News: Registration is open for Cipher 5 and the HAR CTF. Go ahead and register!
Capture the Flag at Easterhegg 2008
The CTF is over
Special thanks to...
- The participating teams
- Björn Pahls, for helping with the organization
- Kay Rechthien, for managing the network
- C4, for organizing the easterhegg
- Service authors
- Patrick Kilian
- Justus Hoffmann
- Julian Wälde
News
- Services and their testscripts have been published.
- Final scores
- Image aes passphrase: qvx7mYv4l#CF
- Complete log of the scorebot sessions is available. (Yes, I know the admin password is in there; it's not valid anymore.)
- Join #ctf-eh2008 in irc.hackint.org
- Download the easterhegg CTF vulnerable image
Update: The money was not claimed; no one found a vulnerability. The offer still stands. Download the sources.
What is a CTF?
A Capture the Flag (CTF) contest is a contest about IT security. The goal of a CTF is to learn about security vulnerabilities in network application and/or system software. This CTF focuses on application security.
Several teams participate in a CTF; each team is operating a network server that runs network services that contain artificial security vulnerabilities. Teams must find these vulnerabilities and fix them on their own machine, while proving the found vulnerabilities pose a real security threat by exploiting them on their opponents' machines.
If you have never participated in a CTF, you may want to take a look at this good example of application-layer security holes.
Who can participate?
Anyone!
We are trying to make this CTF interesting both to beginners and experienced CTF players;-). Besides several pretty hard-to-find/fix vulnerabilities, this CTF will also include easy stuff for beginners who want to learn about IT security or just have some fun participating in the CTF.
To participate, you need a computer, and you should organize in teams. We will provide you with a network uplink, but please bring your own cables and power cords.
Each team needs one working copy of the latest VMware workstation.
If you want to participate, please add your team to the CTF team list.
Additionally, you can subscribe to the eh08 ctf mailing list by sending an empty message to ehctfusers-subscribe at server dot hcesperer dotorg. This is a low-volume moderated announcement list.
What to bring
The CTF will take place in a virtual network. We will provide each team with one uplink to that network (you will also have internet access through that uplink).
You need to bring the following equipment yourself:
- A switch
- A network cable to connect your switch to our uplink
- Enough network cables to connect your computers to your switch
- A power cord (better two) with at least one more outlet than you'll need
- One computer with a working vmware workstation installation (latest version). Trial (30d) version will suffice.
How exactly does the CTF work?
Each team is assigned an IP address range, as well as a specific IP address the network server must listen on. The network server will run in a Virtual Machine, called VMware workstation, so that no matter how severe the security holes are, your own computer is never affected.
After all teams booted their network servers, the gameserver is started.
The gameserver regularily distributes data fragments (so called flags) to the services. The services store these flags; each flag is associated with a flag ID. Later, the gameserver retrieves the flags from the services. Each successfully retrieved flag gets the according team one defensive point.
If you cracked an opponent's service, and you managed to obtain one or more flags from it, you can present these to the gameserver. The gameserver checks the presented flags against a database and awards points for each valid flag.
In this CTF, the flags are 32 byte values represented by 64 byte strings matching [A-Fa-f0-9]{64}. A typical flag looks like this:
72C4D82D847BBAFEB126B05AB11844B95FF5AC73E11B43963918F1E028B42BF0
The Flag IDs are arbitrary strings of variable length.
See also
More information
You may want to check out the CCCamp07 CTF site. You will find vulnerable services there, as well as our scoring board for download.
The rules
Read more about the rules. To sum it up: Don't do any network layer traffic filtering, do not perform DoS attacks and do under no circumstances abuse the learned skills. The hosters' computers are off-limits. Do not try to crack them.
Questions?
You can contact the organizers via jabber at: (g0ph3r|esperer) at jabber dot ccc dot de Alternatively, send an email to hcathcespererdotorg.$Id: index.html 546 2009-06-09 15:10:09Z root $ Impressum