2014/03/07

Tracer Fire 5 Series: Part 1.0 (Intro)

by InterDimensional_Shambler
Categories: Analysis
Tags: , ,
Comments: Leave a Comment

Background:

If you are not familiar with Los Alamos National Laboratories’ “Tracer FIRE” events there is an ample description here: http://csr.lanl.gov/tf/. Basically it’s a week-long event with various infosec/IT puzzles (primarily focused on forensics) & brain-busters that cover (but are not limited to):

  • Encryption / Encoding
  • Malware Analysis / Reverse Engineering / De obfuscation
  • Host / Network Forensics
  • Incident Response / Coordination
  • Others (That I’m forgetting)

(This is where my memory might not be completely accurate, please correct me on anything and I’ll update accordingly) Tracer Fire 5 was the first year that the “main portion” of the puzzles were open online (to the public). I believe all it required was ONE of your team members to register. Some of the puzzle categories  not open to the public (DOE only) and some of the categories were hosted in a different way (the host category was time-based I think, and the wopr category was a cool interactive flash game-style puzzle). It was hosted by “dirtbags” their website is: http://dirtbags.net/ctf/2013-02-TF5/ The puzzle categories did play off of each other sometimes (like hints inside of a puzzle for a similar puzzle in another category).
There was also an IRC channel somewhere (that I was not a part of) that had supervision (like when there were errors found, questions to be asked, etc).

 Categories:

Here is a list of the categories and a semi-accurate description:

  • js (Javascript debugging/de obfuscation/reversing)
  • sequence (Pattern Analysis)
  • steg (Steganography; this category had been compiled incorrectly and all the answers were incorrect)
  • proto (Encryption)
  • indy (This was sort of the misc category and it included puzzles from all categories)
  • turbo (Malware Reverse Engineering; I think this was the time-based category where once you started it there was a timer, I did not participate personally in this category)
  • host (Host Forensics; I think this one might have been the category that you either had to  pre-qualify for or was not open to the public…)
  • wopr (This was an interactive app where it simulated hacking into a missile launch app where performing different scenarios would get you tokens for points)
  • codebreaking (This had to do with decoding/decrypting)

When a puzzle was completed (by ANYONE) in one of the categories it would unlock the next puzzle in that category. When the puzzle had been completely unlocked it would have a star next to it. I cannot remember how the categories “unlocked” it was either:

  • They unlocked based upon a timer.
  • They unlocked a new category on a certain puzzle being completed

You can still get to the example puzzles here: http://hack.dirtbags.net/puzzles.html

Scoring:

So each of the puzzles had a number that represented how many points that puzzle was worth. (Ex: steg3 was worth3 steg points). I think each puzzle held a certain percentage to its category, and each category was worth the same amount at 100% as the other categories. To enter an answer you user your team’s UID and it would assign the points to your team. There was also hidden tokens throughout the event. You can see the final scoreboard here: http://dirtbags.net/ctf/2013-02-TF5/scoreboard.html Unfortunately I do not have ALL the samples from TF5; but I do have the following (which I’ll be covering)

  • Code
    • Code1
    • Code2
    • Code4
    • Code5
    • Code7
    • Code8
    • Code20
  • Indy
    • Indy7
    • Indy8
    • Indy12
    • Indy15
    • Indy16
    • Indy17
    • Indy25
    • Indy37
    • Indy57
    • Indy60
    • Indy90
    • Indy120
    • Indy150
    • Indy180
    • Indy240
    • Indy250
    • Indy480
  • Proto
    • Proto40
    • Proto100
    • Proto1000
    • Proto2000
    • Proto5000
  • Sequence
    • Sequence8
    • Sequence16
    • Sequence19
    • Sequence25
    • Sequence35
    • Sequence50
    • Sequence100
    • Sequence200
    • Sequence300
    • Sequence400
    • Sequence500
    • Sequence600
    • Sequence700
    • Sequence740
    • Sequence800
    • Sequence1000
    • Sequence2000
    • Sequence3000
    • Sequence4000
  • Steg
    • Steg3
    • Steg10
    • Steg20
  • Turbo
    • Turbo10

Leave a Reply

Your email address will not be published. Required fields are marked *



Today is Monday
2018/01/22