OK. So this is gonna be my last post about Cyberlympics 2012. I am already a little fed up with the thing, but I've promised to make a real summary of the finals, so here it goes:
The finals was on the 29th of October. Before the competition, the team gathered in my hotel room and we made the tools we didn't had time to finish back at home, and forged our tactics for the finals. The development lasted until dawn. Literary. We had a teammate who didn't sleep, and I think I only slept one and a half hour. Stakes were high; on the last continental qualifier round we only achieved second place, and only one of the second place teams could make it to the real finals, so we had to win the preliminary round, since we did not travel halfway around the world to play only 3 hours.
On Monday morning, we arrived first to the scene. Our veins had more coffee, energy drinks and adrenaline in them than red blood cells. We shook hands with the organizers while the rest of the team arrived, then we gathered around our table and we were waiting for something to happen. A few minutes before the start, one of the organizers explained the rules of the game, but we knew most of the stuff already, cause we were reading through the rules given for us over and over again.
When they told us, that we can begin, we plugged our UTP cables into the ports almost simultaneously. In the preliminary round, each team got 5 servers with credentials to them. All of them were outdated OS, like Windows 2000, Windows XP and old Linux systems. Our blue team logged in to our machines (using RDP for the Windows boxes, which was not always successful unfortunately), and our red team launched the tools we developed the night before. After about 30 minutes, our team was leading superciliously, most of the machines had our flag (our team's unique string in file named flag.txt) and our evil tricks (evil, not illegal!) sometimes caused real headaches for our opponents (muhaha). This was the moment when we calmed down a little and when the organizers announced that they are going to throw in a few forensics challenges too. It was obvious, that we made our teammate Z to solve the challenges, who is currently leading the Hungarian leader board on WeChall and who single-handedly gained more points than the last team in total by the end of the game. After three hours, we won the preliminary round, so we could participate on the six-hours finals.
We barely had half an hour to gather our experiences, talk about what should be changed, and then make the modifications before the finals. We arrived a little more relaxed to the finals, which was different in a way that we did not had users to the machines, so first we had to gain access, then flag and then defend it from other teams (oh, and there were no forensics challenges). The other difference was the nature of the targets. While in the preliminary round we could own almost every machine with quick exploit, in the finals, most of the time it required more fiddling to gain full access. There were also machines that no one could compromise during the whole competition (we still do not know whether there was something in those machines, or whether they were only decoys).
At the beginning, there were only 10 targets, and as time went by, 5-10 new machines appeared each time until there were 30-35 targets. The HACK.ERS team took the lead almost from the start, so the real fight was for the second and third place. During the six hours, most of the time we were at the second or third place, once, we were only fifth and half an hour before the end of the competition they covered the scoreboard, so we only found out that we managed to get the third place when they announced the results.
We were very pleased with our final rank, but in the mean time we were also extremely tired, so the real celebration took place just a few hours later. In overall, we had a positive feeling about the competition and we all really enjoyed it. The well-deserved holiday after Cyberlympics was taken care of by Miami Beach and the 30 degrees Celsius. ;)
See almost the same post in Hungarian at BuheraBlog!