Category Archives: Uncategorized

NCDC 2019 — Scenario Release Announcement

The moment you’ve all been waiting for is finally here — remote setup has officially opened! At this time, you may begin accessing our environment and setting up your systems. 

Blue team folder link:

https://drive.google.com/drive/folders/1T7kvbxd7u7RUacCkfY-TG-jHWhVLiD8G

Remember, you can always contact us for help by email at cdc_support@iastate.edu or over chat at setup.iseage.org or on the public IRC server, soon to be announced!

NOTE: please put your school/university in the ‘organization’ field on iScore. 

Have fun getting started!

Cheers,
Sean Hinchee

NCDC 2019 — Kickoff and Scenario Release Announcement

*NCDC LODGING DISCOUNTS AVAILABLE HERE*

Hello,

My name is Sean Hinchee and I am your director for the 2019 Iowa State University National CDC (NCDC). This page details everything your school needs to know about signing up for the NCDC, so be sure to read through it all!

Scenario:

Note that this video is NOT representative of the official scenario document and may be subject to change.

Important Dates: The following list contains dates relevant to the NCDC.

  1. Approximately, Friday, January 5th: Remote setup will open (it may open sooner or later)
  2.  12:00 Noon – 10:00 PM, Friday, February 1: On-site setup at Iowa State
  3. 7:00 AM, Saturday, February 2: Doors open before attack phase
  4. 8:00 AM – 4:00 PM, Saturday, February 2: Attack phase
  5. 4:10 PM, Saturday, February 2: Awards and debriefing

Signing up: All 4-year universities in the U.S., a select number of community colleges, and all of the top three teams from the Fall ISU CDC are all invited to sign up and compete in the NCDC. ISEAGE is placing a firm cap of 25 teams for this competition. The list of teams competing is generated on a first-come, first-serve basis with respect to the time your school signed up.

Each school, whether it be 4-year or community college, is allowed to send exactly one team of up to eight student competitors to represent their school. Extra teams under the same school will be removed if extra teams signup.

Once signup closes, an email will go out (and we will post on cdc.iseage.org) with the exact list of teams competing.

Each competitor needs to sign up and join their school’s team, which the captain can create. Please be sure to label your “Organization” as your school’s name upon team creation. Signup closes on January 3rd, 2019 at 11:59PM. Head to https://signup.iseage.org/ to get started.

Lodging/Travel: The competition takes place in Coover Hall on the Iowa State Campus in Ames, Iowa. A separate email will be sent out in the next two weeks regarding hotel event/conference discount rates. ISEAGE does not accommodate for lodging or travel and it is the responsibility of teams to handle this themselves.

Livestream: ISEAGE will be livestreaming the on-site setup and attack phase of the NCDC on https://twitch.tv/iseage – feel free to share the link with anyone who wants to tune into the event.

Questions: Any and all CDC-related questions must be sent to cdc_support@iastate.edu

We will be detailing ISEAGE staff support methods in further emails just before the remote setup phase begins.

ISEAGE is proud to present the 2019 Iowa State University National CDC and we hope to see your school competing.

Cheers,
Sean Hinchee

NCDC2016 Super Anomaly

 

Download tarball

As promised, here is a master tarball of everything that went in to the long, CTF-inspired challenge anomaly. This anomaly was inspired by 1o57’s Badge Challenges at DEFCON. You can find write-ups http://potatohatsecurity.tumblr.com/post/126411303994/defcon-23-badge-challenge, http://elegin.com/dc22/, http://elegin.com/dc21/, http://elegin.com/dc20/.

Some notes:

Each tar seems to extract differently with different tar implementations.

The phone numbers only worked on ISEPhone. Wav files are included for what the phones would play. The “Synthesized Voice” stage read off the given data in hex.

On the competition network, 199.100.123.123 served the password binary. verysecret.isucdc.net served the initial breadcrumb tarball.

There was an access point in the Armory. The phone number lead to the SSTV wav.

The AP had a captive portal. In the captive portal, there were HTML comments giving instructions to submit the answer on red paper.

-Jake

 

— Spoilers below —

The password binary had an unused function in the function table. Calling this function gives extra clues, and the name was a clue as well.

The first PDF could be extracted as a tar.gz. its_dangerous_to_go_alone was also a tar.gz.

verysecret.space is the “very secret.space”