Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Hackeire 2011 who is going?

  • 10-10-2011 11:26am
    #1
    Registered Users Posts: 8


    Just wondering if there are and boards members going this year?

    Also would love to know what the challenges were last year...
    Does anyone have any info on this?


Comments

  • Registered Users Posts: 56 ✭✭PeterHughes


    Might just go and have a look if that's possible, think I am to much of an amateur to take part.

    Would love to see the first challenge they released but I think you have to enter to get a copy of it.


  • Registered Users, Registered Users 2 Posts: 8,813 ✭✭✭BaconZombie


    I'm not taking part in the CTF but should make it to the main IRISSCERT conference.


  • Closed Accounts Posts: 24 markofu


    There are no 'formal' solutions as such for last year because I was knackered after the event and stuff just got in the way so I never documented the solutions the way I did the first year. The solutions for 2009 are available on the www.iriss.ie website to all Iriss members (it's free). The first challenge is a reverse-engineering challenge involving de-obfuscation, debugging etc. It's actually really cool and should be good fun for the next few weeks for those competing in HackEire. I wouldn't worry about lack of perceived skills at the event, it's all about learning in an open environment, having fun and meeting/making new friends. You won't be embarrassed and I'd encourage everyone to give it a go and even HD Moore had to start somewhere (though not as low as most of us) ;-) More information is available at http://hackeire.blogspot.com, @hackeire or hackeire gmail com Hope that helps!


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Anyone got that binary for that first challenge?


  • Registered Users Posts: 8 endz


    Nope, still have not received anything either... (but only sent email 2 days ago)


  • Advertisement
  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    Actually as im not participating, markofu said he will send me on the challenge material after the event is over.


  • Closed Accounts Posts: 235 ✭✭The Outside Agency


    So what were the results of this year? Who won?
    Did you receive the binaries, Damo?


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    nivekd wrote: »
    Did you receive the binaries, Damo?

    no :-(


  • Closed Accounts Posts: 2 ExIrl


    Team "Bitbucket" (I think) won the event having completed 50% of all total objectives.


  • Closed Accounts Posts: 24 markofu


    Damo received the binary last week and is hopefully now thoroughly frustrated :)


  • Advertisement
  • Closed Accounts Posts: 235 ✭✭The Outside Agency


    Just curious but who solved the binary challenge and can anyone get a copy of it? if not, why not? :)


  • Closed Accounts Posts: 24 markofu


    "Why not?" - seriously?


  • Closed Accounts Posts: 235 ✭✭The Outside Agency


    "Why not?" - seriously?

    Yes, is that an unreasonable question?


  • Closed Accounts Posts: 24 markofu


    So despite running a CTF for free for three years, putting hundreds of hours into it, as well as a substantial amount of my money, made solutions available and blogged about it, I'm being unreasonable because I won't post the challenges to Boards?


  • Closed Accounts Posts: 441 ✭✭colin300


    Just like to say that I participated in the event as part of the CSDF-LYIT group.

    Was the best experience you could imagine and for that I have decided to set up a society in college that will prepare a group to go to next year’s Hackeire. Which I think is a true credit to Mark and the team for what they have achieved and done.

    For the pure amount of effort that was put in to it all I just have to say that I personally don't believe the challenges should be posted for one simple reason which is only 50% was achieved by the winners. If all the challenges are posted a whole new CTF would need to be designed and I don’t even know how the challenges would have any relevance unless the images used on each machine were released as well.

    No matter how much I would love them to be!!!!

    All I would ask though is that the since you know the challenges that were completed that you release them so I can have a good idea what to teach people in this society!!! :D

    Just remember if you want to take part in DEF-CON or Blackhat or any of the other CTF's you have to pay.

    Congrats Mark on an amazing event and one of the nicest guys around. A true testament to someone who has a passion for Computer Security!!!


  • Registered Users Posts: 367 ✭✭900913


    nivekd wrote: »
    Yes, is that an unreasonable question?
    markofu wrote: »
    So despite running a CTF for free for three years, putting hundreds of hours into it, as well as a substantial amount of my money, made solutions available and blogged about it, I'm being unreasonable because I won't post the challenges to Boards?


    nivekd never said you where being unreasonable, he asked was it an unreasonable question.


