EP001
Detailed Writeup coming soon... :)
.+:::::::::::::::::::::::::::::::::::::::::/
.//`+++++++++++++++++++++++++++++++++++++// s
-+/.h+..................................-os s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h/ ss s
-+/.h+ ss s
-++-yo////////////////////////////////////y`s
-+o-:--------------------------::::-:://:---s
-+/ :-.: +:oo- s
-+/```````````````````````````````````:-````s
./o//////////+o:::::::::::::::::s+/////////::
``://////////+s:::::::::::::::::y+/////////:.
s .::::/osso::::. .+
`.y +yyyyhNNNmyyyy+ .+
`:h:::::/+:::::::::::::+:///////////////////+--------------------
.o s s::::::::::::s.+ - +
-/y .o s ::::::::::::oss+::.+
`-y .o y `+//: .+
`.+/y/::/+:::::::::::::+:::::::::::::::::++:.
`////////////////////////////////////:/.
A few weeks before the launch of the CTF Challenge, Google approached me to see if I could create some designs for them.
Since I had to sign an NDA, I will not publish any details regarding the collaboration or other internals here.
However, I got a promise that I can publish my first sketches and drafts.
The designers at google thought these were cool, but in the end, after many rounds of feedback, a completely different result came out.
Nevertheless, I would like to show my drafts of the badges in hacking.art style.
colored badges
As I said before, after a really good and constructive collaboration, I created designs for the badges (and for a number of other things like headings, other sketches, etc.) that had a completely different style.
However, since I really only did the ACSII art for the badges and the animations plus minor customizations were added by Google, I didn't know at launch time what my work would ultimately look like in production use.
And the problem is that the badges are a reward and only become visible when the challenges are solved.
Finally, there was only one thing left for me to do, to see my own design live in action. I had to hack Google...
Detailed Writeup coming soon... :)
:^ ^:
^&Y: :J&^
PM&G7^ GOOGLE CTF .~JG&MB
:&MMMM#PJ!^. PRESENTS .~?P&MMMMM~
^BMMMMMMMM#BGY!^. .^7YG#MMMMMMMM?
The first of these .J#MMMMMMMMMMMM#P?^ .^7YG&MMMMMMMMMMMB! T.A.G. has called
new teams was the .!P&MMMMMMMMMMMMMBY^ .!5#MMMMMMMMMMMMMMG7. the world’s attention
Threat Analysis Group, ^?^:~YG&MMMMMMMMMMMMG! ^5&MMMMMMMMMMMMM#P?^^^ to and helped stop
where the world’s ?MMM#? .~?5B&MMMMMMMMMG: .5MMMMMMMMMMM&BY7^.^YBMM? some of the most insidious
best intelligence 5MMMMJ. .~JP#MMMMMM&^ :BMMMMMMM&GY7^. .JMMMM5 and consequential
analysts use PMMM#^ .^~!!^::~Y#MMMM#..#MMMMMGJ!^^~!~^: ~#MMMP threats to Google,
Google scale 7MMMM~ .?B&&###&##5~.7BMMMY?MMM&Y^~YB&&###&&#J^ ~MMMM7 it’s users and
technology to .#MMMP 7&MG7:....^J#MG: ?&M&&MMY. 5MMY~.....!5MMY PMMM#. the internet
identify and ^MMMMJ 7MM? ?GBBP~ .PM#. ^#MM&~ PM#^ :5B#BY. ~&MY JMMMM^ at large.
counter state ^MMMM5 PM# JMMMMMM^ ^MM! ^&M~ :MM? .#MMMMMG 5M#. 5MMMM^
based threats. BMMMM^ JM&^ ^GMMM&Y JMM^ Y5 .#MP ?#MMM#! .BMG ^MMMMB. Helping secure everyone
~MMMMB: .PM&?. :^^. ^5MM? :: ~#MG~ ^~: !BMB: :BMMMM! from global election
?MMMM&7 !GM&G5YYPBM&5^ .Y#M#P5Y5G&M#? 7&MMMM? officials to everyday
~BMMMMB?: :!J5P5Y?~. ^?Y5P5Y7: :?BMMMMB~ Gmail users.
.?#MMMMMB5?!~^^^~7J5BP: :PB5J7~^^^~!?5BMMMMM#?.
