Drop Pings, Not Bombs
Hello Everyone!
Coming up this weekend is the Plaid CTF hosted by Carnegie Mellon University. The competition is 48 hours long, starting at 4:00 on April 27, 2012 and ending at 4:00pm on April 29, 2012. We will be competing from STEAL 1 (PKI 350) the entire time. Please come and provide any help you can! It is a challenge based competition, so there will likely be something for everyone to be able to help with.
-JR
This year, we participated in the IFSF CTF, a 36 hour challenge-based CTF that started at 5am on Saturday February 11th. The team met in STEAL-1 (PKI 350). This was the first event that NULLify competed in this year. As a team, we are still learning and growing and the new members are really starting to see how CTF events work. Overall, we placed 21st of 90 scoring teams and 4th for teams based out of the United States. Group members should expect explanations of solved challenges in the next meeting.
Thank You for all those who participated
-JR
Hack Night will be on Monday nights at 7pm starting Janurary 23, 2012.
Hack Night will be every Tuesday at 7 pm in Steal 1 of PKI next semester.
If this time doesn’t work for you please leave a comment.
If you don’t have an account please comment in the Facebook page. Then ask for an account.
The 2011 ICTF is officially over. The scoreboard can be found here.
NULLify placed 48th out of 87 teams. Although some people may have left the event disappointed it is a great reminder that there is a ton of information out there waiting to be learned. We shall continue to move forward and improve.
I would like to thank UCSB for all the work they spent putting the competition together and managing it. The competition went smooth and the challenges had plenty of variety and depth.
Finally, I would like thank everyone that showed up to help out and support UNO in the competition. The turnout was beyond impressive.
The UCSB ICTF competition takes place in two days on Friday Dec. 2, 2011. The competition starts at 10 am CST and goes until ~7 pm CST. Anyone with an affliation to UNO is welcome to come help out. Diverse skillsets are a necessity
Below I have written up a summary of the official summary located here.
Rounds are 2 minutes long.
New flags are put into each service.
Information sent to each team:
Solving challenges makes dirty money that gets deposited in the team’s Sw1ss bank account.
Each challenge can only be solved once so there is limited amount of money a team can earn.
Dirty money is turned into points by being laundered.
OR
Submit the service flag to the Secret Service Anonymous Tip Hotline to flag the other teams service as compromised for the round.
The team with the most points wins.
Money leftover in the Sw1ss bank account is discarded. It will not hurt to have extra money in the account based on the updated description.
Launderer / Mule: A team whose service you exploit.
Cut: The percentage of money that a launderer takes.
Transaction Risk:
The probability of being caught laundering money.
A number is computed based on the laundering transaction. If that number is lower than the risk then the transaction fails.
The money in a failed transaction is lost. Except the cut that went to the mule.
Transaction risk = risk_function(R, M, N, Q) = To Be Announced
Payoff: Percentage of money that can be turned into points from a service. Given at the beginning of each round.
Point Conversion: Points = Money * Payoff * Defense
Defense: “if you don’t provide
good service to the community, you will incur fees from the money
laundering community for their service. No one likes a leech! The
percentage you will lose is equal to the average number of active and
uncompromised services that you had in the past, which is called your
defense level, D.” This is very ambiguous, is it better to have high defense or low defense?
Over this past fall, Justin and Tory compiled some reverse engineering tools for the Linux environment for the Internation Cyber Defense Workshop that was held the week of November 6th. Tory gave an hour long presentation over the research to ~100 IT professionals over a live internet stream. The presentation was focused on reverse engineering Linux executables. It covers the basics and common tools needed to reverse engineer windows and linux applications. Additionally, they built a hands-on technical lab that could be completed by their viewers using the knowledge contained in the presentation.
This years iCTF will be on Friday Dec 2nd 2011. From 10am to 7pm CST. All are encouraged to join in Steal 2 even if you think you have little to contribute please come anyways, you may be surprised as a lot of the competition involves quite a bit of googling.
http://ictf.cs.ucsb.edu/
Picture related.
