Wednesday, December 12, 2012

Cyberlympics 2012 finals summary

OK. So this is gonna be my last post about Cyberlympics 2012. I am already a little fed up with the thing, but I've promised to make a real summary of the finals, so here it goes:

The finals was on the 29th of October. Before the competition, the team gathered in my hotel room and we made the tools we didn't had time to finish back at home, and forged our tactics for the finals. The development lasted until dawn. Literary. We had a teammate who didn't sleep, and I think I only slept one and a half hour. Stakes were high; on the last continental qualifier round we only achieved second place, and only one of the second place teams could make it to the real finals, so we had to win the preliminary round, since we did not travel halfway around the world to play only 3 hours.

On Monday morning, we arrived first to the scene. Our veins had more coffee, energy drinks and adrenaline in them than red blood cells. We shook hands with the organizers while the rest of the team arrived, then we gathered around our table and we were waiting for something to happen. A few minutes before the start, one of the organizers explained the rules of the game, but we knew most of the stuff already, cause we were reading through the rules given for us over and over again.

When they told us, that we can begin, we plugged our UTP cables into the ports almost simultaneously. In the preliminary round, each team got 5 servers with credentials to them. All of them were outdated OS, like Windows 2000, Windows XP and old Linux systems. Our blue team logged in to our machines (using RDP for the Windows boxes, which was not always successful unfortunately), and our red team launched the tools we developed the night before. After about 30 minutes, our team was leading superciliously, most of the machines had our flag (our team's unique string in file named flag.txt) and our evil tricks (evil, not illegal!) sometimes caused real headaches for our opponents (muhaha). This was the moment when we calmed down a little and when the organizers announced that they are going to throw in a few forensics challenges too. It was obvious, that we made our teammate Z to solve the challenges, who is currently leading the Hungarian leader board on WeChall and who single-handedly gained more points than the last team in total by the end of the game. After three hours, we won the preliminary round, so we could participate on the six-hours finals.

We barely had half an hour to gather our experiences, talk about what should be changed, and then make the modifications before the finals. We arrived a little more relaxed to the finals, which was different in a way that we did not had users to the machines, so first we had to gain access, then flag and then defend it from other teams (oh, and there were no forensics challenges). The other difference was the nature of the targets. While in the preliminary round we could own almost every machine with quick exploit, in the finals, most of the time it required more fiddling to gain full access. There were also machines that no one could compromise during the whole competition (we still do not know whether there was something in those machines, or whether they were only decoys).

At the beginning, there were only 10 targets, and as time went by, 5-10 new machines appeared each time until there were 30-35 targets. The HACK.ERS team took the lead almost from the start, so the real fight was for the second and third place. During the six hours, most of the time we were at the second or third place, once, we were only fifth and half an hour before the end of the competition they covered the scoreboard, so we only found out that we managed to get the third place when they announced the results.

We were very pleased with our final rank, but in the mean time we were also extremely tired, so the real celebration took place just a few hours later. In overall, we had a positive feeling about the competition and we all really enjoyed it. The well-deserved holiday after Cyberlympics was taken care of by Miami Beach and the 30 degrees Celsius. ;)

See almost the same post in Hungarian at BuheraBlog!

Sunday, November 18, 2012

Cyberlympics 2012 Round 2 and Round 3 summary

As promised, I am going to give a short summary of the second and third round of the Cyberlympics 2012 competition. Both rounds were organized by SAIC (CyberNEXS), basically we played on their regular training games (CyberNEXS Cyber Security Training).

Round 2 - Penetration Testing

This round was quite fun, since our team members were scattered to different locations, so we had to use Skype in order to work together. There were some technical problems, so the game started around 22:00 instead of the scheduled 21:00.

Anyways, we had to VPN into the CyberNEXS system, then we logged into our attacker Backtrack machines (we got 2, if I remember correctly) and the fun began. The first set of target systems were accessible from our attacker machines, and there were dual homed hosts, providing access to the next subnetwork.

We just did the usual thing: port scanning, launching exploits, cracking and bruteforcing passwords, etc. so nothing extra. Points were given for planting flags and writing detailed reports from the findings. I think we have owned 4 or 5 servers, which was enough for the 4th place in this round.

Round 3 - Centralized  Network Defense Game

In this round, 5 or 6 (can't remember the exact number) servers were given for us running Linux and Windows (servers and desktops too) operating systems, and we had to harden them, but in the meantime, maintain critical services, prevent the attacks and report incidents (points were given for accomplishing these).

We prepared with a few scripts and programs, to automate hardening and help us monitoring the system status. I don't know why we thought that we had to concentrate on attackers from outside, but it was a big surprise when we realized that our systems were heavily backdoored, we spent most of our time removing these and writing incident reports about them.

And that's all! :) Of course I can't give out more details, but I think even this short summary gives an idea how these rounds looked like.

Saturday, November 17, 2012

Cyberlympics 2012 Finals

I hope it's still not too late, but I wanted to post about the Cyberlympics Finals. So it's been almost three weeks from now that our team ( went to Miami, and played the last CTF round of the competition.

We had a long flight to the USA, and I was very excited, since I left Europe for the first time.

As second team in the 3rd Round, we had to fight in a preliminary round with other teams from other regions and only the winner of the preliminary round was allowed to participate in the finals.

Fortunately, after 3 hours of fighting, we got the first place in the qualification round and moved into the finals!

