200 likes | 299 Views
Root-Fu ; Rise of the Ninjas. Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward. Introduction to Root-Fu. What is a hacker challenge? How it used to be… What is Root-Fu?. What is a Hacking Challenge?. What is a hacker?
E N D
Root-Fu ; Rise of the Ninjas • Introduction to Root-Fu • DCX -> interz0ne -> DC11 • Show me the sploitage! • Rants, Raves, and Moving Forward
Introduction to Root-Fu • What is a hacker challenge? • How it used to be… • What is Root-Fu?
What is a Hacking Challenge? • What is a hacker? • Deep knowledge • Finding exploits • Breaking in • Fixing • Classical hacking • Lock picking • Dumpster diving • Social Engineering • Phreaking
What is hacking challenge? How to test this in 2-3 days? • No script kiddy bull shit • Finding and developing exploits • Teamwork (WTF?) • Integration of classical hacking • Fast paced game
What it used to be… • Single network on switch/hub • Teams hacked into random shit • Goons scored game by hand, paper “flags” • DOS, DOS, and DOS some more • Bust out that script kiddy y0j0 • Palante BOFH, only fun part of CTF (8 million ;)
What is Root-Fu?Goals of the Game • Exercise multiple skills associated with hacking • Mix known exploits with on the spot analysis, development, and usage of unknown vulnerabilities • Try and follow “real world” if possible • Detection of attacks • Plugging security holes • Work in classical skills
1 common server distro Gogo vmware Not platform dependent 8 NAT’d networks Physical interfaces galore Scoring system Automated scoring Keep those distro’s up people! Scoreboard server Neet’o visual representation WTF does it all mean anyways? What is Root-Fu?What does it look like?
What is Root-Fu?The layout(add pics) Green Orange Yellow Proj. Router Score Board Red Cable DNS Score Sys
DCX -> interz0ne -> DC11 • Type of game • Script Kiddie vs. Hacker • Distractions
Type of Game: DCX • From FreeBSD to Redhat in 24 hrs • Distro Leaked? • Known exploits ruled the day • Planted stuff largely over looked • Distractions • Dumpster diving • Lockboxes • Information destruction • BSA audit • Teamwork??
Type of Game: interz0ne ii • Re run of DCX game with new distro • Unofficial game • Didn’t hit 4 team minimum • Stock distro as forth team • Digital Revelation telecommutes • Infrastructure issues • This is not the bandwidth you are looking for…
Move away from stock vulnerabilities OpenBSD Unknown software Introducing vulnerabilities Application Centric What distractions? Multiple roots per server Morphing flag keys Unknown ownership Even more cryptic scoring State kills the reboot Type of Game: DC11
Show me the roots Prior to Root-Fu, max roots 6-7 DCX – 15 wins the day DC11 – 42 wins, 12 average Actual on the spot exploit development occures (dc11) Defense From rebooting to securing Immunix ports to secure linux Patching in production Auditing of applications Script Kiddie vs. Hacker
Distractions • Dumpster diving • Hard drive destruction • Lock picking • BSA Software audits • Where did they go @ DC11?
What we saw • Exploits • DOS • Team Strategy
Exploits • Syslogd - Owning everyone, but no “root”s? • Sql injection? • Heh, I like mudz • >> INSERT MORE CONTENT <<
DOS • Bandwidth • Deleting mysql dbs • Rm -rf / • Tracking ‘em down…
Team Strategy • Getting there… much improvement from DCX • A security team could still rule
Rants, Raves, and Moving Forward • Is this hacking or admining? • Nice graphics, but what does that thing say? • Can we trust GHI to run a fair competition? • Where are we going with this?