PaulDotCom mailing list archives
Capture The Flag At Louisville Infosec Conference Details
From: irongeek at irongeek.com (Adrian Crenshaw)
Date: Wed, 9 Sep 2009 13:24:03 -0400
As many of you know, I've been busy setting up a hacker war game for the Louisville Infosec conference <http://www.louisvilleinfosec.com/> on Oct 8th. The Louisville Infosec website has information about the CTF event on their site<http://www.louisvilleinfosec.com/index.php?option=com_content&view=article&id=13&Itemid=13>, which should be updated shortly. If you would like to compete please email the Conference Chair <chair at louisvilleinfosec.com>. If you use the code "irongeek" you get $20 off the admission fee for the conference. I believe the time frame is 9am to 3:30pm, but the position of the event should allow you to watch the keynotes, eat the included lunch and still, compete. What are the prizes? First prize is a Wi-Spy 2.4x Wireless Scanner! The second prize is a WD 320GB USB Hard Drive Third Prize is a Pico Mini USB 4GB (small enough to carry in your wallet) Scenario (subject to some change): The admins try to run their network as a tight ship, but you have been brought in to do a pentest. You know the admins have a Truecrypt volume out there with Personally Identifiable Information (PII). Your goal is to find it, and decrypt its contents till you get a list of names and Social Security Numbers. Little hints will be given via a comment wall on one of the web servers. To win points bring proof to the judge that the particular flag task has be completed.These are the "flags", and their point values: 0. Attach to the Wireless network (hint:CTF is in the name) and show the judge how you got the SSID. 15 points (Name will be given if you can't find it, but you won't be able to get points for it.) 1. Find the IP of the of the Windows box named WinCTF owned by IronGCorp, and list 3 or more open ports. 5 points 2. Find the IP of the x86 based Linux box ran by IronGCorp, and list 3 or more open ports. 5 points 3. What box are the admins running their Intranet site on, and what is the web server type/version? 5 point 4. What is the Windows box's (WinCTF) Administrator password? 10 points 5. What is the x86 Linux box's Root password? 5 points 6. Copy PII.tc (a true crypt volume) to your box. 10 points 7. Password to the PII.tc file. 10 points 8. Password to a non x86 based Linux box. 10 points 9. Password to a 7zip archive. 10 points 10 The decrypted PII.csv file. 25 points Highest point score at the end of the game wins. If two contestants have the same points at the end of the game, the first to accumulate their point total wins. Obviously, if you play as part of a team you have to figure out amongst yourselves how to split the prize. The winner will get up on stage and explain what he did when he picks up his prize. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090909/2aa6496b/attachment.htm
Current thread:
- Capture The Flag At Louisville Infosec Conference Details Adrian Crenshaw (Sep 09)
- Capture The Flag At Louisville Infosec Conference Details Arch Angel (Sep 09)
- Capture The Flag At Louisville Infosec Conference Details Adrian Crenshaw (Sep 10)
- Capture The Flag At Louisville Infosec Conference Details Arch Angel (Sep 09)