  • Closed Accounts Posts: 235 ✭✭The Outside Agency


    markofu wrote:
    So despite running a CTF for free for three years, putting hundreds of hours into it, as well as a substantial amount of my money, made solutions available and blogged about it, I'm being unreasonable because I won't post the challenges to Boards?

    *shakes head* :confused:

    As 900913 already mentioned, I never accused you of being unreasonable.

    The question of why nobody else could acquire the challenge seemed unreasonable to you because your response was "seriously?" as if surprised.

    I don't know your reasons for not releasing the challenge, maybe you explained them at the conference, but I wasn't there.

    Since the competition is now over, I didn't think it was a problem to release the challenge but if you don't want to, no problem.

    I just wanted to try solve it, that's all.


  • Registered Users, Registered Users 2 Posts: 576 ✭✭✭ifah


    markofu wrote: »
    So despite running a CTF for free for three years, putting hundreds of hours into it, as well as a substantial amount of my money, made solutions available and blogged about it, I'm being unreasonable because I won't post the challenges to Boards?

    Hi Mark,

    do you plan on using this setup again or will it ever be available (even on a subscription based model) outside of HackEire ?

    ta.


  • Closed Accounts Posts: 24 markofu


    Ok, I mis-understood.

    I didn't write this particular challenge but I won't be releasing it or any of the others outside of HackEire. I know that's going to piss people off and for that I'm sorry, but I spent too much time, money and effort on it. The complexity of the set-up rose dramatically this year and going forward, it's going to be difficult to manage such a set-up for free in my spare time. The infrastructure/set-up/applications need to evolve and change to reflect the security environment.

    I gave the challenge to Damo based on a conversation before HackEire and after he showed evidence of the substantial amount of challenges that he has donated himself. I've probably given folk a bat to beat me with but hey.

    Regarding the solutions, I did them for 2009 but for 2010, I didn't have time (job, family etc takes priority). I'll try to do some stuff for this year on the HackEire blog after Christmas.

    Regarding online access or future challenges, it's something I've thought about and I'm trying to come up with a solution for online but talking with folk that can provide the access for me to build such an infrastructure is challenging (on many facets). The other thing I'd worry about, is would there be interest? If I built HackEire online, would people pay for it to cover my time, support, development, infrastructure costs, administration etc - I'm not sure, especially given the current economic climate in Ireland. I can't afford to do a "Build it and they will come" though I would love to but I'd fear an empty class and big monthly bill from the colo company.

    Just wondering, why do people not come on the day? Is it that they don't have a team? They don't want to try it in public, i.e. would rather do it in their own privacy? They can't get a day off? Did people find out about it too late? Just not interested?


  • Registered Users, Registered Users 2 Posts: 576 ✭✭✭ifah


    Hi Mark,

    Thanks for the response - all makes sense.

    As for my non-attendance - I guess it's a mixture or being self-employed so it's an expensive day off for me, I'm working supporting some fairly critical systems so getting time away from them is harder too.
    Also I wouldn't have a team and would prob like to have a measure of myself and capabilities before trying this type of thing. Hacking Websites are probably my speciality as opposed to rooting servers / firewalls etc.


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 226 ✭✭GismoBaby


    On side with mark on this one! any guy who manages to put together a show like he did and manages to keep all his hair in the process deserves the right to keep his work and not have it broadcast on a public forum! :D


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    markofu wrote: »
    Damo received the binary last week and is hopefully now thoroughly frustrated :)

    Way too heavy for me! not a chance I will crack this.


  • Closed Accounts Posts: 235 ✭✭The Outside Agency


    markofu wrote:
    Just wondering, why do people not come on the day? Is it that they don't have a team? They don't want to try it in public, i.e. would rather do it in their own privacy? They can't get a day off? Did people find out about it too late? Just not interested?

    I attended the first one and actually spoke with you during one of the breaks, had to take couple of days off work and just couldn't do that the last 2 years.

    As for taking part, I've little to no knowledge of hacking web servers anymore so I wouldn't do well in most of the challenges.

    The RE/forensic challenges do interest me though.


  • Closed Accounts Posts: 2,267 ✭✭✭h57xiucj2z946q


    markofu, nivekd is really good at this sort of stuff, maybe he would find this challenge interesting. As for me, I don't think I will be able to solve it.


  • Closed Accounts Posts: 3,981 ✭✭✭[-0-]


    I would have went but I moved to the states.


Advertisement