moth/doc/ideas.txt

35 lines
1.1 KiB
Plaintext
Raw Normal View History

2010-09-07 14:18:39 -06:00
Ideas for puzzles
=================
* Bootable image with FreeDOS, Linux, Inferno? HURD?
* Bury puzzles in various weird locations within each OS
* Maybe put some in the boot loader, too
* Perhaps have some sort of network puzzle as well
* Network treasure hunt
* DHCP option
* Single TCP RST with token in payload
* Multiple TCP RST with different payloads
2010-10-21 16:06:24 -06:00
* http://10.0.0.2/token
* PXE boot some sort of points-gathering client
* Init asks for a team hash, and starts awarding points
* Broken startup scripts, when fixed award more points
* Lots of remote exploits
2010-10-21 16:06:24 -06:00
* "qemu -net socket" vpn thingy and then...
* sfxrar packed with upx. Change an instruction so it won't actually
execute.
2010-10-28 16:59:35 -06:00
* pwnables: have scp log passwords somewhere
2010-10-21 16:06:24 -06:00
Capture the Packet
------------------
* Jim Meilander could teach a class about Bro
* Use qemu -net socket,connect=10.0.0.2:5399 for capture the packet
2011-02-12 20:25:34 -07:00
From Jed Crandell
-----------------
* Have password easily read, must determine username with stack
examination (like in printf category)
* Use %600000u%n to write an arbitrary value to a location in
stack, then jump to that location somehow.