Slashdot Mirror
DEF CON "Capture the Capture The Flag" Data
pablos writes "Each year DEF CON hosts the famed Capture The Flag contest. Hackers from all over the world duke it out on the network for 72 hours, hacking for the title. The Shmoo Group diligently logs every packet for posterity, we "Capture the Capture The Flag." Now is your chance to download by far the most interesting, 'sploit ridden, 5.8GB of intrusion collusion ever published. Free for the bandwidth endowed, this is the ultimate IDS testbed."
I believe this post to be very punctual.
Some may argue that is it trite and cliche, but it feel it is a testament to my attentiveness to Slashdot.
Please join me in celebrating my punctuality, by scratching your left nut and gentle using the sweat from your nut to moisten your left nipple.
Have a quality day!
the very first
free whores!
I have often been accused of trolling (whatever that is), but it's safe to say that I've got the first post!
get tism now
Either voyeurism has reached a new level, or it's just the players and their proud(?) mums downloading this.
Then again, I guess it's not a bad screensaver!
Do you want good luck to follow you and your offspring for generations to come? This troll has the solution for you?
All you have to do is copy this troll onto two to four of the discussion threads of your choice! That's right! Just copy this into a new message and click "post anonymously." That's all there is to it!
Tired of that idiot talking about geek culture! Stick one of these babies on it! And it's good for the economy!
Marge Gentry of Cambridge, Minnesota participated, and the next day she received a large fruit basket outside of her door from a secret admirer. Unfortunately, Marge was hit by a truck the next day, so she didn't get to the Granny Smith apples.
Commander Taco of Hole-in-the-ground West Virginia didn't participate, and he was violated by a group of raging homosexuals. Since the gang was headed by Jon Katz, Taco had no recourse to the law because the entire town knew about their previous relationship. The unfortunate outcome is enshrined forever at goatse.cx.
So if you want to get the fruit basket and not get poked in the bread basket, just copy this troll onto two of the discussions threads of your choice. We could have this place blanketed by sundown!
Hmm...my favorite was the sinusoidal IP address spoofing. Anyone else?
"I'll just chip in a bit for RedHat: I actually have that installed on my university machine." - Linus, '95
logging 5.8 GB of packets so u can look thru them... that's really the epitome of sad :P
It was a few Decembers ago and I was still in the Navy. An associate of mine (also a squid) decided that we should head south to Tijuana for a Mexican Sexual Escapade. Who am I to argue, so off we go.
We get into Tijuana, but the broads are really nasty so we take the geeksen-bus down to Ensenada. After spending some time getting lubed at Papas & Beer, we head out in search of ass. It seemed that all the American geeks were already dragging some sap around by his dick so we did what came natural to us. We looked for Mexican geeks.
We go into some nondescript underground bar and sure as shit, tit'se are geeks galore. We rent a couple named Hemos and Taco and take them back to our hotel room. Not the kind of guys to waste time, we strip our geeks and get down to business. Bob is in his bed right next to me, totally drunk, jack-hammering this geeks like he was some sort of pneumatic super-stallion.
I'm bonking my geek and Bob and I are watching each otit's's activities and laughing at each otit's. About this time, he grabs a beer off the nightstand and takes a swig. Next thing, he's spitting it at me through his teeth. We're laughing and carrying on, and his geek starts some shit in Perl. Apparently it's not getting into the shenanigans.
So Bob does what any good sailor in this situation would do: he spits beer in it's face, in order that it might share in the festivities. I thought that it was nice of him to include it in our shared celebration of lewdness. The geeks didn't think it was funny though, actually it took it as an insult, and started trying to kick him off of it's ass and out of the bed.
Now my geek is talking to the to the other geek and it grabs my pubes and starts yanking in an attempt to end our session. This bad behavior was not in my plans- hey, I just paid fifty bucks and this bitch didn't even get spit on and now it wants to high-tail it out of all this before I bust a nut? Hell no!
So Bob and I are discussing what the fuck we are going to do, still humping the geeks, when he starts farting. We're talking LOUD, squeaky, ripping farts; the kind that make your ass feel like it's being split with a razor blade. And the smell- did I mention we didn't eat that day, instead we stayed hungry in order to maximize our buzz.
I'm laughing so hard that I completely lost my hard-on, and it's all I can do to keep this geek underneath me from ripping my balls off. Bob, on the other hand, was still banging away on his geeks and about this time one of his farts goes liquid. He reaches behind him, wipes his ass onto his hand, and cleans it by wiping it onto his geeks's face.
My geeks saw this and expecting the same from me, balls up it's fist and smacks me in the forehead. Too much. Mister Nice Guy is now getting bent. So I do what any good Ambassador of the United States Navy does in a situation like this: I pull out and start pissing on it.
