Slashdot Mirror

← Back to Stories (view on slashdot.org)

A New Challenge from Honeynet

Posted by timothy on from the steps-toward-justified-evisceration dept.

cjpez writes: "The people at the Honeynet have issued another challenge on the Bugtraq mailing list. Instead of hacking into a box, though, this time your goal is to submit the best analysis of a binary file they'll post on Monday, May 6th. Think you're good at reverse engineering? Then try it out! They're even offering actual prizes, so you can get something besides the feeling of personal fulfillment for your trouble. The post hasn't quite made it to SecurityFocus' Bugtraq Archive yet, but I did find it at another Bugtraq archive in Germany (slashdottings abound!). The URL included in the email, http://project.honeynet.org/reverse/, doesn't seem to be active yet, so presumably we can assume it'll go up on Monday. The post fails to address other concerns, though: will the winner be in violation of the DMCA? :P The challenge was also issued, obviously enough, on SecurityFocus' Honeypot mailing list."" In a later note, he points out that the announcement has finally made it to the Bugtraq archive page." (And that URL is active now.)

11 of 117 comments (clear)

  1. Here's the binary, see if you can analyse it by Salsaman · · Score: 4, Funny

    ! seineew era sreenigne tfosorciM

  2. Actual link by spood · · Score: 4, Informative

    Not everybody serves their dot-org like slashdot. Here's the real link : WWW.honeynet.org.

    Or maybe they were just trying to keep it from being slashdotted! :)

    --
    ---- Just another spud server.
  3. A file of ... by joe_bruin · · Score: 4, Funny

    a file of what? what's in it, random data? how do i know when i found it?

    i hope they dont use my method of hiding data:
    tar files
    bzip2 tar file
    xor it with my social security number
    hexdump to ascii file
    generate gif of the hex in the ascii file
    gpg encrypt gif
    gzip the gpg text (twice!)
    divide file into ints, swap endien-ness, reform
    uuencode the file
    hide contents in id3v2 tag of my "nofx" mp3s

  4. The reverse engineered source.... by Anonymous Coward · · Score: 4, Funny

    printf("B"); printf("E"); printf(" "); printf("S"); printf("U"); printf("R"); printf("E"); printf(" "); printf("T"); printf("O"); printf(" "); printf("D"); printf("R"); printf("I"); printf("N"); printf("K"); printf(" "); printf("Y"); printf("O"); printf("U"); printf("R"); printf("O"); printf(" "); printf("O"); printf("V"); printf("A"); printf("L"); printf("T"); printf("I"); printf("N"); printf("E"); printf("/n");

  5. how... by GreenPhreak · · Score: 4, Interesting

    This seems like a really cool contest to raise awareness on security matters. This feels kind of like an ACM problem, except less programming and probably a lot more real-world experience. Anyway, I've never tried to figure out what binary files do...I always refer to source files. Are there many tools available for looking at or figuring out what binaries do? Any reference pages? (the one linked on the article page isn't very helpful). Can someone provide more information about forensics with binaries? Thank you.

    --
    I drink to prepare for a fight; tonight I'm very prepared. -Soda Popinksi
  6. Fastest way. by JonWan · · Score: 4, Funny

    Just open the file in Outlook. That will narrow down the possibilites.

  7. Quite a challenge. by Hiro+Antagonist · · Score: 5, Informative

    This looks to be an interesting challenge; I believe the entire idea is analyizing the binary (which is a program) without actually running the thing; then, designing methods to check for network activity and such that this particular binary would generate. In addition, you get bonus points for correctly quantifying the skill level of the coder who produced said binary.

    It's much the same way as anaylizing a captured worm/virii; you need to figure out what it does, how to detect it, how to block/eradicate it, and also try and establish a profile of the originator of the worm/virii.

    --

    --
    I Hit the Karma Cap, and All I Got Was This Lousy .sig.
  8. Finals Week by fuzz6y · · Score: 4, Funny

    Releasing such a challenge on Monday of finals week is pure, unmitigated evil. So much for my grades. . .

    --
    If you're going to be elitist, it would help to be elite.
  9. Re:Reverse engineering for beginners... by cp4 · · Score: 4, Informative

    Here's an interesting link. Not necessarily a guide though.

  10. Anyone else find this funny? by dimator · · Score: 4, Funny

    Rule #6: The person who hacked the box is NOT eligible

    --
    python -c "x='python -c %sx=%s; print x%%(chr(34),repr(x),chr(34))%s'; print x%(chr(34),repr(x),chr(34))"
  11. I disagree by BigDaddy · · Score: 5, Informative
    I think you misinterpret the the goals of the Honeypot project. These people aren't doing it to market some super system, but rather to provide information about actual cracking techniques to the Whitehat community. They regularly have "competitions" where people analyze various types of attacks. I don't think these usually have prizes. The Honeypot project then provides all the information they have, in addition to the information uncovered by the participants.

    Perhaps you take a look at their site and some of their previous work before you assume an ulterior motive. The Honeypot project provides some really interesting looks into the minds of the Blackhat community.

    --
    You can't get a blue screen on a black and white monitor.