Dec 11, 2010
A week ago a team of the University Ulm participated in the iCTF-Contest, held by the University of Santa Barbara.
The iCaptureTheFlag Contest is held every year. This year 72 universities (900 students!) participated in the worldwide contest.
All universities are connected in a closed network where a special contest scenario is set up. This year the scenario was that some dictator of a fictional world ‘Litya’ set up a worldwide botnet. The goal was to score points by attacking services of Litya while at the same time maintaining your bot. If your bot went down you were locked out of the botnet, which meant no access to the botnet-servers.
A team could lose points by attacking the wrong services at the wrong time or if the bot was not active. The bot itself was an virtual machine image of which every team got the same one.
Since it was legitimate to attack other teams there were several suspicious incidents like our server machine with the bot suddenly shutting down. Since all the teams had the same image (same ssh keys…) it makes the contest pretty interesting.
I also noticed that there was a suspicious Twitter-Account claiming to give hints, well the hints didn’t make any sense at all :).
Probably another team giving wrong informations.
Besides this there were so called side-challenges in which you could score money. The scenario implied that you could get locked out of the botnet if you attacked wrong services, so with money you could for example buy you back in.
There was a challenge on generating valid credit card numbers for a given owner or challenges on calculating private RSA keys for example. While solving some challenges I once more noticed how incredibly helpful it is to be fit in UNIX, Shell-Scripting and Scripting in general (python, ruby, etc.). It makes your life a whole lot easier!
In the end we managed to achieve place 9/73 — which is a great success!
I had a whole lot of fun and hope to participate next year again!
Thanks to the Prof. Giovanni Vigna and his team. They did a great job on setting up the environment. There were many great details (for example a site in the closed network ‘LityaLeaks’ that leaked informations about the botnet or a site ‘LityaBook’ enabling XSS attacks).