Challenges in Informatics: Patching, Hacking and Exploiting - HowToPlay
Last updated on 06.11.10 20:24
How To Play CTF-style hacking challenges
High Level DescriptionThe exercise consists of multiple teams, each hosting a server that has multiple services running, like e.g. a webserver, a mail server, or customized services. The services contain typical security vulnerabilities that allow to compromise the server to a certain extend.
The goal is to maintain the services up, functional and uncompromised for the duration of the game. Additional scores can be gained by patching the vulnerabilities of the services and exploiting the knowledge of the found weaknesses at the other team's servers.
The focus of the exercise is typically on application layer security.
How To Play
If a team decides to participate in a CTF, it should first check whether it can assemble enough hardware, a room, a fast Internet line and cool beverages.
Before the contest each team setups up and tests their VPN-connection and VMWare. Some days before the start of the contest, the final image will be released to the teams for download in an encrypted form.
At the beginning of the exercise, the key to the encrypted VMWare-image is released and the teams have typically 60mins to decrypt the image and configure it according to their subnet configuration. If time remains, the teams are already allowed to look for weaknesses.
The central gameserver will check the services for functionality by leaving small pieces of secret information (flags) and trying to retrieve them later on. Teams get score for providing functional services wihtout downtime.
In the course of the game, the teams are expected to analyze the services running on their own server. Vulnerabilities should be fixed and analysed. If a team managed to write an exploit for a servcie, it should try to gain access to other teams' servers.
Once a team has (limited?) access on other teams' servers it is allowed to collect the other teams' flags and submit them to the gameserver. Each submitted flag gains the submitting team additional scores, while the team which lost a flag will loose scores.
At the end of the game, the gameserver will calculate the final standings and a winner is declared.
It is left to the players, to find out which of the services on the vulnerable image receive flags, where they are stored and how they are encoded. Since each team has administrative privileges on their own server, this will be the easy part.
Once a team has captured flags from another team, it should submit the flags as soon as possible to a central submit server. This is because flags are valid for scoring only for a limited amount of time.
CIPHER CTFs use a dedicated piece of software with a simple human readable protocol for submitting flags. Each team is assigned a number to identify itself to the submit server. Using this number, a team connects with telnet, netcat or similar methods to a host/TCP-port announced prior to the start of the game. The submit server welcomes the team with a banner and expects the numerical ID of the submitting team. Then the team can submit the flags, one per line and terminate the connection with the string quit.
This is an example session, how such a connection would look like:
< Please identify your team with its numerical team-number > 2 < Welcome 'team 2'. Enter one flag per line, or QUIT when finished > 12533a26f625cd7f903eab8e100c4988 < Congratulations, you captured a flag! > ac9172a11ebde0c64b6661d7fb74162a < Congratulations, you captured a flag! > 12533a26f625cd7f903eab8e100c4988 < Sorry, you already submitted this flag > quit
A full list of answers to submitted flags and their descriptive meaning:
Additional remarks: You can help save ressources by