263's Computer Hacking Competition

[SeanCassidy]

Hello everyone. A few of my fellow teammates and I want to put together a little wargame (not unlike roothack) where we would have two boxes on a lan and hack each others computers. We're not positive on every detail yet, but here's what he have so far that we're not going to change.

-Two (or possible more) computers on a lan. One gateway box to ssh into. The game might be like roothack's in where you get a certain amount of time to secure your box (the grace period) and then the open season begins after that.
-The OS will be Linux, although the distro is not decided (it may even be random). This is unmutable.
-Three team members max.

Other ideas we've thrown together:

-Write an vulnerable network service running as root that you can exploit as well.
-If the competition stalemates (no hacking being done) forced opening of various services.

If you have any ideas, we're pretty open. We just want this to be a fun learning experience for everyone involved. Hopefully we'll make this a regular thing. Ideally, your team should have experience in programming for Linux, in securing boxes, and even exploit writing. This idea needs to be thought out a lot more fully, so we need your help. Post here for additions, and PM me with your e-mail if you're interested.

[mechanicalbrain]

Ooh this looks like a great idea! I'm getting my CISCO certification just so i can learn about network security. What would be the rules on software your aloud to use? Also would it be school teams or can we form teams?

[SeanCassidy]

Quote:

Originally Posted by mechanicalbrain

What would be the rules on software your aloud to use? Also would it be school teams or can we form teams?

What we're probably going to do is give you a linux box on a lan on my teammate's lan. You'll be able to run anything you want, basically. We are really serious about cracking though. We'll be logging every packet send to and fro on the network, we'll also be watching everything you do on all the boxes. So we really don't want you launching attacks from here. If you do, we'll simply forward your information and cooperate with the authorities. If you have a question on the legallity of a certain piece of software, ask. Anything you've written as well. Use common sense, we don't want you attacking other boxes on the network either.

We were originally going to do school robotics teams, but I see nothing wrong with letting anyone in. I'd really like to keep it to FIRST participants only. This might be bent, but contact me if that's the case.

[Adam Richards]

Do you have an AIM/ICQ/MSN/YAHOO SeanCassidy? I'd like to ask you a few questions.

[Kyle]

What do you get for winning? and If you wanted to make this a challenge set up an XP box to see if there are some good crackers. Or would that be illegal to use Microsoft products like that?

[mechanicalbrain]

Quote:

Originally Posted by SeanCassidy

We were originally going to do school robotics teams, but I see nothing wrong with letting anyone in. I'd really like to keep it to FIRST participants only. This might be bent, but contact me if that's the case.

This seems like a good thing for nationals where lots of people can participate. I asked about forming our own teams because ill probably be the only one on my team doing this type of thing.

Quote:

Originally Posted by Kyle

What do you get for winning? and If you wanted to make this a challenge set up an XP box to see if there are some good crackers. Or would that be illegal to use Microsoft products like that?

Microsoft is WAY to easy. Just using command prompts alone....

[the_unknown]

We will not under any circumstances be using windows for this game. Team 263 is very small, (in terms of participating members) and any member that would participate in this game would be very busy during nationals. (We will probably not be attending this year, but that's another story). Any questions about this game can also be sent to me, I will try and get an answer back to you as soon as possible.

AIM - rabidsquirlhunt6
ICQ - 220610998

[sciguy125]

d00d! 7h47 w0u1d pwn!!1one! A11 of joo wi1 937 t0 s33 my 1337 h4xin9 skillz!

[mechanicalbrain]

Quote:

Originally Posted by sciguy125

d00d! 7h47 w0u1d pwn!!1one! A11 of joo wi1 937 t0 s33 my 1337 h4xin9 skillz!

You know i COULD comment but theirs really no need. I think you said it for me.

[Mike]

I'm in. Would these boxes be running http/ftp servers as well?

[Matt Krass]

I'm in, me and Mike are gonna team up with..uhh...someone

[SeanCassidy]

Quote:

Originally Posted by Mike

I'm in. Would these boxes be running http/ftp servers as well?

