/ctfs/ecw (european cyber week) - 2020/final/preview

Australia !

The Final was on november the 18th. At the End we were ranked: 9

This was my first CTF in team. I enjoyed this experience. Let me tell you a bit more...

The scenario

After the COVID19 crisis, in order for democratic life to resume all its rights, states have massively adopted electronic voting reducing the health risk. However, while presidential elections are being held simultaneously in several countries around the world, converging information circulating on the Dark Web suggests that groups of hackers are organizing to disrupt them. Simple act of piracy or interference? Faced with this risk, Europol’s intelligence services alerted the various states concerned.

Your mission:

You have been included to strengthen the security of the electronic voting infrastructures of the 12 states and to ensure the smooth running of their elections.

• You start your mission directly connected inside the oversight operations center of a voting infrastructure for which you are responsible.

• You have to:
- Map the site's network in order to identify the various services and any vulnerabilities.
- Take back control of systems compromised by attackers and report them.
- Strengthen the security of connected infrastructures.

let's get started

So you got it, we had to map the whole network to discover the machines that had the challenges.
Here is our topology of the network:

Here's another one from the Brazil team, thanks to onosh:

Each team had 3 sub-networks visible by the others and 1 "private" network.
Each network had a bunch of system with challenges on it.

Once a team had flag a challenge, they could flag all the same challenges on other teams networks.
One more rule, if a team was able to flag all the same challenges, their flag became "protected", it means, other teams could not flag it anymore.

So each time you had finish a challenge, you needed to find all the machines with the same challenge, and then, make a little script to flag them all.

"Hey Australia what are you doing ?!"

We have not really well started the CTF, we took too much time to find other machines, the network was really huge, so findind the challenges was our first big difficulty. But once we had mapped the network, we were not that bad and we have catch up two or three other teams. I focused myself on the web challenges, particularly on "Online voting". I'll add a Write Up on this one don't worry.

Finally not that BAD

So I can finally say that for my first team CTF I am proud of my team and of what we have done.
I'd like to thanks @Airbus and the admins to have make this cool CTF in such a situation. I also wanna thanks Kn0wledge, Radion and Shirø to have been such cool/good team mates.