!P#MMMMMMMMMMMMMMMM#! !#MMMMMMMMMMMMMMMM&P!
~#5!..~JP#MMMMMMMMMMMMMMY YMMMMMMMMMMMMMM#GJ~..~5B:
PMMM&GJ~^:^!?YPGB#&MMMMMMG::GMMMMMM&#BGPY?!^::~JP#MMMJ
^MMMMMMMM#. .:!?YG#MM&&MM#GY?!:. ^&MMMMMMM#.
.: 5MMMMMMMM7 .:~77~:. YMMMMMMMM? :
7MP?:^MMMMMMMM5 :J???! :J???!. .7777: !???~ ^!J? BMMMMMMM#.^?G&^
PMMM&#MMMMMMM#. !M5!7~ ~MJ 7M5:&5 #&^P# PMJ 7!#&. ^MMMMMMMM#MMMMJ
:&MMMMMMMMMMMM! !M5!7~ ~MPJYY:~MG YM~#& !M5 G&. JMMMMMMMMMMMMB
?MMMMMMMMMMMM5 ~#5?J7 ^#! ?GJ?P7 ~PY?5Y. ?JGBY7 GMMMMMMMMMMMM~
:J~. PMMMMMM##MMMB. ^&MMMB#MMMMMMY .!J
:MM#5&&&&MM#:.!5#~ HACK1NG GOOGL3 ?#Y~ ~MMM&&#M#.
^MMMMMMM&&&! ?M&&MMMMMM#.
^MMMMMMMMMY CHAMPION GMMMMMMMM#.
^MMM#?P&MB. :&M#5?MMM#.
^MMM7 .7^ xxx USERNAME xxx ~!. YMM#.
^MMP .BM#.
^M&: ~M&.
^M7 Y&.
~5 .G:
:: ^.
........... ............ ............ ...........
###############B########B5^ << GET / HTTP/1.1" 200 179132 "-" "curl/7 >> ^5B########################
MMMMMMMMMMMMMMMMMMMMMMMMMM#.<< GET /main.jsp HTTP/1.1" 404 5600 "-" " >>.BMMM&&&MMM&&&MMM&&&MMMMMMMM
MMMMMMMMMMM&&MMMB555GMMMMM&:<< GET /pools HTTP/1.1" 301 535 "-" "curl >>:&MMMP55#M&P5P&M&P5P&MMMMMMM
MMMMMMMMM&MMMMMM!GMG~&MMMM&:<< GET /docs/cplugError.html/ HTTP/1.1" 3 >>:&MMMP55#M&P5P&M&PPP&MMMMMMM
MMMMMMMMMMMMMMMM#5P5BMMMMM&:<< POST /scripts/WPnBr.dll HTTP/1.1" 404 >>:&MMMPP5#M&PPP&M&PPP&MMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMM#.<< GET /?=PHPE9568F36-D428-11d2-A769-00AA >>.#MMMM&&MMM&&&MMMM&MMMMMMMMM
&BBBBBBBBBBBBBBBBBBBBBBBGY: << POST /sdk HTTP/1.1" 404 5600 "-" "curl >> :YGBBBBBBBBBBBBBBBBBBBBBBB&
B << GET /robots.txt HTTP/1.1" 301 545 "-" >> B
&55555555555555555555555Y7. << GET /HNAP1 HTTP/1.1" 301 535 "-" "curl >> .7Y55555555555555555555555&
MMMMMMMMMMMMMMMMMMMMMMMMMMG << GET /favicon.ico HTTP/1.1" 301 547 "-" >> GMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMMMMMMM&GPG&MMMMM&:<< GET /?=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B >>:&MMMGPP#M&PPP&M&PPG&M&MMMMM
MMMMMMMMMMMMMMMM!P&G!&MMMM&:<< GET /start.jhtml HTTP/1.1" 404 5600 "- >>:&MMMP55#M&P5P&M&P5P&MMMMMMM
MMMMMMMMMMMMMMMMPYPY5MMMMM&:<< HEAD / HTTP/1.1" 200 5422 "-" "curl/7. >>:&MMMGPP#M&PPP&M&PPP&MMMMMMM
MMMMMMMMMMMMMMMMMM&MMMMMMM&.<< GET /Portal/Portal.mwsl HTTP/1.1" 404 >>.&MMM##B&MM###MM&BB#MMMMMMMM
MMMMM&MMMMMMMMMMMMMMMMMMM#7 << GET /inicio.asp HTTP/1.1" 301 545 "-" >> 7#MMMMMMMMMMMMMMMMMMMMMMMMM
A software bug is an error, flaw or PMMMMMMMMMP MAIN GMMMMMMMMMP
fault in the design, development or .!?5#MMMMM#: PRIZE !MMMMMM&BPJ~
operation of computer software that .BMMMMMB^ EP002 7&MMMMM5.
