After performing the necessary information gathering you conclude that Qwerty Security Research owns the IP range 192.168.50.0/24 and 192.168.60.0/24. The URL of the web portal is at http://192.168.50.5
To prove that the CEO is not entirely correct regarding the security of the site, you have to achieve the following objectives:
- 1) Obtain the /etc/passwd file of any compromised *NIX systems.
2) Obtain the /etc/shadow file of any compromised *NIX systems.
3) Steal ALL credit card numbers from the web portal.
4) Plant a file <yourname>.txt in C:\ of the web portal.
1. Contestants may participate individually or in pairs. Participation will be limited to 50 participants.
2. Each participating team-pair or person is allowed to bring in only one notebook and is allocated only one network and power point.
3. Participants are expected to bring their own tools and exploits, as there may be no Internet access provided for them to download their tools.
4. Upon registration, each participant will be assigned a single IP address. Participants are not allowed to change their IP addresses or to spoof the IP/MAC addresses of another person.
5. Participation is open to registered delegates of the Black Hat Asia 2003 Briefings. To assure a seat for the CtF, email singapore at theyorkgroup.com
Participants will be judged based on their total score and the time they take to capture/plant the flags. The start time will be recorded for each participant during registration. This allows participants who arrive late to take part in the competition as well. At any time, the participants can declare that they want to end their game. The end time for every participant will be recorded.
The participant who successfully obtained the highest score within the shortest time will be the winner of the competition. The second and third place will be calculated as follows:
- second place = 2nd_max(score) and min(endTime startTime)
- third place = 3rd_max(score) and min(endTime startTime)
The time factor applies only if there are several participants with the same score.
The following rules ensure proper functioning of the competition. Participants that violate any of the following rules will be disqualified.
- 1. During the competition, there will be both scheduled and unscheduled Pit Stops. During the Pit Stops, all participants are required to leave the room and are only allowed to return at the end of the Pit Stop period.
2. No Denial of Service (DoS) attacks of any kind are to be launched.
3. No flooding of the network (e.g. UDP flood, smurf attacks).
4. No attacking or exploiting of other participant's systems.
5. No shutting down, disabling or patching of vulnerable systems.
6. No defacement or changing of the /etc/passwd and /etc/shadow files on vulnerable systems.
7. No harassment of other participants.
8. No planting or launching of worm, virus, or other destruction code.
9. No physical attacks are allowed.
10. No attacking or exploiting of network infrastructure devices, such as switches, routers, etc. (e.g. ARP cache poisoning, switch MAC table flooding and traffic re-routing are NOT allowed).
11. No changing, spoofing of IP addresses allowed. Participants must use the IP addresses assigned to them.
12. No changing, spoofing of MAC addresses allowed.
13. No removal of flags planted by other participants.