Introducing Team Reboot - Maiden post
Posted 12 July 2011 - 06:44 PM
Our continuous endeavor to extend the reach of our favorite forum "reboot" has brought forth one more section - "Team Reboot". The title of this forum finds its resemblance with this topic posted earlier. So, everyone who has come across the said thread can take a guess what this team can be dealing with. You'll be glad to know that on 7th July, 2011, a six member team consisting of Nuno Brito, pscEx, Mikorist, florin91, Agni & Holmes.Sherlock took part in an eight hours' challenge named dCTF 2011 which was held as a part of eighth conference on DIMVA 2011 (Detection of Intrusions and Malware & Vulnerability Assessment). Though their website describes it to be a intrusion detection, malware detection, and vulnerability assessment competition which'll require the participants to defend their own systems & attack as well as others, I personally find this year's contest to be packed up with non-hacking-type thought provoking materials.
dCTF 2011 was played within a VPN, the configuration files of which were distributed to the teams few days prior to the contest. An encrypted VirtualBox image of an OS was also provided for download. The decryption key was made available at the very first minute of the contest on the IRC channel & mailing list. Previously in dCTF, contestants were judged by the amount of time they could keep an OS image with some vulnerable services running & by bringing down the same of their rivals. This year, they deviated from the pattern & we found that the OS image, which happened to be an image of Minix, was only useful for describing the theme of the contest & giving out some useful information. The story goes like this - there was a hyper-intelligent robot called Messy, which probably turned out to be violating some robotic laws (I'm not sure myself!!!) & needed to be brought down. And here comes the real challenge. The parts of Messy's subsystems were scattered across different servers within the VPN. Those were, in turn, a bunch of cryptographic problems, some might be on reverse engineering, a few were playing with some file format related tricks etc. Some code based 9e.g. PHP, HTML) vulnerability detection challenges were also there. Upon solving of one stage, the door to next step opens. A few screenshots of the contest environment are attached to give you a better feel of how things looked like. Those who have been interested by this time to know can have a look at this to know how the contest was held in previous years. You'll find the pattern to be completely different & innovative. But, the common thread that binds all of them together is that they were all security related challenges ('Hacking' is really a nasty term to be used as it sometimes arises some ethical & legal concerns).
The sad part is, in spite of our earnest efforts, our team couldn't cut a good figure in the competition. From then on we realized that though reboot has a number of booting specialist today, we are not in pace with the unexplored world of security, intrusion detection & malware analysis. World is moving on. Why we people stay back? This motivated us to form a "Team Reboot' which'll have a dual aim of keeping an eye on aforementioned stuffs, as well as selecting & choosing a few from us & get ourselves well-prepared to take part in dCTF 2012 & similar contests. Both the aims of paramount importance & to make it a success, we need active co-operation, suggestion, feedback, "positive" criticism & active interaction from all of our members.
This is enough for today, I guess . Ooops, forgot to tell you one more point. I prefer not to say 'Leader" or "Moderator" kind of heavy words, but JFYI I've been asked by our big boss to volunteer the responsibility of "keep everything together & in place". So, for any queries regarding "Team Reboot", feel free to contact me.
- Nitro_123 likes this
Posted 13 July 2011 - 12:09 AM
- Team formation: First we have to form a team with maximum permissible team strength. This year, our announced team strength was smaller than what they allowed. I'd ask Nuno to elect or select team members for next year. Form a team of around ten dedicated members.
- Set specific agenda: Being knowledgeable is not suffice, but we have to accumulate knowledge on domains that the competition requires. Everybody doesn't need to be "Jack of all trades".
- Persistence: We all have something to do in the real world apart from living this virtual life. Our main target will be next year's dCTF along with similar competition by this time. Do join this team if you are persistent enough. It'll be sad if we start this effort & it eventually subsides.
Things to take into attention next time:
● Assure a secure messaging channel since skype and IRC are not safe
● Practice and implement an OpenSVN server to create a NAT for our team members (solve situation of single IP)
● Learn Minix
● Use a safe/prepared Ubuntu OS
○ Firefox running with no-script plugin by default
○ Firewall monitoring the network activity
○ Software detecting changes on filesystem
● Get Remobo working as our private LAN before a contest
● Have a dedicated machine to host our virtual machine image
● Test group VNC so that we can all share one desktop when necessary and brainstorm for solutions
● Ensure redundancy of member skills to ensure that we keep moving even if one of the team members is unavailable for some time
● Divide team in functional groups accelerate the first hour of the event
○ One sub team works on setup and defending the server
○ Second sub team works on understanding the challenge and starting the attack
○ Once the server is secured, we can all work on the attack portion and keep the server monitored
● Find a list of next events available for 2011
● Document this event so that we can use lessons learned for the future
● Solve challenges of DIMVA 2011 and document solutions so that we can use them as practice
Sites with challenges:
Now what we require from our forum members are
- Names who are willing to participate in such competitions & also dCTF 2012
- Goals to add to our existing agenda
- Active support by accumulating information together
Posted 17 July 2011 - 03:16 PM
- Practical networking scenario & setting up remote connection, e.g. VPN, VNC, Remote Desktop
- Windows Network Security, e.g. Firewalling
- *NIX Network Security e.g. Firewalling
- Networking attacks, e.g. DOS, DDOS, Teardrop
- Network packet sniffing & protocol header analysis
- Widely known & Less known exploits of Networking services
- Widely known & Less known exploits of OS services
- Port Scanning
- Visual cryptography
- Rainbow table
- Man-In-The-Middle attack
- Password cracking techniques
- Reverse Engineering (For those softwares only where Reverse Engineering is not explicitely prohibited & also CrackMe/KeygenMe exercises)
- Malware analysis, preferably code based, e.g. virus/worm/Macro virus
- Code Injection & Remote Code Execution exploits
- Challenges of Assembly Programming
- Buffer Overflow attack
- SQL Injection Attack
- Tools & Custom scripts
- Different file formats, e.g. Windows PE, ELF x86, JPEG from the lowest level
- Different file system structures from the lowest level
WHAT CAN MY ROLE BE?
- Consider joining Team reboot to take part in hacking/security competitions
- Submit challenges, either devised by your own or obtained from some source
- Spend a few minutes to write a post on any of the topics (or other security related topics) mentioned above
- Take part in ongoing discussions
- Share your ideas/views/suggestions/constructive criticisms here
- Simply sit back & enjoy reading the threads
Posted 08 September 2011 - 01:16 AM
Those who have already got their challenge solved a long back, please also share then technique to solve the challenge either you yourself or please request the person who has solved it to post the method on the respective threads.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users