causes it to produce an incorrect or 7&MMMMMM&5^ .~5MMMMMMMP
unexpected result, or to behave in GMMMMMMMMMMMB5?!!!!!?5BMMMMMMMMMMB^
unintended ways. ?&MM&##&MMMMMMMMMMMMMMMMMMMMMMMMMB^
The process of finding and correcting bugs :!~:..:5MMMMMMMMMMMMMMMM#!^^~7Y?.
is termed "debugging" and often uses formal ~MMMMMMBPPGMMMMMM!
techniques or tools to pinpoint bugs. ^B&MM#7. !BMMM#^
.^!: :7~^.
Bugs in software can arise from ..
mistakes .:::..... ~P#B7. ........
and .^^~~~~^:. ::^^~!?7^~GMMMMM#7~!?77!!~. .:^~~~!~~~^.
e JPB#MMMMMMMM&#BG5Y7!^:. .^JY?G#G&MMMMMMM&GB#JYJ~.. .:^!7YPGB#&MMMMMMMMM#B57:
r !BMMMMMMMMMMMMMMMMMMMMMM&#G5J7!^. !MMMMMMMMMMM#: .^~~7J5G#&MMMMMMMMMMMMMMMMMMMMMM&5.
r ^GMMMMMMMMMMMMMMMMMMMMMMMMMMMM&#GY7^GMMMMMMMMMMMMP^7YG#&MMMMMMMMMMMMMMMMMMMMMMMMMMMM#7
o Y#MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM5:
rs .?#MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM&5^
made in .7P#MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM#?:
inter- .^?JJ?JPB&MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM&P5PP?~^.
pretation ~#MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMY
:5#MMMMMMMMMMMMMMMMMMMMMMMMMMMCMMMMMM&MMMMMMMMMMMMMMMMMMM&G~ .:^~~!!!.
In 1946, when .~JGB&&MMMMMMMMMMMMMB&MMMMMHMMMMMM&?MMMMMMMMMMMMM&&BGY!: 5&&MMMMMM5
Hopper was released .:^^~~7J5BMM&MB~#MMMMMMAMMMMMM^JM#&&#PJ7!!~::. ^MMMMMMMMMMY.
from active duty, she .:::5: #MMMMMMMMMMMM&. J~.:. YMMMMMMMMMMMP:
joined the Harvard Faculty ^~ GMMMMMMPMMMMMB .~ !Y?^. ^&MMMMMMMMMMMM#J!^:^
at the Computation Laboratory .: 7MMMMMMIMMMMMJ .: .?BMMMM#P?^.. .^J&MMMMMMMMMMMMMMMMM&M
where she continued her work on the PMMMMMOMMMM#. .J#MMMMMMMMMM&#B#MMMMMMMMMMMMMMMMMMMMMM
Mark II and Mark III. Operators traced ~MMMMMNMMMM? ^&MMMMMMMMMMMMMMMMMM&#BP55YYJYY5PG#&MMM
an error in the Mark II to a moth trapped PMMMMMMMM#. ~&MMMMMMMMMMMMM#P?!:. .:~?5
in a relay, coining the term bug. :BMMMMMMM7 !&MMMMMMMMMG?^.
