root-fu ; rise of the ninjas introduction to root-fu dcx -> interz0ne -> dc11 show me the...
TRANSCRIPT
![Page 1: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/1.jpg)
![Page 2: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/2.jpg)
Root-Fu ; Rise of the Ninjas
• Introduction to Root-Fu
• DCX -> interz0ne -> DC11
• Show me the sploitage!
• Rants, Raves, and Moving Forward
![Page 3: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/3.jpg)
Introduction to Root-Fu
• What is a hacker challenge?
• How it used to be…
• What is Root-Fu?
![Page 4: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/4.jpg)
What is a Hacking Challenge?
• What is a hacker?– Deep knowledge– Finding exploits– Breaking in– Fixing– Classical hacking
• Lock picking• Dumpster diving• Social Engineering• Phreaking
![Page 5: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/5.jpg)
What is hacking challenge?
How to test this in 2-3 days?– No script kiddy bull shit– Finding and developing exploits– Teamwork (WTF?)– Integration of classical hacking– Fast paced game
![Page 6: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/6.jpg)
What it used to be…
• Single network on switch/hub
• Teams hacked into random shit
• Goons scored game by hand, paper “flags”
• DOS, DOS, and DOS some more
• Bust out that script kiddy y0j0
• Palante BOFH, only fun part of CTF (8 million ;)
![Page 7: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/7.jpg)
What is Root-Fu?Goals of the Game
• Exercise multiple skills associated with hacking– Mix known exploits with on the spot analysis,
development, and usage of unknown vulnerabilities
– Try and follow “real world” if possible• Detection of attacks• Plugging security holes
– Work in classical skills
![Page 8: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/8.jpg)
What is Root-Fu?What does it look like?
• 1 common server distro– Gogo vmware
– Not platform dependent
• 8 NAT’d networks– Physical interfaces
galore
• Scoring system– Automated scoring
– Keep those distro’s up people!
• Scoreboard server– Neet’o visual
representation
– WTF does it all mean anyways?
![Page 9: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/9.jpg)
What is Root-Fu?The layout(add pics)
Red
OrangeYellow
Green
Router
DNSScoreSys
ScoreBoard
Proj.
Cable
![Page 10: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/10.jpg)
DCX -> interz0ne -> DC11
• Type of game
• Script Kiddie vs. Hacker
• Distractions
![Page 11: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/11.jpg)
Type of Game: DCX
• From FreeBSD to Redhat in 24 hrs– Distro Leaked?
• Known exploits ruled the day• Planted stuff largely over looked• Distractions
– Dumpster diving– Lockboxes– Information destruction– BSA audit
• Teamwork??
![Page 12: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/12.jpg)
Type of Game: interz0ne ii
• Re run of DCX game with new distro
• Unofficial game– Didn’t hit 4 team minimum– Stock distro as forth team
• Digital Revelation telecommutes
• Infrastructure issues– This is not the bandwidth you are looking for…
![Page 13: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/13.jpg)
Type of Game: DC11
• Move away from stock vulnerabilities– OpenBSD
– Unknown software
– Introducing vulnerabilities
• Application Centric• What distractions?
• Multiple roots per server
• Morphing flag keys– Unknown ownership
• Even more cryptic scoring
• State kills the reboot
![Page 14: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/14.jpg)
Script Kiddie vs. Hacker
• Show me the roots– Prior to Root-Fu, max
roots 6-7
– DCX – 15 wins the day
– DC11 – 42 wins, 12 average
• Actual on the spot exploit development occures (dc11)
• Defense– From rebooting to
securing
– Immunix ports to secure linux
– Patching in production
• Auditing of applications
![Page 15: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/15.jpg)
Distractions
• Dumpster diving
• Hard drive destruction
• Lock picking
• BSA Software audits
• Where did they go @ DC11?
![Page 16: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/16.jpg)
What we saw
• Exploits
• DOS
• Team Strategy
![Page 17: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/17.jpg)
Exploits
• Syslogd - Owning everyone, but no “root”s?
• Sql injection?
• Heh, I like mudz
• >> INSERT MORE CONTENT <<
![Page 18: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/18.jpg)
DOS
• Bandwidth
• Deleting mysql dbs
• Rm -rf /
• Tracking ‘em down…
![Page 19: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/19.jpg)
Team Strategy
• Getting there… much improvement from DCX
• A security team could still rule
![Page 20: Root-Fu ; Rise of the Ninjas Introduction to Root-Fu DCX -> interz0ne -> DC11 Show me the sploitage! Rants, Raves, and Moving Forward](https://reader036.vdocuments.mx/reader036/viewer/2022082610/56649f415503460f94c60506/html5/thumbnails/20.jpg)
Rants, Raves, and Moving Forward
• Is this hacking or admining?
• Nice graphics, but what does that thing say?
• Can we trust GHI to run a fair competition?
• Where are we going with this?