Recently I participated in India’s first Capture the Flag style hacking challenge, InCTF. 160 teams from all over India participated in the CTF contest. Each team consisted of at most 5 members.
The finals of the event was really fun. We had real reach machines on the network connected through a VPN. The scores are based on attacking other machines, defending, giving ethical advisories. Scores are based on Flags submission. Flags can be captured from vulnerable services on machines of other teams.
Each team is given a vulnerable virtual image of a GNU/Linux system with four services. We have to patch it to prevent others attacking and capturing flag from our host. We have to exploit other’s services and capture the flag.
The most exciting part of the game was that, we exploited a service called therasus and got a root shell.
We did rm -rf / on many machines of oponents and had fun watching their systems getting down :D
My team r00tkit had only two members, my friend Syamlal and I. It was the first time we were participating for a realtime CTF event.
We reached second position in the hacking challenge.
Good work Team BIOS, CTF organizers.
For more see, http://inctf.amrita.ac.in/