Dailydave mailing list archives
Re: DefCon CTF
From: Jared DeMott <jdemott () crucialsecurity com>
Date: Thu, 14 Aug 2008 16:01:32 -0400
Doc Brown wrote:
Ya, from what I saw (and from what ChrisEagle said) skewl just brought out all the horses. With a 26 man team (to our 8-10) they were overpoweringly strong, and led by the master CE to bring down the house RE style. For the last couple years we've rocked as a balanced team and mastered things like automation, counter attack, defense, inline-snorting, and of course DRB with the RE power -- but this year more than ever break through points (first to RE and exploit a vul) was key -- score quick, score often. If the game stays the same, bringing a small army of reversers is possibly a strong road to success, especially if you've mastered the personal issues of large teams, and understand the rest of the game as well. Skewl rocks, and they deserved to win. I'm not at all suggesting that numbers was the only reason they won. Though, I wonder if Kenshoto will try and address the large team approach? I'm really not sure much can be done there, so I guess it's just one strategic approach? CE trains folks that move on to gov and industry, so now when he raises a call to arms, he can muster a sizable team that we might have trouble matching. Though, I suppose we could try that approach as well. I doubt we will though, I think our team has always felt that sleek and tight was better than big. Though if you tighten up big ... perhaps (obviously) you yield greater production?On Wed, Aug 13, 2008 at 04:47:01PM -0400, Dave Aitel wrote:One thing that was interesting this year at Defcon was CTF, which was a bit of a blowout, even though the game itself was reasonably fair and there were lots of good teams competing. At some point it would be cool if school of root (the winning team) posted how they did it.Team 1@stPlace enjoyed our 2 year winning streak, but we got sch00led hard. :) I couldn't be happier to lose[0] to them, though. As an outside observer of their team for many years, I think that SoR finally overcame the classic "too many people" problems and didn't step all over themselves like has happened for many teams over the years with more people than can sit at the CTF tables. Additionally, I think Kenshoto also raised the bar on the reversing, which gave a (well-deserved) advantage to the stronger reversers. I'm sure CollabREate[1] didn't hurt SoR either. As a quick list, I'd say this year the main difference seemed to be very well considered custom shellcode, excellent automation and tracking, strong network defense, and some additional tricks that we have some theories about. I'd love to hear more details too. :) -Doc
jrod
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- DefCON NOP Redux Dave Aitel (Aug 13)
- Re: DefCON NOP Redux Anthony Lineberry (Aug 14)
- Re: DefCON NOP Redux Brandon Enright (Aug 14)
- Re: DefCON NOP Redux RB (Aug 15)
- Re: DefCON NOP Redux Brandon Enright (Aug 14)
- Re: DefCon CTF (was: DefCON NOP Redux) Doc Brown (Aug 14)
- Re: DefCon CTF Jared DeMott (Aug 14)
- Re: DefCon CTF Chris Eagle (Aug 15)
- Re: DefCon CTF Red Dragon (Aug 15)
- Re: DefCon CTF Chris Eagle (Aug 15)
- Re: DefCon CTF jesse michael (Aug 15)
- Re: DefCon CTF Doc Brown (Aug 15)
- Re: DefCon CTF Jason Lewis (Aug 16)
- Re: DefCon CTF Jared DeMott (Aug 14)
- Re: DefCON NOP Redux Anthony Lineberry (Aug 14)
- Re: DefCon CTF Doc Brown (Aug 15)
- Re: DefCon CTF Holt Sorenson (Aug 16)
- Re: DefCon CTF Chris Eagle (Aug 16)