I arrived to an empty lab this morning, just before 8AM, and the target VMs were running very sluggish. Rather than spending a lot of time diagnosing the exact problem, I felt it would be quicker to just shut the VMs down, restart VMWare, and bring them back up to see if they would spring back to life. They did. I got the (happy) feeling that these targets had been well abused during the night, and I believe I was right.
The students of team Ring 0 have made their presence known on the scoreboard, now in a distant second place with 4 flags. Don’t let the word “distant” fool you, though. They were in here and working on it for a good while last night, indicated by their time of last flag submission: 12:42 AM. The flags they submitted last night were likely just the ones they didn’t mind the other teams’ sniffers catching. I am certain they have more.
A flag was awarded last night to Ring 0 for a social engineering attempt that I interfered with. The team registered a gmail account in my name, and planned on posting a letter on the door of the lab, from “me”, informing the other teams that the lab was closed temporarily, due to damage caused by the “disqualified” Ring 0. They were not sure if the letter would violate the spirit of the CTF rules against interfering too much with other teams, so they consulted with me before putting the sign up. I thought it was a cool idea, but I didn’t want to cut into other teams’ time in the lab, so I thanked them for the attempt, told them to not put up the sign, but awarded them a flag for their efforts.
I look forward to today’s activity.
The scoreboard, as it stands this morning:
- McGrewchebags – 12 flags
- Ring 0 – 4 flags
- Team 4 – 1 flag
- Team 3 – 0
- Team 5 – 0
Very tricky Ring 0. This illustrates that social engineering will become a bigger and bigger part of these contests in the future. Can I have the password to the McGrew gmail account, might come in handy some day *kidding*.