Most likely. You'll have at the very least a few hours to set up a working ftp/http server, and we'll get down to the exact rules and constraints eventually. We might say you have to be running Apache 1.3 or sendmail, or even samba. It'll be your job to put up the servers and make sure they're up to date security wise.

You should be very familiar with Linux going into this. Compiling glibc, kernels, and servers from source is not out of the question (but totally up to you if you care about security). If you're not familiar with Linux, you better be a very fast learner.

Quote:

d00d! 7h47 w0u1d pwn!!1one! A11 of joo wi1 937 t0 s33 my 1337 h4xin9 skillz!

1nd33d.

[SeanCassidy]

Okay, here's a draft of the game I decided to write up.

The game will be point based. Both computers will run the same distro of Linux on very similar computers. There will be a grace period. No hacking of any kind is allowed during this period. It results in an instant loss if it's detected. Social engineering is allowed, though, during this period.

Here is the point allocation:
-150 points for every minute you hold root on a victim computer.
-0-50 points based on overall how secure your computer is. This will be judged after competition.
-10 points for running Apache 1.3 during the entire open season.
-10 points for running sendmail 8 during the entire open season.
-10 points for running ProFTPD 1.2 during the entire open season.
-25 points for a working kernel recompile by hand!
-100 points for writing your own vulnerable network service and running it as root (not in a chroot) during the entire open season. This is only worth 50 points if you don't run it as root.
-200 points for giving a working exploit for the network service.
-0-20 points for social engineering.
-0-30 points for any special attacks (ARP poisioning, keylogging, packet sniffing)
-0-30 points for any special defenses.
-1 point for every minute before open season that you're completely done. (NO screen sessions running, etc.) You can tell us when you're done and we'll cut access to your box.
-0-30 points for the whitepaper describing what happened.
-0-30 points for securely backdooring your own box.
-0-75 points for overall attack strategy. If you use metasploit or nessus, prepare to get very low points here.

Other rules:
-You cannot reboot in open season. It's an instant loss if you do.
-No outbound connections from your box inside the LAN.
-You can only attack the victim computers on the LAN, any other even scanning other boxes, is an instant loss for that team.
-We'll be logging everything, please don't touch the logs. We want to look at the games afterwards too.
-If you don't want your 0day to be released, don't use it here.
-You must use vanilla kernels, and nothing you use can be stack guard compiled (especially your vulnerable network daemon).

Most of this will be judged after the competition. We hope to make this as professional as possible. We'll probably be in #aftershock on irc.freenode.net too. I'm usually in there as bockman.

We have some opposing ideas on the format of the game itself. We can do it like a four hour grace period and an eight hour open season in one day, or break it up. Possibly three four hour sessions over a week. Any ideas about this?

[Mike]

Quote:

Originally Posted by SeanCassidy

We have some opposing ideas on the format of the game itself. We can do it like a four hour grace period and an eight hour open season in one day, or break it up. Possibly three four hour sessions over a week. Any ideas about this?

Ouch, 12 hours total? A little much. I'd say split it up over a week.

[sciguy125]

Quote:

Originally Posted by SeanCassidy

-25 points for a working kernel recompile by hand!

Does it have to be tested? If we can't reboot, we can't test it. Unless we're supposed to do it during the grace period...

Quote:

Originally Posted by SeanCassidy

-100 points for writing your own vulnerable network service and running it as root (not in a chroot) during the entire open season. This is only worth 50 points if you don't run it as root.
-200 points for giving a working exploit for the network service.

Can you clarify this a little? What constitutes a "vulnerable network service"?

Quote:

Originally Posted by SeanCassidy

-0-30 points for securely backdooring your own box.

That should be easy enough.

Quote:

Originally Posted by Mike

Ouch, 12 hours total? A little much. I'd say split it up over a week.

n00b! j00 r ϋ83r un1337!!11!