Main » 2011 » Март » 16 » Ructfe 2009
12:32
Ructfe 2009

Abstract


November 7, 2009 in Russia were first conducted international student competition for the protection of information. In this article, look at what is a CTF, differs from RuCTFE RuCTF, what represented the RuCTFE 2009, what kind of team HakerDom and what do you do if you also want to take part in such competitions.

What is CTF?


CTF - it is also a team game in which participants can demonstrate their skills in computer security. Teams are evaluated on three categories: defense, attack, publication of reports about the found vulnerabilities. At some competitions are sometimes added to the category of tasks (they Tusky).

As a rule, all commands issued to the same image for a virtual machine installed in its services. All services are designed specifically for each competition, so until the beginning of the game can not be found in the public domain. The team's problem - to ensure stability and security of the server throughout the entire game time. To this end, held its audit, which includes finding and fixing vulnerabilities, but also by his administration. In addition to protecting your server, you must attack the servers of other teams, using the found vulnerabilities. Confirmation of a successful attack is to obtain private information (flag) from another server, which periodically checks the system locates the jury. A simple example of service can be a forum. Flag in it - a private message sent from one user to another forum.

An integral component of the CTF is the lack of uniform rules of competition. In every game, organizers are making something new. Practically you never know what will be the operating system on the game, what would be the services and on what programming languages ??they are written. Teams must be ready for anything that is able to quickly navigate the new situation.

CTF in Russia


This has already been written. Add statistics on the number of teams from Russia, took part in various international student competitions.

Schedule (CO)
#
Competitions
Year
1 iCTF 2006 2006
2 CIPHER 3 2007
3 iCTF 2007
4 CIPHER 4 2008
5 iCTF 2008
6 CIPHER 5 2009
7 RuCTFE 2009





At the moment, the competition held in Russia is not so much. This nation-wide
RuCTF (HakerDom, USU)
Regional and
UralCTF (HakerDom, USU),
UFOCTF (UFOlogists, TSURE).

I hope this list will soon fill up at least SiBears (TSU) and CIT (ITMO).

RuCTFE 2009


Unlike RuCTF, which take place in person and only for Russian teams of students, RuCTFE 2009 were international and online.

43 teams took part (iCTF 2009 - 1938, CIPHER 5 - 33) from 11 countries: Russia, Germany, USA, Austria, Italy, France, Argentina, Norway, Croatia, India and Vietnam. Probably at the moment it was the largest student CTF-competition.

Terms and network diagram competitions were quite common for the CTF.



The competitions were held for 10 hours. The main surprise for the teams operating system was chosen for the game. You'll find most different distributions Linux, BSD. At this time you boot the virtual machine team first see debian and slightly relieved, but then run X, which is quite unusual, but they run the emulator android 1.6. All projects were written for him.

Services

They were five. All the details you can read the documentation on them, but this spoiler for those who want to first try to test their strength and find their own vulnerability in the image (GPG key: djlrfgbdjbdbyjplhfdcndeqvfvfdjnbz), which received the command. Let me give a brief summary of services from the developers themselves.

CryptoPizza
Service to receive orders for telephone pizza delivery worker. Written in Java for platform Google Android v1.6. Implements invented kriptoprotokol using AES symmetric and asymmetric RSA encryption for secure delivery of orders on the phone to open channels of communication. Orders for the device are stored in a database SQLite.

F
ftp server with antivirus functionality. Is written in python using Android scripting Environment. ftp implemented by lr parsers constructed by the COP-grammar describing the language of commands sent by the client. Reactions to the commands implemented in the functions caused by convolution of the product concerned. Anti-virus component could produce a signature analysis of downloaded files and check them with the help of "emulation", admitted update signature database.

Jabber
Service implements the idea of ??Jabber-bot on the phone. This simple bot provides functions similar to the free newsletter. Written in Perl under the platform Google Android v1.6 with Android scripting Environment.

Simple
A simple service that implements the functionality of the installation / testing / listing set flags. It uses a simple kriptoprotokol based on two cryptographic algorithm based on Feistel networks with fixed keys to encrypt requests and responses. Performed for Linux EABI enabled tcp sockets and POSIX threads.

Stalker
Service multiplayer online games. Implemented as a dedicated server and clients to connect. As the flags are used valuable objects of the game - the artifacts that are sold to vendors. Technically, the server and client are implemented as Perl-scripts for Linux. In addition to the phone to the Java platform for Google Android v1.6 implemented a map showing the status of the player: visible objects, the location of the dealer, other players, anomalies, monsters and artifacts. Significant vulnerabilities in the service there, and teams have to deal with the principle of client work and write a user-friendly interface to control your character may automate some of the artificial intelligence.

Tusky

In addition to the team offers services to assess their strength in analyzing the black box, looking at Gopher `e, algorithms and Haskell` e, steganography, knowledge of the classics of world fiction, and ... Russian dances.


Results RuCTFE 2009


The game is set not at once. Most teams had problems as a whole with the configuration of the emulator android `a and c of his unstable job, which often are the result of malicious actions by other teams. Nevertheless, since the mid-game turned serious struggle in the top 15 lines skorborda.

As a result, top5 skorborda was as follows:
  1. squareroots (University of Mannheim, Germany)
  2. 0ldEur0pe (RWTH Aachen, Germany)
  3. SiBears (TSU, Russia)
  4. Siths (Urals State University, Russia)
  5. h4ck! nb3rg (Upper Austria University of Applied Sciences, Austria)


HakerDom, who are they?


This is a team, and recently the club from USU. Since they began Russia's participation in international CTF.
They spent the first in Russia:
  • Regional UralCTF in 2006 (when the initiative supported by teams from the South Ural State University and CSU)
  • RuCTF nation-wide in 2008
  • International RuCTFE in 2009

Team HakerDom repeatedly became the winner of international competitions, and in 2008 won the CIPHER 4.

From HakerDoma preparation and conduct of RuCTFE 2009 dealt with the development team of 10 people with strong technical support provider UralVES and groups of companies Clustertech.

Do you want to participate in the CTF?


If you are interested in student CTF - pick a team and register to the next UCSB iCTF, and then in 2010 RuCTF quals!
And if you want to measure swords with the professional teams, then good luck to the DEF CON;)
Views: 564 | Added by: w1zard | Rating: 0.0/0
Total comments: 0
Имя *:
Email *:
Код *: