In June 2010, 8 students from Temasek Polytechnic’s Diploma in Cyber & Digital Security (CDS) participated in the SyScan Capture the Flag (CTF) 2010 Competition held at Novotel Clarke Quay Hotel on 17 and 18 June 2010. The names of the 3 team from Temasek Polytechnic (TP) were Wizme, Hacktards and Unknown. Wizme and Hacktards were subsequently crowned the 1st and 2nd runner-up respectively.
The competition’s top prize of $10,000 attracted many industry professionals and polytechnics students. In total, out of 12 teams that participated in the competition, 9 teams were from the polytechnics including TP. The remaining 3 teams comprised of IT security professionals from the industry.
Members of Wizme (front row) & Hacktards (back row) (click to enlarge)
According to the rules, each team can have up to a maximum of 5 members but only 3 of them can participate in the competition simultaneously. VMware vSphere, a cloud operating system was used for the competition. Each team were given similar platforms which consisted of a variety of operating systems such as Debian Linux, Ubuntu Linux, CentOS, SuSE Linux, Windows XP, Windows 2003 Server and Cisco IOS. These platforms were hosts to many applications/services such as the Apache web server, Microsoft IIS, MySQL server, DNS, FTP, Squid web proxy, Microsoft-ds and SSH. In addition, these platforms were protected by firewalls such as iptables and Cisco PIX firewalls.
The objective of each team was to secure their platforms and at the same time capture “flags” from their opponents. Every team were given a script (dubbed the “phonehome” script) which they have to plant in their opponents systems. The script will then send a signal to the scoring server at the organizer’s end signalling a successful compromise.
The objective of each team was to secure their platforms and at the same time capture “flags” from their opponents. Every team were given a script (dubbed the “phonehome” script) which they have to plant in their opponents systems. The script will then send a signal to the scoring server at the organizer’s end signalling a successful compromise.
Competitors working hard at their workstations (click to enlarge)
On the first day of the competition, everyone wasted no time in setting up their workstations at their respective stations. The atmosphere was extremely tense as cyber attackers prepare their tools to commence their attempts to infiltrate their opponents’ systems. Meanwhile, the cyber defenders were also hard at work managing their systems. There were so many operating systems, applications and services to defend. Time was scarce! For the first few hours, there wasn’t much activity among the teams as everyone is still in the midst of preparing their systems and probing their opponents’ systems for weaknesses. Then suddenly, in the early afternoon, apart from TP teams, everyone’s networks were compromised by Hacktards. The first salvo was launched and the cyber war has begun! This sudden change of events allowed the teams from TP to gain an early advantage.
A member of Hacktards having a field day after disabling the other teams firewalls (click to enlarge)
After several hours of struggle from all the other competing teams, the organizer decided to restore back the network defences for the affected teams as none of them were able to restore on their own and this left them nakedly open to attacks from the TP teams. Thank goodness that our CDS diploma course taught us how to manage and secure network! The first day of the competition ended with all 3 teams from TP holding the top 3 positions – Wizme, Unknown and Hackards. Morale among the teams was at a high as they left Novotel Clarke Quay Hotel knowing that they had done a good job for the day.
The second day of the competition began with the same level of intensity in the atmosphere as the previous day. One of the few minor changes that the organizer made was to change the sitting positions among all teams in order to prevent them from collaboration. However, this time round, there was a drastic change of events. Out of the blue, the entire network was suddenly DoS (Denial of Service). The network traffic congestion was so severe that all the various attackers from each team were unable to launch their attacks.
As the day dragged on, more and more attacks surfaced on each team’s system. One of the more popular ones included an exploit carried out with the help of an exploit tool found in BackTrack. This exploit was carried out on the Windows XP system which was one of the operating systems each team had to defend.
Various teams from TP trying to mitigate the network traffic congestions (click to enlarge)
Near the end of the day, Hacktards discovered to their horrors that there was a widespread infiltration in almost every team systems including theirs. It was a most frantic and frustrating moment as there was insufficient time to clean the systems and launched new attacks. Arggh!!!
When the dust settled, the competition finally ended with Wizme in 2nd place and Hacktards in the 3rd position. Philosophically, we felt proud to have won the second and third position in the competition, especially when we have to face IT security professionals who had years of experience. But from the turn of event we experienced in the competition, we truly learnt that we cannot be complacent in security. The competition had been truly an eye-opening experience for us especially when we have to practice and improvise on what we learned in our diploma course. This is not the end…we will be back again next year!
This article is contributed by Neo Jie Xiang who is the President of TP’s AiSP Student Chapter. He is currently a Year 2 student studying the Diploma in Cyber and Digital Security and was a member of Hacktards.
Team Wizme (1st Runner-up)
(Left to right: Koh Ming Hao, Koh Jun Xiang, Yeo Keng Lin Cleve and Lim Cher Hui)
(click to enlarge)
Team Hacktards (2nd Runner-up)
(Left to right: Kester Yeo Jia Jun, Ngyuen Quy Hoang, Teh Kaiwen and Neo Jie Xiang)
(click to enlarge)
