RuCTFE 2009

    Abstract


    RuCTFE 2009On November 7, 2009, international student information security competitions were held for the first time in Russia. In this article, we will understand what CTF is, how RuCTFE differs from RuCTF, what RuCTFE 2009 was , what kind of HackerDom team it is and what to do if you also wanted to take part in such competitions.

    What is CTF?


    CTF is also a team game in which participants can demonstrate their computer security skills. Teams are evaluated immediately in three categories: defense, attack, publication of reports on vulnerabilities found. In some competitions, the task category is sometimes added (they are tasks).

    As a rule, all teams get the same image for a virtual machine with the services installed in it. All services are developed specifically for each competition, so until the start of the game they cannot be found in the public domain. The task of the team is to ensure stable and safe operation of its server throughout the entire playing time. To do this, it is audited, which includes finding and fixing vulnerabilities, and also administers it. In addition to protecting your server, you must attack the servers of other teams using the vulnerabilities found. Confirmation of the success of the attack is to receive private information (flags) from someone else's server, which is periodically posted by the jury's checking system. A simple example of a service is a forum. The flag in it is a private message,

    An integral part of CTF is the lack of uniform competition rules. The organizers bring something new to every game. Almost never knows in advance what the operating system will be on the game, what services will be and in what programming languages ​​they will be written. Teams should be prepared for everything, that is, be able to quickly navigate in a new situation.

    CTF in Russia


    This has already been written . I will add statistics on the number of teams from Russia that took part in various international student competitions.

    Schedule ( K.O. )#CompetitionsYear
    CTF stats
    1iCTF 20062006
    2CIPHER 32007
    3iCTF 2007
    4CIPHER 42008
    5iCTF 2008
    6CIPHER 52009
    7RuCTFE 2009





    At the moment there are not so many competitions held in Russia. These are all-Russian
    RuCTF ( HackerDom , USU )
    and regional
    UralCTF ( HackerDom , USU ),
    UFOCTF (UFOlogists, TTI SFU ).

    I hope that at least SiBears ( TSU ) and CIT ( SPbSU ITMO ) will soon replenish this list .

    RuCTFE 2009


    Unlike RuCTF, which are held in person and only for Russian student teams, RuCTFE 2009 were international and online. 43 teams

    took part (iCTF 2009–38, CIPHER 5–33) from 11 countries: Russia, Germany, USA, Austria, Italy, France, Argentina, Norway, Croatia, India and Vietnam. Probably at the moment it was the largest student CTF competition. The rules and layout of the competition network were quite common for CTF.



    Network


    Competitions were held for 10 hours. The main surprise for the teams was the operating system chosen for the game. Most often you can find various distributions of Linux, BSD. This time, when the virtual machine started up, the teams first saw debian and calmed down a bit, but then X started up, which is already quite unusual, and the android 1.6 emulator was launched in them. All services were written for it.

    Services

    There were five of them. You can read all the details in the documentation for them, but this is a spoiler for those who want to first try to check their strength and independently find vulnerabilities in the image (GPG key: djlrfgbdjbdbyjplhfdcndeqvfvfdjnbz) that the teams received. I will give a brief information on the services from the developers themselves.

    CryptoPizza
    Service for receiving phone orders for a pizza delivery employee. It is written in Java for the Google Android v1.6 platform. It implements an invented cryptographic protocol using symmetric AES and asymmetric RSA encryption for the safe delivery of orders to the phone over open communication channels. Orders on the device are stored in SQLite.

    F
    ftp server with antivirus functionality. Written in python using the Android Scripting Environment. ftp is implemented using the lr parser, built according to the KS-grammar, which describes the language of commands sent by clients. Reactions to commands are implemented in functions called upon convolutions of the corresponding products. The anti-virus component made it possible to perform signature analysis of downloaded files and check them using "emulation", and allowed updating signature databases.

    Jabber
    Service implementing the idea of ​​a Jabber bot on the phone. This simple bot provides features similar to the newsletter. It is written in Perl for the Google Android v1.6 platform using the Android Scripting Environment.

    Simple
    A simple service that implements the functionality of installing / checking / listing the set flags. It uses a simple cryptographic protocol based on two cryptographic algorithms based on Feistel networks with fixed keys to encrypt requests and responses. Made for Linux EABI with support for tcp sockets and POSIX threads.

    Stalker
    Service multiplayer online games. It is implemented as a dedicated server and clients for connection. As flags, valuable objects of the game are used - artifacts sold to the merchant. Technically, the server and client are implemented as Perl scripts for Linux. In addition, for the Java phone under the Google Android v1.6 platform, a map is displayed that displays the player’s status: visible objects, the location of the merchant, other players, anomalies, monsters and artifacts. There are no significant vulnerabilities in the service, and teams need to deal with the principle of the client and write a convenient interface for managing their character, possibly automated by some artificial intelligence.

    Task

    In addition to services, teams were asked to evaluate their strengths in the analysis of the black box, search in Gopher, algorithms and Haskell, steganography, knowledge of the classics of world fiction and ... Russian dances .
    Russian dance


    Results of RuCTFE 2009


    The game was not immediately asked. Most of the teams had problems both in general with setting up the android emulator, and with its unstable work, which often turned out to be the result of malicious actions from other teams. Nevertheless, starting from the middle of the game, a serious struggle unfolded in the top 15 lines of the scorboard.

    As a result, the top5 scorboard looked like this:
    1. squareroots ( University of Mannheim , Germany)
    2. 0ldEur0pe ( RWTH Aachen , Germany)
    3. SiBears ( TSU , Russia)
    4. Siths ( USU , Russia)
    5. h4ck! nb3rg ( Upper Austria University of Applied Sciences , Austria)


    HackerHome, who are they?


    This is a team, and more recently, a club from USU. With them began the participation of Russia in the international CTF.
    They held the first in Russia:
    • Regional UralCTF in 2006 (with the initiative support of a team from SUSU and ChelSU)
    • All-Russian RuCTF in 2008
    • international RuCTFE in 2009

    HakerDom team repeatedly became the winner of international competitions, and in 2008 won the CIPHER 4.

    From HakerDoma preparation and holding RuCTFE 2009 engaged in the development team of 10 people with an active support provider UralVES and group companies Clustertech .

    Want to participate in CTF?


    If you are interested in student CTF, assemble a team and register at the nearest UCSB iCTF , and then at RuCTF 2010 quals!
    And if you want to measure your strength and with professional teams, then good luck at DEF CON ;)

    Also popular now: