Aug 12 2010

My stint at Defcon and it’s CTF

Category: Competition,DEFCON,Hacking,PainsecSakebomb @ 1:15 pm

Now that I am fully recovered from getting back from Blackhat and Defcon I am up for writing. I don’t think I slept more than 30 hours that whole week. I thought I told myself I would never do such a crazy thing again after I did that during the Tsunami relief. Ha. I guess that means it might happen again in life. If you haven’t read my previous posts or spoken to me about how my team was in Defcon’s CTF finals, :-P . Our final place was 8th out of 9 teams (the tenth team ended up not showing up). http://www.ddtek.biz/ We didn’t take last! Woot! That was the whole goal anyways since it was our first year and none of us has any experience in this style of CTF. It was definitely worth the experience since we learned a lot. Next year we wont have only 8 people (7 sometimes since frank^2 had to give a few presentations). I think we had the least amount of people on our team too. I heard rumor ,which apparently is a fact, that team “Kaist@postech (GoN)” had over 100 people. Those crazy koreans. They were good enough to get first blood at the competition though so I give them much kudos. As for us, we had so many noob mistakes that set us back. We didn’t know that we had 2 ethernet cables that put us inline and a bunch of hardware problems that will not happen next year. Whatever though. No directions, just a here you go. It will be more fun next year (if we place :-) and if the competition isn’t screwed up… hint hint ddtek.

So what I took from the whole thing was how awesome it is to steal other peoples exploits. I think that is probably the best thing our team did. We replayed attacks like it was going out of style. The plan was to have a netwitness decoder sitting off of a span port capturing data but that failed since of our noobness. We ended up using the spare nic to make a firewall and put it inline while making pcaps on it. I uploaded all out pcaps and found an assortment of awesome attacks. I should make a few write ups with knx to post on painsec’s blog… Anyways, I learned so much as well as instant parser writing. That saved me a ton. I now have some solid parsers ready for next year to catch our flags from leaving the services.

bNull and I gave a presentation to NoVA hackers with the unofficial title called “Not taking last place.” I think it went well since it seemed to be well received. I guess everyone looks at us like we are really good at hacking now but oh so little do they know. The presentation isn’t worth posting on here since it was mainly for talking points but if there seems to be some interest I can post something on it explaining more.

*EDIT* Here is a write up about Defcon as well as a picture of bNull and me during the competition: http://nationalgeographicassignmentblog.com/2010/08/06/the-hackers-life-my-weekend-at-defcon/

Jul 19 2010

Blackhat Challengeness

Category: Competition,DEFCON,Nothing,PainsecSakebomb @ 9:13 pm

I have been working on building a hacker challenge for my company’s booth at blackhat all while practicing for the upcoming CTF quals. I am getting pretty pumped about posting it. I like to see how people think. I am about 50% done right now just getting some jails set up and cleaning up the pages. I am really hoping it will be a hit, though I am not expecting much since there are maybe 20 people at blackhat that *MIGHT* even attempt it. I am not to worried though. I will post up the challenges after blackhat so everyone else can enjoy. I might even dish out another prize if someone can get them all… hehe

As for the CTF bit, gdb is pretty slick. Not nearly as sexy as olly but it gets the job done. I got it integrated as the remote debugger through IDA but I don’t think it works quite right on forked processes. Maybe someone could tell me what I am doing wrong.

$gdbserver 127.0.0.1:5050 ./program

Then I connect w/ IDA using it’s nifty remote gdb debugging integration scheme.

BOOM! it connects just fine but my stack and memory is all goofy looking. Either IDA didn’t take what I did seriously or I am just ridiculous. I will tinker with it more this week but in the mean time I will just learn gdb and its slick shortcuts.

gdb) x/2xw 0×8048484

0×8048484:          0x47276e69          0×67687421

Jul 18 2010

Half-Marathon training

Category: Bucketlist,Nothing,TrainingSakebomb @ 8:47 pm

I am three weeks into my half-marathon training. So far so good. Just did five miles in 44 mins. I am going to try to get my exercise RSS feed posted on the side. Not that you guys really care but it is my blog and I do what I want. Lol.

If anyone is interested in running it with me feel free. Here is the link to sign up for the Woodrow Wilson Bridge Half Marathon. http://www.wilsonbridgehalf.com/ It is not too much to sign up; $70. AND you get a nifty shirt. ;-)

Here is a pretty cool training regime to go off of if you ever want to run something like this sometime in your life. http://www.halhigdon.com/ He has marathon and half marathon stuff. It is pretty slick.

My thoughts on the subject over all, it is something to get off your bucket list. :-)

Jul 17 2010

A song that means a lot to me

Category: NothingSakebomb @ 7:46 pm

Letters to God – Boxcar Racer

Caught off guard, all worked up
The air is as dark and cold as night
Let me go, I’m not done
I swear I’ll take just one lifetime and I

I won’t lie, I won’t sin
Maybe I don’t wanna go
Can’t you wait? Maybe I don’t wanna go

I should’ve asked, I could’ve helped
At least a f***ing 1,000 times before
Will this offer get me in, or does this prove that they gave more and I

I won’t lie, I won’t sin
Maybe I don’t wanna go
Can’t you wait? Maybe I don’t wanna go
Maybe I don’t wanna go

And I, I won’t lie, I won’t sin
Maybe I don’t wanna go
Can’t you wait? Maybe I don’t wanna go

And I, I won’t lie, I won’t sin
Maybe I don’t wanna go
Can’t you wait? Maybe I don’t wanna go
Maybe i don’t wanna go

Next Page »