Yesterday, with only hours to go, COPE and the Hash Puppies came to an agreement:  The Hash Puppies gave COPE all of the flags that they had captured that COPE already didn’t have, bringing COPE into a solid first place.  In return, COPE gave the Hash Puppies enough assistance to secure second place.  At first, I was skeptical that COPE would give the Hash Puppies good value for their trade, but it looks like it turned out well for both teams, to the dismay of SwaffleU, who held the lead prior to the deal.

The final scores are as follows:

1. COPE – 30
2. Hash Puppies – 27 (with a last submission time minutes prior to SwaffleU’s)
3. SwaffleU – 27
4. Wesley’s Unkempt Beard – 18
5. BitBangers – 11
6. Team 4 – 9

The game really came down to the wire, with the tie for second broken by time-of-last-submission.  This was probably the most competitive semester of CTF yet.

I had a blast running the game, and I hope that all of the participants had a good time too.  If you participated this semester, please email in any scripts/tools/notes that you wrote during the process of the game, so that we can review them in our post-mortem.  I already have copies of many of them, but I’d like to make sure that I have the final versions you had at the end of the game.

I left early last night to have dinner and watch the new Harry Potter movie, so I neglected to post an update yesterday evening.  I normally make 8AM posts, but this is a Saturday, so you’ll just have to make do with an 11AM update.

COPE have taken the lead with 18 flags, and this represents the first time since the beginning of the game that the Hash Puppies have lost the lead.  I offered them the opportunity to post a flag before this update in order to take the lead back, but they declined.  The Hash Puppies seem to be quite happy in second place.

The best computer that I have seen in the competition so far is this 486, 66 MHz beast that a member of COPE set up:

It’s

• missing a panel or two
• has no branding whatsoever (the sticker on the bottom helpfully suggests that it’s a “Notebook Computer”)
• has a broken keyboard (you can see the edge of the keyboard that’s plugged in on the left)
• reports itself in some ancient version of Linux as having about 18 and a half megs of RAM (what?)

The current scores are:

1. COPE – 18 (Last submission 8 hours and 22 minutes ahead of the Hash Puppies)
2. Hash Puppies – 18
3. SwaffleU – 10
4. team4 – 8
5. BitBangers – 7
6. Wesley’s Unkempt Beard (previously known as Team 2) – 2

Flag: 4cbd40766a

Today has seen a lot of activity from SwaffleU, the Hash Puppies, and COPE (previously known as Team 5), though not a lot of movement in the points.  It remains to be seen how many of those 13 points the Hash Puppies put on the board were sniffed off the wire by other teams that are waiting for a safer opportunity to submit.  The scores, as of 5PM:

1. Hash Puppies – 13
2. COPE (formerly Team 5) – 6
3. Team 4 – 3  (last submission time 1’27″ before SwaffleU)
4. SwaffleU – 3
5. BitBangers – 2
6. Team 2 – 1

On the scoring server, I can see the table of submissions, and can verify that most of the flags submitted represent the “low hanging fruit” of the game.  It’s definitely the right thing to do, to go after these first, since the points are equal for all flags regardless of difficulty.  Hopefully soon though, we’ll see the teams get around to some of the more challenging flags.

Next update will be around 8AM tomorrow morning, or later tonight if something interesting happens.

Today, right after the Information and Computer Security class, teams of students began hacking on the capstone exercise for the class: Capture the Flag.  As in past semesters, the students are let loose on an isolated network, and are to scan for vulnerable machines, exploit them, and collect flags that are scattered around the network in the form of 10-digit hexadecimal strings.  These flag strings are then submitted to a scoring server, which also must be located by the students, in order to bump their score.

For the past few semesters, I’ve posted updates throughout the game to this blog, and I’ll try to keep you updated with commentary this time as well.  The game just started about an hour ago, and the scores are currently:

1. Hash Puppies – 4
2. SwaffleU – 1
3. BitBangers – 0
4. team2 – 0
5. team4 – 0
6. team5 – 0

The Hash Puppies took some initiative to submit a handful of flags quickly, trying to get them in before the other teams had set up sniffing programs to intercept.

The game will run until Monday at the beginning of class (3:30 PM Central).  The plan is to have a morning update on the blog and an update in the afternoon/evening of each day, though this schedule may vary a bit over the weekend.

Best of luck to all the teams.  Here’s a free flag for following along on here: 9c09c9cc1d

Everyone still has the itus from the food and festivities yesterday, so things are moving a little bit slow in the lab today.  There was only one pen-tester-in-training in there when I just checked, but it was obvious that others had been through, judging from the food wrappers in the garbage.  This is how hackers in the deep south roll on Sundays: It’s a day of rest, but you still have to scratch that itch to hack.

The lone participant was a member of Team Sniffer, and assured me that they have every expectation and plan to catch up with Team Firewall.  There’s a lot of prime late-night hacking time between now and the end of CTF on Tuesday morning, so I don’t think it’s a bluff on Sniffer’s part.

The scores, as of 2:00PM on Sunday:

1. Team Firewall – 27
2. Team Sniffer – 11
3. Team Wireshark – 3
4. Team Burp Suite – 1
5. Team Nmap – 0
6. Team Tracker – 0

For a moment, I thought I needed to get Fyodor to give Team Nmap a call to get them into action (would they know who he is? ), but I did notice that Team Nmap has reserved a computer for running processes persistently.  Maybe they’re sitting on their flags for the moment.