Kudos to Sysdream, HZV, the organizers and all the people who made this event be possible.
We arrived at the NDH boat around 15PM and starting to talk, drink beers and meeting people we only knew virtually on IRC.
It was pretty awesome, we were surprised at how each others looks like but a it was pleasant surprise anyway.
Around 16PM, people started to queue up to enter the boat, we were greeted with 5 tickets for sandwiches or drinks (beeers! :) ).
And a pass depending on wheter you were a speaker, a guest or a challenger.
Challenger badge :
If I have two badges, it's because of the CTF ... more on that a little bit later.
I saw most of the conferences I was interested in in streaming so it was pretty much more like a huge bar with friends :) .
The talks were pretty much of good quality.
GeoHot talk was awesome, I was impressed by the "coolness" of the guy ... I mean, taking time to answer questions (even dumb ones), take pictures with the ones who want it and talk after the conference.
I wasn't prepared at all for the CTF as I didn't really intended to participate (and I was smoking dead and tired ><) but due to circonstances I had to replace a friend of ours in Beerware team. So I grabbed a Challenger Badge at the last minute ;).
The challenge was pretty much frustrating since as soon as a challenge is validated, no more teams can validate it. So we found some loophole and solutions but submitted them after the firsts so we couldn't validate some of the challenges.
Most of the challenges we saw were Web Based with some customs servers written (in Python and C). The C server had a buffer overflow in it. Did some reversing, steganography, forensics, crypto and others stuffs as well.
During the whole challenge there were DOS, I was disconnected every 5-10 minutes.
We had quite some opened ports :
* Windows 2003 Server VM
Nmap scan report for 192.168.3.x2 Host is up (0.00099s latency). Not shown: 984 closed ports PORT STATE SERVICE 25/tcp open smtp 80/tcp open http 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 1025/tcp open NFS-or-IIS 1026/tcp open LSA-or-nterm 1027/tcp open IIS 1028/tcp open unknown 1029/tcp open ms-lsa 3306/tcp open mysql 3389/tcp open ms-term-serv 6666/tcp open irc 8080/tcp open http-proxy 12345/tcp open netbus 31337/tcp open Elite Device type: general purpose Running: Microsoft Windows 2003 OS details: Microsoft Windows Server 2003 SP1 or SP2, Microsoft Windows Server 2003 SP2 Network Distance: 1 hop
Debian (Lenny) Linux VM :
Nmap scan report for 192.168.3.73 Host is up (0.00097s latency). Not shown: 988 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 82/tcp open xfer 113/tcp open auth 1234/tcp open hotline 2000/tcp filtered cisco-sccp 6666/tcp open irc 8080/tcp open http-proxy 8081/tcp open blackice-icecap 8083/tcp open unknown 8084/tcp open unknown 8090/tcp open unknown Device type: general purpose Running: Linux 2.6.X OS details: Linux 2.6.15 - 2.6.27 Network Distance: 1 hop
There were also some management servers I found while sweeping the sub-network (didn't have any rights to touch them or ban from the CTF) :
Nmap scan report for dashboard.ndh2010.com (192.168.3.160) Host is up (0.00053s latency). Not shown: 997 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 3306/tcp open mysql Device type: general purpose Running: Linux 2.6.X OS details: Linux 2.6.15 - 2.6.27 Network Distance: 1 hop Nmap scan report for 192.168.3.161 Host is up (0.00055s latency). Not shown: 994 closed ports PORT STATE SERVICE 22/tcp open ssh 111/tcp open rpcbind 902/tcp open iss-realsecure 8009/tcp open ajp13 8222/tcp open unknown 8333/tcp open unknown Device type: general purpose Running: Linux 2.6.X OS details: Linux 2.6.18 - 2.6.27 Network Distance: 1 hop Nmap scan report for 192.168.3.162 Host is up (0.00059s latency). Not shown: 996 closed ports PORT STATE SERVICE 22/tcp open ssh 80/tcp open http 111/tcp open rpcbind 3306/tcp open mysql Device type: general purpose Running: Linux 2.6.X OS details: Linux 2.6.15 - 2.6.27 Network Distance: 1 hop Nmap scan report for pfsense-1.ndh2010.com (192.168.3.254) Host is up (0.00074s latency). Not shown: 997 filtered ports PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 443/tcp open https Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port Device type: general purpose Running (JUST GUESSING) : Linux 2.6.X (91%) Aggressive OS guesses: Linux 2.6.29 (91%) No exact OS matches for host (test conditions non-ideal).
I didn't keep the other scans though.
We were quite lucky on this one, we avoided the first massive wave of DDOS. We got DOS during the whole challenge and particularly at the end (-6000 points in 5 minutes at some point), it got us downgraded from 1st to 2nd. Bye bye miami :(.
So the mid-results (was aroung 5:55AM) :
The CTF stopped at 6:45AM.
Final results :
1st : WWFamous
3rd : Kowalski
We then received our prizes :
The CTF participation certificate :
And our prize (ECSP - EC-Council Certified Secure Programmer formation) :
By the way, due to time limitation, I couldn't talk about my analysis on Orange HADOPI Software v1.
I will post my slides tonight as soon as I come back to my place ;).
Overall the NDH 2010 was pretty successful and enjoyable :) .
See you next year I hope.
For French speakers : I will post a French version as soon as I can.
- A better recume : http://www.lestutosdenico.com/evenements/nuit-du-hack-2010-compte-rendu