This bug was carefully removed :&MMMMM! JMMMMMM&Y^
and taped ~BMMB~ GMMMM&Y:
:^!7~ to the .!^: .55. ^5MMMMG^ +\\\\ GOOGLE
.!JPBMMMMMY. log !BMMMBG57~. ^77?Y5PGBMMMMM5 |
~MMMMMMMMMM#7 ^PMMMMMMMMMM~ ^MMMMMMMMMMMMM5 +---< CTF >-------+
7MMMMMMMMMMMMP~: .^J&MMMMMMMMMMM~ 5MMMMMMMMMMMMB. |
7MMMMMMMMMMMMMM&BGG#MMMMMMMMMMMMMM~ .&MMMMMMMMMMMM~ +--------[ PRESENTS: ]--+
YMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMJ :G&MMMMMMMMMMB |
&MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM&7. :^: :!YBMMMMMMMP |
MMMMMMMMMMMMMM&&&&&&&MMMMMMMMMMMMMMMBY7~~?J5G#&M&J. :?#MMMMG +----[[[ HACK1NG
MMMMMMM#GY?!~^::...::^~!?5G#MMMMMMMMMMMMMMMMMMMMMMB~ ^&MMM#.
MMM&P?^ .^?P&MMMMMMMMMMMMMMMMMMMMY BMMMM? GOOGL3 ]]]----+
MG7. ?????J?. ^????7~. .7GMMMMMMMMMMMMMMMMMMJ .YMMMMM&: -------------------------+
^ PM5!!!!. ?MB77Y&G: ~PMMMMMMMMMMMMMMP^ :J#MMMMMMMB.
5M5,,,, 7M5 :#M~ ~BMMMMMMMMMM&? ~Y&MMMMMMMMMMB^ EP002 CHAMPION
5MP???7 7M#5PGP! YMMMMMMMMM! .#MMMMMMMMMMMMM&7
5MJ.... ?MP: JMMMMMMMM: ^&MMMMMMMMMMMMMMB7
?P55555. !P? YMMMMMMMG^ ^#MMMMMMMMMMMMMMMB?:
~?JJ7. .!JJ?~ .!JJJ7b. BMMMMMMMMGJ7^. .YP5YJJ?77JGMMMMMM&G?^.
:G#?~7B#! 7#G!~J&G: 75?!J&#D ?MMMMMMMMMMMM&B5J. ~#MMMMMMMM#PJ7~:.. ..:^!JP#
5M? 'B&B:##: '#MJ /&&D ^MMMMMMMMMMMMMMMM~ !MMMMMMMMMMMMMM&#BBBBBB#&&MMMMM
GMP ~&B~&#P JMY :Y#P^ ^MMMMMMMMMMMMMMMM~ ?MMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
7&&! PM? 5MP ~##^ !Y&B7;;; ~MMMMMMMMMMMMMMMM~ BMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
~YP5P5~ *5P5P7* #GP55PPJ 5MMMMMMMMMMMMM#BP: ~MMMMMMMMMMMM#5J?J5#MMMMMMMMMMMM
:&MMMMMMMM#GY7~: ^P&MMMMMMMMG7. .J&MMMMMMMMMM
$$$$$$&: 5$$$$$$$$P :&$$$$$$$$$P. G$$$$$$$$
$$$$$$$? Y$$$$$$$$! GOOGLE CTF PRESENTS :G$$$$$$$$#7 :&$$$$$$$$
$$$$$$$B ~P&$$$$$&: !&$$$$$$#P7. J$$$$$$$$$
$$$$$$$$! :7JP#&#: HACK1NG GOOGL3 :$$$##B5!. :&$$$$$$$$$
$$$$$$$$G :$$' 'P$B' G$$$$$$$$$$
$$$$$$$$$! ?$$$$$$$$$$$
$$$$$$$$$B. .PGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGGP. :#$$$$$$$$$$$
$$$$$$$$$$J :$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$: Y$$$$$$$$$$$$
$$$$$$$$$$$~ ?#BBBGBBBBBBBBBBBBBGGGGGGBBBBBBBBBBBBBBBBBBBBBGBBB#? :&$$$$$$$$$$$$
$$$$$$$$$$$#: :?7!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!7?: 5$$$$$$$$$$$$$
$$$$$$$$$$$$B. :&$!::::::::::::::::::::::::::::::::::::::!$&: :$$$$$$$$$$$$$$
$$$$$$$$$$$$$G. G$? ?$G G$$$$$$$$$$$$$$
$$$$$$$$$$$$$$G. ~$#. .#$~ Y$$$$$$$$$$$$$$$
J&$$$$$$$$$$$$$B: J$5 5$J :P$$$$$$$$$$$$$$P~