Bob sees this and being quick witted starts singing "My Corona" to the tune of The Knack's hit "My Sharona." As I empty what was left of "My Corona" all over this geeks's face and ass, Bob pulls out his cock and shoots a load of spooge all over his geeks's face, making special efforts to get some in it's hair.
I mean to say that this grand finale took what was left of the fight out of our geeks. They were both so mortified of what had transpired that when we got off of them they actually curled up into the fetal position and began sobbing. This was a relief to us, as we weren't sure up to this point how we were going to get out of there.
To make sure they didn't come after us, we wiped up the piss, shit, and spooge with their blouses and then liberated the receiver from the phone. On the way out the door Bob yelled "Remember the Alamo!" and we got the fuck out of Mexico quicker than Newt Gingrich can divorce a cancer-ridden spouse on it's deathbed.
Cheers,
gdb
At defcon 8 DPS was at defcon and Burrows straight up social engineered his way into the server room and rooted the main box. So technically we had just won but they disqualified him cuase they wouldn't acknowledge social engineering as valid. Before defcon 8 DPS (dead [protocol] society) had pretty much dominated the social engineering contests but defcon 8 was the first year they decided to stop doing the social engineering contests so we were forced to improvise.
I know nothing about this subject but I feel that I have to comment anyway to get the discussion going: Linux is gay, MS rules etc.
...The .pak files?
*ducks*
Send lawyers, guns, and money!
RMS on the other hand told tihs reporter that HURD doesn't have this problem since it runs all servers at user level. Of course, no one except HURD developers use it.
When told about this statement Linus said : Read my previous answer, I don't care about RMS, as I didn't care about AST back in time when I ripped off Minix (formerly known as BoumOS, Mike Bouma's OS) to build Linux (formerly known as Freax)
Sincerely, Mike Bouma
But by now everybody knew that the general was probably already dead.
I didn't totally discard my thought to go directly for fp though. I felt I was involved in this and my fp would raise suspicions so I stayed in my chair frozen, until the end of this story.
Wha? You expect an end?
-- Bloody Bastard
Well, since the site is getting hit pretty hard, here is a direct link to all the mirrors:
t f-defcon9
Capture the Capture The Flag Mirrors
If you have a mirror up, please let me know.
If you're using wget to pull the data, please use the following command:
 wget -r -nd --no-parent -R "=A","=D" http://site/path/
US - Wisconsin (100Mbit):
http://www.wi2600.org/mediawhore/mirrors/shmoo/cc
US - Colorado (100Mbit):
http://www.ucar.edu/temp/shmoo-defcon9-ctf/
US - Pennsylvania (T1):
http://www.bitsend.com/defcon9-cctf
US - Alaska (DSL):
http://cctf1.shmoo.com
Please be sure to read the license.
This is all swell. But the SPARCs have an undeniable advantage.
That is their BIG ENDIAN architecture, as opposed to the LITTLE ENDIAN of
i80x86.
So the functions:
htonl() : host to network byte order
and ntohl () : network to host byte order
* See "man htonl"
In the SPARCs don't do nothing! No conversion needed.
So as statistics have shown [1] those byte order conversions usually
take 60% of an application's time (and in special cases this rises
up to 99% [2]). A big loss.
This is why DotComs prefer SUNs. A clear advantage to those interested
in network performance.
What I do not like is that streams (like MP3 of MPEG), too need an
architecture independant byte ordering. And BIG ENDIAN seems to be
winning on this one. So it is a fact that MP3 needs ntoh() to extract
values from it. When an MP3 stream is uncompressed there are *lots*
of ntoh() calls (believe me!).
I don't understand why the h*ll Microsoft does not do anything
towards LITTLE ENDIAN in bit-streams. Afterall Microsoft products
are aimed towards i80x86 owners. Some people are lying to us.
Anybody knows more?
Don't flame me.
[1] A. Shamir, B. J. Poag. IEEE Transactions on information theory, v. IT-28, n. 6,
Nov 1998, pp. 865-868
[2] A. Shamir, K. Johnson, J. Epstein. Proceedings of the 27th IEEE Symposium on the
Foundations of Computer Science, 1999, pp. 145-152
'sploit ridden, 5.8GB of intrusion collusion ever published. Free for the bandwidth endowed'
... on a 56k modem ,(if my math is correct) , then thats about 10 days...
You would need alot of and bandwidth and evan more time on your hand to evan start on.
Now , let my see
Cruise TT
Putting a couple of Gigs data on the net and then having the bad luck to be posted on Slashdot is going to mean that their link will be unreachable for most of the day. :-) But hey it will probably make for neat graphs.
Use Adsense for Charity
I'm a hungry man!
How are they going to pay for the bandwidth cos on this...if evan just 1000 people download it (and it has been slashdotted) then it will 5.8 Terabytes of information to be downloaded.
This won't exaclty be payed for by a banner ad.
