It’s time for me to leave the lab for the evening, but Capture the Flag and the participating teams march on.

After a briefing on the rules of CTF to the students from 9:00 to 9:45 this morning, this semester’s marathon Capture the Flag began.  The five teams have until 9:00 Monday morning to rack up their score.  There is plenty of time to go, although some teams are getting an early start.

The McGrewchebags (I love their name) have had an excellent start.  Members have been in the lab working on it ever since the end of the initial briefing, and have found most of the publicly available flags along with a handful of flags on the isolated CTF network.  They are also the very first team to break the scoring server in such a way that they could end the game right then and there.  The game was quickly repaired and the McGrewchebags were rewarded 2 points on the spot.

The teams that have been on the network have quickly realized that having an entirely hubbed network (one large broadcast domain) and the lack of a secure way to submit flags for scoring presents an interesting set of opportunities and challenges.  Passive monitoring is allowed, and each team is laying claim to one computer in the lab from which to run scripts and sniffers.  Espionage and communications security are top concerns for some of the teams, with counter-measures and counter-counter-measures being discussed in hushed tones.

The only team to submit flags to the scoring server, the McGrewchebags, are in the lead, although it is not known how many flags other teams are “sitting on” at the moment.  It’s a battle of nerves, as ties are broken by the earliest time of last submission.

The un-named Team 4 was just (50 minutes ago) awarded with one flag for a nice social engineering attempt.  This team sent me an email, spoofed to appear as though it was from the professor of the class, informing me that Team 4 deserved points because “they got me earlier” (meta-social-engineering!).  The email wasn’t perfect.  The headers didn’t match Dr. Vaughn’s usual emails, and they accidentally double-spaced his signature, but it was a pretty good attempt and earned them a flag.

Ring 0 just chose their name, and appear to be in a sort of set-up stage.  They may be a little slower to jump in than the McGrewchebags, but I get the impression that they are very serious about winning.

Scores as of Wednesday 5:00PM:

  1. McGrewchebags : 12 points
  2. Team 4 : 1 point
  3. Ring 0 : 0 points
  4. Team 3 : 0 points
  5. Team 5 : 0 points

If everything stays up and running, and I don’t get any emergency calls, I will be back on the CTF network in the morning, and will keep my readers up to date with scores and commentary.

  3 Responses to “CTF Update: Wednesday 5:00 PM”

  1. It is great to see the blow by blow on twitter, kind of makes you feel like you are involved, best of luck to all the teams. The name Ring 0 brings back some memories ( we reversed the malware of that name at a BOF with beer) back when they let us do that sort of thing. Is the scoring bot the Whitewolf one, or did you hack one together.

 Leave a Reply



You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

© 2012 McGrew Security Suffusion theme by Sayontan Sinha