:P$$$$$$$$$$$$$&~ J$Y Y$J :#$$$$$$$$$$$$&5:
~G$$$$$$$$$$$$$J !$G G$7 :#$$$$$$$$$$$#J:
!G$$$$$$$$$$$$G: .B$7 7$B. .B$$$$$$$$$$B?. :
~G$$$$$$$$$$$&7 :&$! !$&: .P$$$$$$$$$G! ~P$
:5&$$$$$$$$$$P: :#$J 000000000000 J$#: :G$$$$$$$&P~ !G$$$
:?B$$$$$$$$$&? .Y$B! 000000000000000000000000000. !B$Y. !#$$$$$$&Y: .7B$$$$$
~Y#$$$$$$$$G: :P$G~ 0000000000000000000000000# ~G$P: .Y$$$$$$B?. .?#$$$$$$$
What if .!5&$$$$$$$Y. :P$G 000000000000000000000000 G$P: :B$$$$$G! :J#$$$$$$$$$
the biggest .!5#$$$$$#7 :5&B 00000000000000000000 B&5: 7&$$$$P~ :Y&$$$$$$$$$$$
risk to a Google .~JG#$$$G! :5&B 0000000000000000 B&5: .5$$$&5: ~P$$$$$$$$$$$$B5
user isn’t a Google .:7PBB! :Y&B:000000000000:B&Y: !B$$#J: :?G$$$$$$$$$&BY!:
product? $$$$$$$$B5?~. :Y&B.00000000.B&Y: .5$$#?. :?G$$$$$$$$&BY!:
.:~!7JPB&$$$$$$$$&GY!: :Y&B.0000.B&Y: .P$&?. ~P&$$$$$$&GY!:
.:~!?Y5PB#&&$$$P :P$.00.$P: ::: 5$$$&##GJ~.
'''' .&$00$&. P$$:''
.~!:: p5$5115$5b
.~J#$$$J pY$$7 11 ?#$Yb ~5JJ~::
.7P#$$$$P: pY$#7 11 ?#&Yb !&$$$&&5:
.!P&$$$$$G~ pY$#7 22 ?#$Yb :5$$$$$&5:
:Y#$$$$$$#7 pY$#7 22 ?#$Yb 7&$$$$$&5:
.!G$$$$$$$$5: p5$#7 22 ?#&Yb :G$$$$$$$5:
.?#$$$$$$$$&! pP$B7 22 !B$Pb J$$$$$$$$5:
:J&$$$$$$$$$G: pP$B! 33 !B$Pb ~#$$$$$$$&Y:
:Y&$$$$$$$$$$Y pY$#! 33 !#$Yb :G$$$$$$$$&?
.?&$$$$$$$$$$$? pB$7 33 ?$Bb .P$$$$$$$$$B~
#$$$$$$$$$$$&~ p&$! .333333. !$&b P$$$$$$$$$$J
$$$$$$$$$$$B: :B$7 .444444444444444444444444. ?$B: P$$$$$$$$$$G:
$$$$$$$$$$G. !$G .555555555555555555555555555555. G$! .B$$$$$$$$$$#~
$$$$$$$$$5 J$Y 6666666666666666666666666666666666 Y$J ~$$$$$$$$$$$$!
$$$$$$$$Y J$5 .777777777777777777777777777777777777. 5$J G$$$$$$$$$$$$7
$$$$$$$Y .$$$. :$#. :888888888888888888888888888888888888: .#$: !$$$$$$$$$$$$$!
$$$$$$G !#$$$~ G$? 999999999999999999999999999999999999 ?$G .#$$$$$$$$$$$$&
$$$$$&: 7$$$$&. :&&\..##################################../&#: Y$$$$$$$$$$$$$
$$$$$? ~$$$$$B :!?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN?!: ~$$$$$$$$$$$$$
$$$$G :&$$$$$G .~J============================================J~. .#$$$$$$$$$$$$
$$$&: G$$$$$$G .############## ##############. :$$$: P$$$$$$$$$$$$
$$$Y J$$$$$$$B :############ EP0005 ############: ?$$$G 7$$$$$$$$$$$$
$$#. :&$$$$$$$&. P$$$$J :$$$$$$$$$$$$
$$? Y$$$$$$$$$! CHAMPION .#$$$$$~ .#$$$$$$$$$$$
$B .#$$$$$$$$$5 ~$$$$$$G G$$$$$$$$$$$
$7 ~$$$$$$$$$$&: xxx USERNAME xxx B$$$$$$$: Y$$$$$$$$$$$
B. J$$$$$$$$$$$5 Y$$$$$$$$? 7$$$$$$$$$$$
7 5$$$$$$$$$$$$! 7$$$$$$$$$Y :$$$$$$$$$$$
..:^:.
