This year,
Kenshoto hosted the 2008
DefCon Capture-the-Flag
Qualifications
round, starting the evening of May 30th.
The Underminers (secretly Team 1@stPlace: @tlas, drb, jrod,
mezzendo, plato, psifertex, shiruken, wrffr), while having an automatic
spot in 2008 CTF, decided to play along with quals because it always
kicks so much ass. We hope our write-ups on this site will help anyone
interested in practicing or learning more for future CTF adventures.
Please send any errors, corrections, ideas, or flames to
Doc Brown. Thanks to RacerX, JetBoy, and the Sexy Pandas for
corrections, and Brandon Enright for the Forensics 500 walk-through, Sexy Pandas for the Binary Leetness 500 walk-through, and Routards for the Binary Leetness 400 walk-through. (Note that there are still some unfinished write-ups...)
The goal was to find a secret key associated with each challenge.
Below is the list of challenges, broken down by category, along with the
key that that was recovered once the challenge was solved so you can check
your work. Questions were made available by having the team with the highest
score select a new question to work on, forcing a certain level of serialization.
For challenges that require
a running server instance (e.g. Pwnables, Real World, and some Binary Leetness)
you'll use the server at *.allyourboxarebelongto.us. These services
may or may not be available, depending on Kenshoto's infrastructure. If
there is file available, you can run your own copy. (Most need FreeBSD 6.3.)
This year saw the removal of the Web services track and the addition of
"Real World", which was more like "Potent Pwnables part 2". They were
hugely fun, and while we'll miss "Web", "Real World" is a welcome change.
The walk-throughs are not finished; they'll trickle in. Here are the Kenshoto
official
results.