Harri Sinnelä
Labs / 03 Sep 2015

Nixu team in Cyberlympics 2015

Harri Sinnelä

“One of our operatives was on a mission and a Government Organization that wishes to remain un-named took him into custody. However, we have eyes and ears everywhere and deep within this organization we have an insider. The forensic group apparently took the laptop and a few other articles into possession and our insider is sending you a copy of the material.
Why would we send it to you? We are recruiting another team. We have to assume this one taken into custody is now compromised.
We need to know what the organization is going to find out about us and how we operate. A list of questions that are going to be asked has been provided to you as well. With that being said, we already know many of these answers, so we can tell you right away whether you are right or wrong. Those that measure up to the task will be invited to Round 2 of this recruiting effort. Stay alert, and expect another email soon. We¹ll tell you where to go retrieve the information.”


1st Round 14th Aug, 2015

This was the scenario set for the Cyberlympics 2015 round 1, which took place mid-August. For those of you who have not heard about it, Cyberlympics is international infosec competition containing tasks requiring both offensive and defensive security skills and it consists of qualification rounds done per continent and the finals gathering continent champions. Nixu participated in Cyberlympics for the third time this year with two teams, one consisting of our full time specialists and one gathered from our Summer Trainees.

The first qualification round this year followed the tradition on previous years and was all about forensics. In the beginning of the competition we received data dumps and set of questions / challenge to find answer during the four hour time window. Every answer was called as token and they were in specific form waiting to be found. While some of the challenges were really easy (find the right file from the system), some of those were trickier. The challenges involved for example investigating memory dumps, reverse engineering malware behavior and tracking obfuscated communication. We got stuck for a while with one of the challenges which actually blocked our progress for more than an hour and while we found plenty of tokens, none of those seemed to match the required one. After small desperation moment we finally found the answer for the question and were able to speed up. After this particular question we were able to send already gathered tokens to the system solving one third of the items in less than 15 minutes. In total our team of specialist solved 22 challenges out of 23. Our Summer Trainee team achieved also excellent score solving their way till last challenges. This score got us to the 4th place in Europe for first round (only 5 out of tens of teams survived the cut.

2nd Round 21st August, 2015

The second round took place week later late Friday night. This time background story was that we were supposed to prove our skills by penetrating as many hosts as possible within the four hours window. New challenges were released during the round based on the progress. The very first hosts were extremely easy as the readymade exploits worked fine against them. But then the game went tricky. Rest of the targets were not straightforward in any sense, hardened well and even once we got access to the systems by breaking the passwords or exploiting services the systems had many tricks on their sleeves to hinder us down. For some of the challenges one even needed data from round 1. Eventually we were able to get barely enough tokens to survive the cut. Four teams proceeded to the last round, we being included:

Photo: Harri Sinnelä

And the 3rd Round

The last round was played on last Friday of the August, again late night. The theme of the night was web applications and services and the game went in similar fashion as last time – challenges were released one by one. This time everything went much easier and faster than in first round and we got many of the challenges solved quickly. The tasks required multiple different techniques such as SQL injections to dump the data and gain unauthorized access, writing custom exploits, figuring out the passwords from the collected data, solving non-traditional encoding, bypassing authorizations in apps and similar. One thing we noticed during the game was that the scoring did not always match our experience of the required skill. Some, from our point, easy ones scored high scores and some we battled for longer periods only gave fraction of points. Really simple forced browsing gave 500 points and write the exploit gave 250. It might also be that we solved some challenges in unnecessary complex ways – you never know.  Unfortunately for us, the last one we solved was less than a minute overtime and thus we got 9 out 12 challenges acceptably solved. Once the official results came out it turned out that our final position in this year game was 3rd place in Europe wide results. Podium place is not that bad considering that traditionally the Europe has been highest scoring continent but still it leaves a bit bitter aftertaste. We’ll get you next time!