Cyberlympics Qualification round results:
  1. - Hungary
  2. TeamNaija - Nigeria
  3. Deloitte LATCO - South America
Here's a nice picture of us, after getting into the finals (I have no idea what made me smile like that... ):

Being warmed up already, we played for 6 hours in the finals. It was quite challenging, and we ended up as 2nd runner ups! :)

Cyberlympics Finals results:

  1. hack.ers - Netherlands
  2. UMUC Cyber Padawans - USA
  3. - Hungary
  4. FSTeam - Brazil
  5. magpies - Austraila
  6. PRAUDITORS - Hungary
  7. TeamNaija - Nigeria
  8. WhiteHat - Sri Lanka
We got this nice medal here (I stole this from András' Facebook wall, hope he doesn't mind):

We also got 500 bucks which is also nice, even if you split it into 6 :P. The most important thing was that we had a great time preparing and playing and learned a lot of new stuff! :)

After the competition we've celebrated our victory, and spent a couple days with exploring Miami and the Everglades.

After coming back, we got our 15 minutes of fame giving TV interviews (sry, only in Hungarian):

Radio interviews (also in Hungarian):

And Internet sites:

Thanks everyone for your support! Next posts will be about Round 2 and 3 and after that, the Finals in details. Stay tuned! :)

Sunday, September 23, 2012

Cyberlympics 2012 Round 3

So I was swamped with work and stuff lately and had no time at all to make new blog posts.

One of the reasons is because our team was busy MAKING IT TO THE FINALS of the cyberlympics games. :)

End results:

Representing North America:

  1. UMUC Cyber Padawans - USA
  2. PwningYeti - USA
Representing South America:

  1. FSTeam (formally EBTeam) - Brazil
  2. Deloitte LATCO - South/Central America
Representing Asia/Australia:

  1. Magpies - Australia
  2. White Hat - Sri Lanka
Representing Europe: (Unoffical news: one team from Netherland also comming to the finals)

  1. PRAUDITORS - Hungary
  2. - Hungary
Representing Africa:

  1. Broken Cipher - Sudan
  2. TeamNaija – Nigeria
Since it’s pretty cool that 2 Hungarian teams are in the finals, we got a nice media coverage in Hungary:

Tuesday, August 21, 2012

Cyberlympics 2012 Round 2 (Pentest) Europe Results

From facebook:

The top 6 teams from Europe moving into the next round are:
  1. Sloopkogel
  2. Hack.ERS
  5. Codezen
  6. 1337
Meaning that our team made it to the next round! :)
Congrats for all the teams!

Tuesday, August 14, 2012

Cyberlympics 2012 Round 1 Europe Results

Just got the results in e-mail. Our team is in the second round!!!

Results for Europe:
  1. Sloopkogel - Netherlands
  2. Hack.ERS - Netherlands
  3. Codezen - France
  4. 0x5bd - Ireland
  5. 1337 - Netherlands
  6. FIXME - Switzerland
  7. - Hungary
  8. Yoga Flame - UK
  9. PRAUDITORS - Hungary
  10. PGCDIS Community - Portugal
As a tie breaker, they had to calculate which teams submitted their scores the fastest.

Congrats for all the teams that made it to the Pentest round! :)

Monday, August 13, 2012

Cyberlympics 2012 Round 1 summary and solutions

Couple months ago my colleagues and I decided to participate in the Cyberlympics competition. First round was on the 9th of August, and it supposed to be about Forensics. In reality, this exercises were more like the ones you may find on challenge sites, so we were a bit confused, but I think we did well.

We got one password protected zip file and 15 minutes before the competition started, we received the password (btw, ~40 minutes before the competition started, we received North America's email too...). The first 5 challenge was encoding, second 5 was about encryption, then 2 steganography challenge and finally, 2 challenges where we had to recover files.

Below there's a quick summary of the solutions:

Base-64 encoded message. Piece of cake.

Uuencoded message. Easy.

Leetspeech. My colleague actually just looked at it and typed in the solution.

Morse code. Srsly? :P

It was a string in hex. Easy, it's just way too easy.

Caesar cypher. Super Easy.

Atbash cypher. Easy.

Substitution cypher. Easy too.

Substitution cypher again.

Vigenere cypher. Easy.

This was the only one we couldn't solve. It was a bmp image with some message hidden in it. We tried a lot of programs, transformations, methods. We probably even found the cover media on the Internet, so we tried AND, OR, XOR, ADD, SUB, ect. but no luck. Whoever got this challenge, pls send me the solution, cause it's annoying me.

OK, this one was really twisted, and I have no idea how my teammates managed to solve, but it was like this: A JPEG image was given. We extracted the RGB values and took the last bits, then converted them into ASCII. From this, we got a message, pointing us to Openstego, so we downloaded Openstego and extracted the embedded QR code with LSB method. The QR code finally had the key. OK, I admit, this one was not that easy...

We had a bunch of files, two of them was obviously a header of the same JPEG image, and there were also two smaller files  that we identified as the end of the JPEG image. We started concatenating the files together, and checked if the result was a bigger chunk of the JPEG then the previous one. If it was, we kept on doing this until we had the full image. Since the chunks were duplicated, we only had to find one of the matching ones in one row.

Same thing. We had a bunch of files, one of them was obviously a header of a JPEG image. There were also chunks of a text file, which had the same line "THIS IS THE WRONG FILE!!!!!", so we ignored this.

And that was all! Frankly, I've expected a little more, and I really hope that it was only a warm-up round before the fun begins.

Tuesday, July 31, 2012

Ars Poetica

I can’t help it, I love humor. That’s what makes life almost bearable. This is supposed to be “yet another IT security blog”, but I must share with you some funny (and slightly related) stuff as well.

So, here it goes!

Oh, BTW, I am Hungarian, so please leave you Grammar Nazi boots at home! THX :)