Today has been a busy day, but with slight movement to the scores. The two busiest teams, McGrewchebags and Ring 0, have been at work re-evaluating and re-deploying their sniffing and counter-sniffing measures. Representatives of two other teams have been by to poke at the network and their own reserved computers, yet remain quiet on the scoreboard.
Three flags were submitted for scoring today. This includes one flag each by Ring 0 and the McGrewchebags, 30 minutes apart from each other. The remaining flag is more interesting for one reason: it was credited to Team 3, who had no members in the room at that time. I know the reason for this, along with many other CTF secrets that I cannot reveal until after the closing ceremony. For now, it is an exercise for the readers and other teams to figure it out.
Network traffic is picking up with “cover traffic”, designed to confuse other sniffing teams. If it begins to get out of hand, I will need to start unplugging network cables, but so far so good. The active teams are learning a lot about filtering through packet logs.
Soon, it seems, teams will be getting very serious about attacking target VMs and actually capturing flags for themselves
The scores as of 5:00PM:
- McGrewchebags – 13 Flags
- Ring 0 – 5 Flags
- Team 4 – 1 Flag (Time of last capture NULL, only flag is social eng. granted)
- Team 3 – 1 Flag (Time of last capture: 2:46PM, no members present!)
- Team 5 – 0 (Sleeper cell, or just asleep?)