Cruise TT
But after I became involved in tech support for major financial institutions, I realised that although security there was reasonably good, you could almost always circumvent it via social engineering.
My favorite trick to get into the server room was to put on an old hard-hat and a fluorescent jacket. I would stand outside the door until someone came along, then I would simply ask them to let me in. Which about 70% of the time, they did. At which point, I would point out to them that I could have been anyone, usually got an embarassed apology.
I was using social engineering to raise the security awareness of staff, but it was a real eye-opener to me just how easy it was to control people.
I have some shit-encrusted crotch hairs they could "capture." Sure would taste fine.
J. Wipo Troll, Esq.
Crapflooder Associates
Slashdot.org
Their site may be but I got a blazingly fast 11.9 MB PER SECOND!
:)
It feels damn good to take over a 1/10 of a major pipe
"Not my manner of thinking but the manner of thinking of others has been the source of my unhappiness." - M
In the dim and distant past, before I became 'respectable' I used to be a haxor wannabe. I used to use my 300 baud modem to dial into various systems, and lets just say, that had the law been the same then as it is now, I could have been arrested.
But after I became involved in tech support for major financial institutions, I realised that although security there was reasonably good, you could almost always circumvent it via social engineering.
My favorite trick to get into the server room was to put on an old hard-hat and a fluorescent jacket. I would stand outside the door until someone came along, then I would simply ask them to let me in. Which about 70% of the time, they did. At which point, I would point out to them that I could have been anyone, usually got an embarassed apology.
I was using social engineering to raise the security awareness of staff, but it was a real eye-opener to me just how easy it was to control people.
I like to braid my crotch hairs on Taco's face.
How 'bout you?
J. Wipo Troll, Esq.
Crapflooder Associates
Slashdot.org
Mirror in the making at http://deimos.siliconinc.net/cctf
Its currently chugging away at about 250 kbps, so it should be done within a few hours. There is already 1+ gig of data up there for your browsing pleasure, and its chugging away at around 250kbps. Enjoy. If it breaks email me or something.
Insert witty
Tcpdump? or what else?
My crotch has feces all over it. Won't someone please lick it clean? Please? Please...?!
J. Wipo Troll, Esq.
Crapflooder Associates
Slashdot.org
Wank, wank, wank! I love to wank. Do you like to wank? I'm wanking as I write this!
Someone come lick up my mess!!
J. Wipo Troll, Esq.
Crapflooder Associates
Slashdot.org
Thx! do u know where i can dl some pr0n and warez???
fucking suck.
from what I hear, n-ctf SUCKED this year...
From a friend whom was on one of the teams:
We set up some 'reflectors', using the MIRROR target of the Linux netfilter and almost got booted of the net by the judges for this unique solution.
Bleh.
IMPORTANT!! PLEASE READ: THIS JUST IN!!!
How many roads must a man walk down
Before you call him a man?
How many seas must a white dove sail
Before she sleeps in the sand?
Yes, 'n' how many times must the cannon balls fly
Before they're forever banned?
The answer, my friend, is blowin' in the wind,
The answer is blowin' in the wind.
How many years can a mountain exist
Before it's washed to the sea?
Yes, 'n' how many years can some people exist
Before they're allowed to be free?
Yes, 'n' how many times can a man turn his head,
Pretending he just doesn't see?
The answer, my friend, is blowin' in the wind,
The answer is blowin' in the wind.
How many times must a man look up
Before he can see the sky?
Yes, 'n' how many ears must one man have
Before he can hear people cry?
Yes, 'n' how many deaths will it take till he knows
That too many people have died?
The answer, my friend, is blowin' in the wind,
The answer is blowin' in the wind.
... of goats! Also John Ashcroft. He's dreamy.
I don't know about defcon 9 (2001), but I seem to recall them only being able to get part of the traffic at defcon 8 (2000).
[*] my emphasis, not theirs
"Weapons should be hardy rather than decorative" - Miyamoto Musashi
I think that goes for OS's too
Looks like a great case for using something like SwarmCast.
On a completely offtopic note, a swarmcast like system would work great with the P2P file sharing programs, would it?
the shmoo group's data gives an idea of the type of attack tools that are most commonly used in intrusion attempts, but if you want to know the tools and techniques that are the most likely to succeed, it would be good to talk to Caezar or some other member of the ghettohackers. After all, they are the ones who win at capture the flag year after year....
"Weapons should be hardy rather than decorative" - Miyamoto Musashi
I think that goes for OS's too
Call me lazy (I am) is there a summary or commentary on all that raw information that can show us hacks attempted, both successful and unsuccessful. It even gives some hacker some reflected flame at deciphering and commenting on the information. If I was considerably less lazy I might do it myself.
Greed is Good - 1980's
Lazy is Good - 2001
Be Free: Free Software Tuition
Its a troll.. no real links here.. move along.
