Previous LeaderBoard
- CDT L. Duffey - 675 **
- CDT M. Ward - 575
- CDT J. Martin - 250
- CDT A. Eubanks - 250
- CDT S. Roy - 200
- CDT M. Weigand - 150
- CDT R. Mossman - 100
- CDT E. Ring - 50
Previous Challenges
-001 Hex an Image.
-002 Officer head up.
-003 Where is Dan?
-004 Snake at home.
-005 Dump Twitter
-006 Decrypt Mr. Twitter
-A0 Buff3r 0verFl0wM3
-007 Become Social
-008 G00gleM3
- 009 M3taDat@
- 010 Covert Communications
- 011 Wh3re @m I?
The Ultimate Hacker!
The ultimate hacker is a new event this year for SIGSAC. Check back often as we will have lots of hacker challenges, puzzles, and cryptograms for you to solve. If you solve any of them send an email to MAJ OConnor. Periodically, we will award prizes to the Ultimate Hacker . We will soon have a new PHP submission system online. Check back frequently.
The Ultimate Hacker - The Second Semester
Standby for some exciting challenges this second semester (Spring 2010). Last year, Cadet L Duffey brought home the bacon with an impressive and close fought victory over Cadet Ward. We reset the scores this semester. Can anybody knock Duffey off the podium? First challenge will be released very soon. Keep checking back.
The Final Challenge
The final challenge was issued this morning at 0600 and solved 24 minutes later by Cadet L. Duffey for the title. To earn the title of the ultimate hacker, Cadet Duffey reverse engineered an md5 hash of 577221639e0d35fac17b66dcd141962c to a cadet xNumber. Who does the xNumber belong to?
Wh3re @m I?
Images tell us a lot about ourselves. Information like lighting can tell us where the sun is setting in reference to a picture. We can even figure out time of day. Analysts in buildings far away do things like this. Tell me what you see in this image. Hint - Look for the door exif. For the big points, tell me what time of day and where this image was taken. Look hard.
Covert Communications
Often, attacks have a necessity to hide right in plain sight. This is the art of covert communications. The packet dump for this challenge contains a hidden message. Let me know what is and its worth 100 points and bragging rights. For more clues, take a look at some code here
M3taDat@
Often our files contain information that is hidden in the metadata table. This information is often useful to know who created a file, the version history, or the last printer used to print the document even. In this challenge, all you have to do is tell me the contents of the file located M3taDat@. Some tools like Foca are great at extracting metadata. But I wouldn't make it that easy for you. Instead, you may need to go commandline or stay to the right side of the click to find more info. Once you get into the file, tell me what the image is a picture of for 75 points.
Google Me
You'll have to wait on the Google Search Engine to crawl across our site for this one. But hidden somewhere in a directory is a file called passlist.txt. Find it, tell me what movie the quote is from and its worth 100 points. Good Luck.
B3c0me S0ci@l
This challenge is so 3@sy, we'll even give you the password! There is a password located here to a website. Look in the network dump here to find the username and website. Login and post a message and then mail us for 75 points! Good luck.
Buff3r OverFl0wM3
The following challenge requires the use of VMware. You can use the VMware Software on any of the lab machines to solve this challenge. Do not use on your cadet issued computer that is connected to the network. This challenge is worth up to 150 points per compromise. Bottom line up front, you have to compromise the machine and tell me whats in the secret.txt file in your directory. Username and password to login is notroot/password. Creative compromises are worth more points. For the first compromise, you may wish to grep for pwnage (**hint**) or quit studying history.
06 Decrypt Mr. Twitter
In this challenge, you get a username and a hash of a user's password. The username is ultHacker. The password... well that is the challenge. See if you can figure it out. You can earn extra points by posting a respectful but creative post here. Remember who you are representing when you do that. (75 points for the password - up to 25 more for a creative post).
