UCSB iCTF 2008 Notes Before Sleeping

Published by Rob on December 6th, 2008 - in Miscellaneous

Another UCSB iCTF is over, and I'm once again wishing that the earth was flat.  It is a fun competition, but entering from Australia is a pain when the competition starts at 2:00AM AEST.

Thanks to the guys at UCSB for a very different image, and competition again.  The imagination and effort that goes into creating the images is always great.  The delivery of a PCDos image to start the competition off was a nice touch.  It was somewhat frustrating that the preparation work put in by our network infrastructure team went to nothing, but the idea of each team having an independant network to work on was good.

My biggest lesson for the night was that google is a great tool for looking up the sources for md5 hashes. google: md5hashstring will often return the source string for the md5 hash.

My other discovery was the power of nc, and just how bad allowing shell code to be executed is (php exec combined with system and nc allows really nasty attacks — especially when the server is configured to allow them).

A combination of firefox plugins, and Java with HTTP Client were my primary attack tools this year. I was pretty happy with the setup, missing one or two plugins that some others on my team had, but overall it worked pretty well for me.

Overall it was a good night out.  I'm shattered now, and off to bed.  I might either update this or post a followup after getting some sleep.

Related posts:

  1. Fun in Boston
3 Comments »

3 Responses

  1. Brad Haas says:
    December 6, 2008 at 8:05 pm

    I played for NUCIA at the University of Nebraska at Omaha, US. We all had a blast this year too. We tried a few times to get the bomb disarmed, but to no avail.

    My proudest moment was when we were trying to decode what the Octalpus said for one of the challenge questions. I was replaying DTMF signals one at a time from my laptop, out my headphones and into the microphone of someone’s Macbook, on which he had a DTMF decoder for some reason. I’d play each one a few times, he’d read what the signal was, and someone would write it down. A tense silence fell over the entire room while we did this, and I realized what huge geeks we all are.

  2. Brian says:
    December 6, 2008 at 8:22 pm

    My voices, is my paaasssswooord.
    *click* *click*

  3. Progressor says:
    December 12, 2008 at 7:51 am

    Hi!
    I’m from team SiBears, Tomsk State University, Russia. For us game started at 10 pm and finished at 7 am. It was very funny =)

    And Vigna’s MyVoiceIsMyPassword was crazy thing)))

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

© Rob@Rojotek