!!!~~!7?!.................
.5:P&&&&&M&&&&&&&&&&&&&&&&#?
:~?5GGGG##&MMMMMMMMMMMMMMMM&&MMMM&J
Our state of the art network :?5B&MMMMMMMMMMMMMMMMB?P#MMMMMMBJ!^::.
infrastructure prevents the ?&MMMM&G5?!~~!J&MMMMMMB^..^JG&MMMM&BY~
vast majority of the thousands 7MMMMY^. .?G&MMMMMMMMM&G?. .!YB&MMM&:
of attacks launched at Google .#MMMP .Y&MMMMMMMMMMMMMMM&Y :!J?^
every day. .&MMM7 .BMMMMMMMMMMMMMMMMMMMG.
.&MMM5 5MMMMMMMMMMMMMMMMMMMMMY
But when persistent attackers ?MMMMB?::&MMMMMMMMMMMMMMMMMMMMM#
get through, they will be met ^PMMMMM#MMMMMMMMMMMMMMMMMMMMMM#.
by an around the clock, around ^?G&MMMMMMMMMMMMMMMMMMMMMMMMMBBGG5?!:
the world team that detects .:7&MMMMMMMMMMMMMMMMMMMMMMMMMMMMM&BY~
and responds to any and all .&M&##################M#~~!?5G&MMMMG~
perceived threats. Finding the :&M~ ................^M# :7GMMMMJ
attacker, stopping them, :&M^ :&#. ?MMMM!
booting them out, and fixing :&M^ :&#. PMMM#.
the vulnerability that got them :&M^ :&#. ~MMMM!
in so that our users :&M^ :&#. .#MMM?
and their data :&M^ :&#. .&MMMJ
stay secure. :&M^ :&# ~PMMMM~
^&MBGGGGGGGGGGGGGGGGGGM#~^!!??J5#MMMM&J
:^!?JJ5PPGBB##MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM#P7:
!5B&MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM#BBGP55J?~.
!GMMMM&BP5YJ?7!!~^~&MMMMMMMMMMMMMMMMMMMMM#.
:PMMMMG!. :&MMMMMMMMMMMMMMMMMMMMM#.
PMMM&! :&MMMMMMMMMMMMMMMMMMMMM#.
^MMMM7 :&MMMMMMMMMMMMMMMMMMMMM#.
~MMMM^ :&MMMMMMMMMMMMMMMMMMMMM#.
:&MMM5. :MMMMMMMMMMMMMMMMMMMMMM#.
:~^ !&MMM#YJ?7777~: Y&MMMMMMMMMMMMMMMMMMM&Y
.BM&^ ~MMMMMMMMMMGJ!. .^^^^^^^^^^^^^^^^^^^:
:!^ 7MMMMMMMP^ 7YYJ?7~^..
~#MMMM&. YMMMMMMMM&#BGPY7:
.~77!: ^P&MM&: 5MMMMMMMMMMMMMMM&Y. ~5GB
?#MMMM&P. :75B5: .!J5PGGGBB##&MMMMMP YMMMM
~MMMMMMMM5 :: ..:YMMMM^ 7Y7 BMMMM
:BMMMMMM&! 7MMMM~ .BMB: ^GMMM
!5GGPJ: ~MMMM#. . :~!
PY?!: ~JPJ^ :#MMM&! ~JPBBBPJ^ ^7!. ..
MMMM&G? !MMMMG .:. .BMMMM! 7BMMMMMMMMMP. JMMMB. :JB###P!
