Challenge 2 Update

Please re-download the Steganography file from the original post.  The first one was corrupted.  It will now export with the proper lowercase key.

SecuraLabs Challenge #2

This time around we are giving away books!

The contest officially starts NOW and will run until 11:59PM on 11/19.  We will announce winners promptly after that.

Prizes will be awarded to 1st and 2nd place.  Everyone else who scores any amount of points will be entitled to a free sticker mailed to them if they so choose.

You can submit as many times as you wish.  Please do so under ONE email address.  The first person to hit maximum points will win 1st place.  The 2nd person to hit maximum points will be 2nd place.  If no contestant hits maximum points, we will take the highest two scores, in order of submission if there is a tie.

 

Submit to our [email protected]

 

1st place: @binarybitme, completed all 3 challenges and bonus points. Congrats!

2nd place: @zed_0xff, completed all 3 challenges and bonus points.  Congrats!

 

Part 1:  Packet Capture Analysis. (2 points)

Please download this file.  What is the name of exploit kit being used in this pcap (not the verison, you may include the entire string on that line)?  BONUS (1 point):  What is the CVE associated with this?

Part 2: Steganography (3 points)

Please download this file.  You’ll have to have the answer to part 1 in order to fully finish Part 2.  The decryption key will be the main name of the exploit kit all in lower case without spaces, and without the version or anything else on that line in the file (if you email us with what you think it is and it’s close enough i’ll confirm it).  Your answer should be the name of the person whose phone number isn’t like the others.  BONUS (1 point):  Answer the pre-recorded question by emailing us.

Part 3: Reverse Engineering (4 points)

Please download this file.

Submit a working key and serial.  BONUS (1 point): Write a working keygen with dynamic keys.

 

Thanks to Syngress and No Starch our winners will receive a book of their choosing!  We will provide instructions to the winners.

Derbycon Challenge and Attendance Wrap-Up

Hey folks,

This is a wee bit late but we wanted to post the answers to our challenge that we had up before Derbycon.  Fortunately for all, there were enough tickets that nobody actually needed ours.

We had a great time meeting folks and talking security, as well as meeting up with you, our valued listeners on Friday night at Bluegrass Brewing Company (along with fake Russell Crowe!).

Here are the answers to our challenge:

 

1.)  The phrase was “[email protected]” and was inside of a .txt file that was embedded into the PDF we made available.  I utilized a program called wbStego which I believe one or two people figured out and used to find the flag.

For #2 and #3, please see this zip file for the source to both.

2.) The username was user “Jonny Doe” and the password was “Louisville”

3.) The phrase was “I want my derbycon ticket!”.

Derbycon Ticket Challenge!

Challenge closed. tuts for solutions will be submitted soon.

Congrats to our winners who completed all the challenges.

  1. Andrew Fastow              – 13 points
  2. jgor     [email protected]      – 13 points

Thanks to all that participated

Look forward to seeing you next month for our #SecurabitChallenge

 

(Read More…)

Honeynet Forensic Challenge 2010: Challenge 1

The good folks over at The Honeynet Project have started posting challenges for this year after a long hiatus.

First up is the pcap packet trace located here.  The challenge involves analyzing the pcap file using whichever tools you are familiar with, and answering a series of questions in order to investigate what happened in the scenario.

Submissions must be sent in by 5pm EST on Monday, February 1st, 2010.