GPL'd web-based tradewars themed space game
... a beowulf cluster of these babies!
I suppose that would then be "Metacapturing the Flag".
<P><H3>This useless comment was generated by a Cockpitful of Suicidal Fanatics for you</H3>
Free, as in your money being freed from the confines of your account.
Odd question?...
But, for a free site that simply runs off banner ads and donations
Why does Slashdot never get Slashdotted?
Sorry just had to ask....
isn't hacking a form of lying to the sysadmin ? 8)
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
Your user number sucks rocks. So do you, you rock sucker. And those are real links.
>Why does Slashdot never get Slashdotted?
:)
To steal from Yogi Berra, because "no one reads Slashdot anymore, it's too popular."
Besides, we're all too busy slashdotting the other sites to spend time here
A.
Microsoft's email client caused some people on the wireless network almost as much grief during blackhat this year. ;-)
-Joey
"Weapons should be hardy rather than decorative" - Miyamoto Musashi
I think that goes for OS's too
Actually it did during the sept WTC attacks. Slashdot was virtually unuseable. CNN was better.
-- RTFM:Slackware::Beer:Saturday
I think you mean "a free site that simply runs off banner ads and donations" ... but is backed by a large linux company (VA) that has lots of ca$h money to throw at popular linux "products" such as /. for servers and whatnot.
The rules for CTF at DC9 were, unfortunately, not well tested prior to the actual event. The intent of the rules were to provide more targets to attack, by shifting the burden of providing targets to the competitors. However, with the rules as written at the beginning of the contest, it turned out to be (pointwise) not worth attempting to hack. The net effect of the rules were that most groups were simply putting up a server, getting the points and pulling it down. While this is a valid strategy for that ruleset, it doesn't make for much of a hacking competition. This constant churning of servers also made hacking difficult, with targets disappearing by the time you could identify them through the standard CTF network instability.
We (the GhettoHackers, with the much appreciated help of Jennifer Grannick) managed to slowly, over the course of the competition, convince Miles to change the rules to a set more conductive to an actual hacking competition. When teams began merging due to the rule changes, we merged with Digital Revelation, to both group's benefit. We gained their server points, and they gained our capture points.
Besides winning CTF, the GhettoHackers / Digital Revelation team also had the highest average Blood Alcohol Level of any group (check out http://cow.pasture.com/~tcroc for more details). As announced at the awards ceremony, we, the GhettoHackers, have retired from CTF after DC9. To help foster more competiton, and for a different application of our expertise, the GhettoHackers will be helping to run CTF at DC10.
Democracy is dead. All kneel to the Commander In Thief.
"this is the ultimate IDS testbed."
No, it really isn't. Read up on the cluefull folk's take on tiger teams. Tiger teams are not the ultimate test of if your box is hackable or not. Tiger teams are the ultimate test of if said team can hack your box. There is a distinct difference. Similarly, the capture the flag data only documents a select number of hacker's techniques.
You can't predict what hackers will do. You can only be cautious.
i don't understand..... mine said 8MB/sec as well....... i don't understand. i transfered it in linux with the correct wget parameters and it said 120k/s (more reasonable).
These people sign up and paid for the membership. Prizes were promised for those that competed. When it came time to give out the prizes, DEF CON fell flat.
Don't trust DEF CON.
Defcon 9 was my first time with CTF and I must say, it's not exactly what I expected. My buddy Thalakan got recruited to Digital Revelation and he recruited me over there. 90% of the time, everyone hacked systems that were difficult to hack. All the servers on the server segment (x.x.x.250-254) had either chrooted systems, patched servers and for a day and a half, nothing happened. During that time, the most exciting thing was when Dan got social engineered (see above link). However, 2 hacks did happen. I think it was prophet on digital revelation who rooted a win2k box with the unicode exploit. Then, the most exciting hack was the obsd 2.9 local exploit. Someone from the grey team finally setup a server with local access (he gave out login/password) and the race was on to apply the exploit. By this time, we were already merged with ghetto and everyone watched in anticipation. Eugene, from the ghetto hackers worked ferverntly and a bunch of us watched in anticipation. Because of the race condtion, two teams simultaneously rooted the server at the same time and split the points.
Since there was physical access to the box (they were located right next to the operator), I heard that people yanked network cables when they were about to be rooted.
There were many interesting systems and different programs that ran on the network but without source, 2 days is simply not enough time to do anything substantial. I hope next year, Caesar and the Ghetto Hackers will run a better job of providing more interesting hacks. I'm hoping the judges will put up servers that arent locked down. Those roots will be for maybe 10 points. Roots in servers with no known vulnerability (with source provided) will give 100 points. Something like that would provide with more hacks than the 3-5 roots we had. Having each team provide servers that are locked down is plain stupid.
-Nouveaux