MMMMMMMG: . .YGBP~ !P#&&B?^ .PMMMMM^YMMMMMMMMMMMMP!?JJ?!: 5MMMB..#MMMMMMMJ
MMMMMMMM&: ~5B##GJ: JMMMMMMMM5 ~MMMMMM5MMMMMMMMMMMMMMMMMMMM&B?. ^~^ ^MMMMMMMM5
MMMMMMMMM5 ?MMMMMMM#: .!YPGPJBMMMMMMMMM5?MMMMMMMMMMMMMMMMMMM&MMMMMMMMMM#! :^~!!~: ~G&MMM#J ~
MMMMMMMMMP YMMMMMMMM^ ~BMMMMMMMMMMMMMMMMMBMMMMMMMMMMMMMMMM#P?BMMMMMMMMMMM&?JB&MMMMMMG?: .^^: ^GM
MMMMMMMMP. .Y#MMMMB! :&MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM&GJ~. :&MMMMMMMMMMMMMMMMMMMMMMMMM5: YMMM
MMMMM&B? .^~~: ~#BGGB#MMMMMMMMMMMMMMMMMMMMMMMMMMMMM#Y:.#MMMMMMMMMMMMMMMMMMMMMMMMMMM7 .GMMMM
!??7^: .^!!~:. .:^!?5#MMMMMMM&B5YY5B&MMMMMMMMMMMMM&YYMMMMMMMMMMMMMMMMMMMMMMMMMMMB 5MMMMM
^:. .~YB#MMMMM&BJ. ^JG#MMM&&#&MMMMMMBPPY7^.:?#MMMMMMMMMMMMM#&MMMMPPG#&MMMMMMMMMMMMMMMMM&7MMMMMM
MM7 ~#MMMMMMMMMMMMB~ .5MMMMMMMMMMMMMMMMMMMMMMMB7 :G&BGGG#MMMMMMMMMMMMGY^ :?PMMMMMMMMMMMMMMMJ5MMMMMM
M&:~&MMMMMMMMMM&BPP7 YMMMMMMMMMMMMMMMMMMMMMMMMMMY ..:~?J5BMMMMMMMMMMMMMMY ?#&&MMMMMMM#P5?.?5BMMMM
MM&MMMMMMMMMG?~...:^ GMMMMMMMMMMMMMMMMMMMMMMMMM#~ ~P&MMMMMMMMMMMMMMMMMMMMG. ^~~~!7Y57~!?YG###MMMMM
MMMMMMMMM&P~:~JP#&MM! JMMMMMMMMMMMMMMMMMMMMMMMMM7 JMMMMMMMMMMMMMMMMMMMMMMMM5 5M#B5?^ :PMMMMMMMMMMM
MMMMMMMMMB?5&MMMMMMM#?YMMMMMMMBB#&MMMMMMMMMMMMMMP~&MMMMMMMMMMMMMMMMMMMMMMMMM: GMMMMMM#J: :PMMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMG5YJ?77?5G#MMMMMMMM#MMMMMMMMMMMMMMMMMMMMMMMMMMP5MMMMMMMMM&J BMMMMMMMM
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM#P7: .^?GMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMBY#MMMMMMMM
In 2009, the Cybersecurity landscape was forever ~GY~
changed when Google’s network was attacked PAAAJ
by a foreign government looking to steal PAAAA~ Operation Aurora was a series of
its own citizens’ data. The historic :!5&AAAAG7^. cyber attacks conducted by
attack revolutionized Google’s .^?B&AAAAAAAAAA&GJ~ advanced persistent threats
approach to security and led .!P#AAAAAAAAAAAAAAAAAAY. such as the Elderwood Group
to the formation of highly :?G&AAAAAAAAAAAAAAAAAAAAAAB: based in Beijing, China,
specialized teams of elite J&AAAAAAAAAAAAAAAAAAAAAAAAAAP with ties to the People's
experts to stay ahead of 7AAAAAAAAAAAAAAAAAAAAAAAAAAAA#. Liberation Army.
the ever evolving threat ^&AAAAAAAAAAAAAAAAAAAAAAAAAAA#.
landscape. ~GAAAAA&B55#AAAAAAAAAAAAAAAAG First publicly disclosed by
~Y5?^. :BAAAAAAAAAAAAAAAAY Google on January 12, 2010,
:Y&AAAAAAAAAAAAAAAA#: in a blog post, the attacks
.!P&AAAAAAAAAAAAAAAAA&~ began in mid-2009 and
.J#AAAAAAAAAAAAAAAAAAA#~ continued through
^Y#AAAAAAAAAAAAAAAAAAAA5 December 2009.
^5AAAAAAAAAAAAAAAAAAAAAAA#Y^
?AAAAAAAAAAAAAAAAAAAAAAAAAAAJ
:?PAAAAAAAAAAAAAAAAAAAAAA#J:
:JBAAAAAAAAAAAAAAAAAG:
:7J7!GAAAAAAAAAAAAAAAAAG???7.
