Hello,
As some of you may know I competed in the NetKofTH(Network King of the Hill) last year. But this year I had a better coordinated and better planned out stratedgy for the gameplay of the day during this competition. So without futher ado here is my writeup.
I have to give props to Adrian Crenshaw for an amazing competition setup once again I truly enjoyed the setup of this years network and cannot wait until next years competition. Also I would like to thank my competitors without you this competition each year wouldn't be nearly as exciting! Okay enough with the thanks time to get down to business.
The competition started out rather slow the first hour or two people were just scanning the boxes and trying to determine what exploits could be used to get root access to the machines on the network. My laptop has been repaired 3 weeks before this for a broken pc adapter and the adapter died again so my computer was out of commission. We only had Brandon Grindotti's laptop who was my teamate and Vice President of The Computer Security Group of IUS. So I immediatly booted backtrack up on his laptop and started hacking away at the machines on the network.
Joshua Atkins my Treasurer for our student group used his laptop to search for information and exploits that we could find for the machines on the network. Brandon had managed to get us a empty room very close to the NetKofTH competition. And Josh and Brandon kept swapping turns finding exploits and information for me while i was using backtrack to hack the machines.
I managed to get a meterpreter shell on the widnows box using the ms08_netapi exploit to hack the msrpc service on the machine. I migrated the meterpreter session immediatly to a critical system process that if shutdown restarts the computer. Thus preventing it from being easily killed by a opposing competitor. I then added multiple users and changed the password for the user i had hacked in the windows amchine.
I got a linux box through the vulnerable samba version. The same exploit that had worked last year worked this year for the linux box. I did allot of the same things to the linux box as the windows box. I then started to work on hacking the other boxes. Josh was checking the status of our pages and we notices Hackercon had gotten into one of our boxes. I then was stuck killing their process and replacing the website file for about the next hour or two till finally they reset it a few times changed root password and killed the vulnerable services and unrecognized services.
They started to gain on us and an hour before the competition was over they passed us in points. They got about 50 points ahead of us and 15 minutes before the competition was over when I finally decided to pull our last resort that the team uky last year had won using. To test if it was working I arpsoofed the router that was being scored to see if we would receive a point for it.
Low and behold the scoring box gave us a point for the router cause of our local apache server. So at that point I opened 7 more tabs and arp spoofed the remaining scored machines. In the period of 15 minutes we gained 120 points and got almost 100 points ahead of Hackercon before Adrian ended the competition and put static arp in place. His message was "I put static arp :)!!!!". But it was definatly exciting. Next year we will have even more tricks to pull cause were already coming up with new ways to win it :). I LOVED competing this year it was so high energy and fast paced it was amazing. I hope to see you all next year in a competition :).
No comments:
Post a Comment