I let the law enforcement class go on break briefly this morning so that I could be there to witness the end of this semester’s Capture The Flag competition. In the tradition I began last year, playing “Eye of the Tiger” during the last moments of the competition, Chris loaded up “The Final Countdown”. This is a tradition we enjoy, but it drives most of the participants crazy.
The final scores reflect all of the flags captured by the teams. Everyone managed to submit theirs on time, just before the 9:30 deadline. Here are the scores:
- Team Firewall – 30
- Team Sniffer – 23
- Team Wireshark – 20
- Team Burp Suite – 15
- Team Nmap – 9
- Team Tracker – 8
Automated sniffing and resubmission of flags was performed successfully by many teams this semester, and it made for an interesting dynamic in the post-game discussion and wrap-up. Team Sniffer disclosed that 8 of their flags were captured off the wire and resubmitted. Other teams also had success with stealing others’ flags in the same way. This also had an unforeseen circumstance: often a team would sniff and submit a flag without knowing where it came from in the game. Those teams would then spend time actually breaking into a system to capture a flag, only to find out it was one they already had submitted.
Congratulations to Team Firewall for an outstanding CTF performance, and I am looking forward to examining some of the tools and scripts the teams wrote for this competition.
We sure enjoyed it.
I have enjoyed following you blog and would love to read a summary of the actual activities or a play by play similar to what you did last year. Also are you planing to post an analyse of the scripts and the tools?
Thanks
I wasn’t involved as closely this time with CTF since I now have a full time job teaching and developing coursework for our Forensics Training Center. So, I don’t have a very detailed play by play this time. I do have tools from a couple of the teams, though, and once I do my own analysis of them, I’ll ask their permission to publish the code and analysis here.
Cool looking forward to reading it.
I invite you to come and flag down my latest video.
http://www.youtube.com/user/JimmyJacks00#p/a/u/0/dVt_WfeEnXA
Done
What would be wonderful fun is a multiplayer sandbox environment to play a game like this online… Other than the simple idea of having a dozen or so machines all virtualized and the players being given VPN access to that network.