Palante's DEFCON 8 CTF server
Source: palante - Posted by Dave Wreski   
The system had the same account and password as last year. There was a trivial vulnerable program in the home directory, resulting in a root shell. The kernel had been modified to include a form of access control called DTE which . . . The system had the same account and password as last year. There was a trivial vulnerable program in the home directory, resulting in a root shell. The kernel had been modified to include a form of access control called DTE which is essentially a double labelling system. That root shell would not allow the flag to be planted but gave access to this year's "frustration machine" puzzle: an AF_UNIX socket to sshd, which was running in another compartment which allowed the flag to be planted. Gory details and pictures at http://www.subterrain.net/~palante/defcon8.html. Palante's server now voted best server for three years in CTF. Palante is on the program to speak at toorcon.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!