM, and finally change the password. In my opinion, this first instruction given to us really set the tone of the competition. Unlike the earlier GovWare Competition where the login credentials were given to us off the bat, there was no spoon-feeding here. This is the real deal.
Initially, we started off by trying to log in using common login credentials. After a few minutes of failure, we realized that they had actually intended for us to log in through single user mode to change the root password. Hence, we went on that said approach and then successfully gained access to the machine.
Not long after changing the root password, the competition started. Our first move was to check the list of users on the system using the command "cat /etc/passwd". After which, we realized that there was an account dedicated to each daemon (called Reactor Cores (RC) in the context of this competition). Our first instinct was to change the passwords of the seven RC users to more secure ones before we started running them. We then proceeded to run the first daemon, RC1. This was where things started to go awry.
Though the daemon ran flawlessly, the scoreboard did not react to it. In response to this, we ran a "ping" to the scoreboard server and consequently realized we had lost connection to it. This left us rather puzzled and we tried various ways to troubleshoot the problem. After some time, we found that the LAN cable attached to our computer was faulty. We confirmed this with the organizers and had it changed. Little did we know that the cable was not the root of the problem, it was in fact only part of the problem. After a few more hours of troubleshooting, we were hit with more bad luck as there was a short circuit in the main power strip where we were seated. This was the last straw. Without a connection to the score server, we were doing nothing but losing points for the past 7 hours or so. At this juncture, we decided to re-strategize.
We requested for an entirely new VM from the organizer as we did not have a backup of the original VM. This would cost us further points and we could only get it after about 4 hours' time. We agreed to the terms and decided to return to our hotel to revitalize ourselves before coming back for the new VM.
When we came back, everything was finally up and running. According to the organizers, it turns out that it was a fault on their end as their firewall was somehow set to block connections from us. This is where the actual competition really started for us.
We then stayed on throughout the night, decompiling binaries and examining them for vulnerabilities. Though I was relatively familiar with x86 assembly, this was the first time I actually attempted to look for vulnerabilities in a program. My lack of experience in this area proved to be a huge drawback when trying to write exploits for the services.
At one point in the competition, one of the more professional and well-known teams, Sutegoma2 from Japan had all their RCs damaged by LOL (a team from Vietnam) who were playing very strategically by taking out their strongest competitor as soon as possible. As such, it was impossible for the former to gain any more points. Consequently, one of the members from Sutegoma2 approached our team and proposed to form an alliance. After some discussion, we decided to agree to the alliance. Teaming up with such an experienced team would be a potential learning experience for us.
This is where things finally started to go uphill. We seized the opportunity created by this alliance to aid Nandy Narwhals (the other SP team) rise up further in the rankings as they were already doing relatively well at around 4th-5th place. At this stage, it was somewhat of a three-way alliance.
In the end the alliance clearly paid off for everyone; it was literally a win-win-win situation. Sutegoma2 clinched the top spot, Nandy Narwhals managed to get a record breaking (for SP at least) position of 3rd and we also rose to 7th place. In addition, we also forged friendships with the Japanese team.
This competition was indeed an invaluable experience for me. Just from this trip alone, I not only benefitted in terms of technical aspects. I also took home some strategies and important things to note for future competitions, discovered various areas of improvements and most importantly, life lessons that would be very much applicable in my future endeavors.
HITB CTF 2012 Summary by Ku Wee Kiat, Nandy Narwhals
For some of us, its the second year taking part in HITBKUL CTF whilst for others its their very first.
For some of us, its the second year taking part in HITBKUL CTF whilst for others its their very first.
Those that have been to last year's HITB are now be familiar with the competition venue, the lodging venue as well as miscellaneous travel arrangements.
This is an advantage as we will be able to concentrate more on the competition than to worry about getting lost in a foreign land.
The other important gain in this year's HITB for us is the chance to talk with members from other teams.
Unlike last year where some of us stayed in the hotel during the 2nd day of the competition, this year all of us camped for the entire duration of competition which gave us plenty of opportunities to interact with other teams as well as to enjoy a exciting and often antagonistic competition atmosphere.
For example there were team LOL from Vietnam, sutegoma2 from Japan and 0xDC381015 from Singapore, and we were able to learn quite a bunch of stuff through talking with them. This could in a way point us in the right direction when we practice for future competitions.
No comments:
Post a Comment