.7&AAAAAAAAAAAAAAAAAAAAAAAAAAA&L
.7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL
GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7
o-------------------=:::^&AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ:::=---------o
| o~~~~~~~~~~~~~~~~^^#####AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA#####~~~~~~~~~~|~o
| |o~~~~~~~~~~~~~~~~~#####AA AA#####----------|-|----o+
| || o---------------#####AA AA#####~~~~~^. .~| | ||
| || |. +~~~~~~~~~#####AA AA#####^^^:.:~!^.| | ||
| || |. || .!~~~~~#####AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA#####^^^^^^::^~| | ||
| || |\ || .| ......:::Y&AAAAAAAAAAAAAAAAAAAAAAAAAAAAAP:::......| :~~^::|:---||
:#:##:##: || .| :NAAAAAAAAAAAAAAAAAAAAAAAAAAN: .| \\ ##~~~~:::#
// || .| #NNAAAAAAAAAAAAAAAAAAAAAANN# .| \\ ##----:##
// :##:.| ## o########################o .| ##.
###: .. .| || // o |~:~ o o::| |.o | o~:##: .|. |.
### ##~~~~~~~## .| || // | | :! | |::| |.| | |~::~~\\ ###~\\ |.
##......:## .| || //~:.:~+ | :! | |::| |.| | |~: ~~\\ \\ |.
|. ### || //:.o---~=:| :! | |::| |.| | |~:\\ .\\~~~~~~~~~~~~~~|.
|. :| ||/.+~/ || |: | ?||? :|~..|:~~| :!~ /:\ | .
|. .| || .|: || .| | ?||? :| :~| | || ./ \. ##:~~~~#~~###
|. .| || .| || .| | ?||? :|. | # || ###:::### // '
|. ###~~~~~~### || .| || .| ?#??||? |: | || //
|. ###......### || .| || .| :#: || |: |:## || ##:~~~~~~//
+----------------## .| || .| || |: |:## || ##:~~~~~~+
## .| || .| || |: ||
.| || .|:##:.||. |: :##: o--------##:
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA //
###::BBBBBBBBBBBBGBGGBGGGGBBGGGBBBBGGBBBBBB?::###
| |
| ?#Y5P ~#7?G.5?~G:.G~!P ^G^?P |
| ~#Y?!..#JJ?.B: P~^B .B.7G ^B |
| ?P??P.!PJ^ ~YJ? 7JJ! ?JJ~ |
| |
| .......~AAAAAAAAAAAAAAAAAAAAAAAAAAA~....... |
###::~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~::###
+------------------------+
| EP003 MAIN PRIZE: | +-------------------+
| push GOOGLE | | |
| mov CTF +----------+ HACK1NG |
| cmp PRESENTS | | GOOGL3 +-------------+
+----------------://:----+ | | |
# hexdump ------=%% +-------------------+ |
+--------------://:-------------------------------------------------+ |
| 0000 EE EE EE EE | ...| •• | |
| 0010 EE EE EE EE | | ••• | |
| 0020 EE EE EE EE |...... | ••• | |
| 0030 EE EE EE EE | ..........| ••••• | |
| 0040 PP PP PP PP | ...| • ••••••••• | |
| 0050 PP PP PP PP |......... | ••• ••• ••••••• | |
| 0000 PP PP PP PP | ...| •• ••• •••••• | |
| 0010 PP PP PP PP | | ••••• ••• | |
| 0020 00 00 00 00 |...... | • ••••• •• | |
| 0030 00 00 00 00 | ..........| ••• ••• •• • •• •• | |
| 0040 00 00 00 00 | ...| ••••• •••••• ••••• •• | |
| 0050 00 00 00 00 |......... | •• • •••••••• • •••• | |
| 0000 00 00 00 00 | ...| ••• •••• •••••• ••• | |
| 0010 00 00 00 00 | | ••• •••••• ••••••• ••• | |
| 0020 33 33 33 33 |...... | •••• ••••• ••••••• •••• | |
| 0030 33 33 33 33 | ..........| •••• •••• ••••• •••• | |
| 0040 33 33 33 33 | ...| •••• •••• • •••••••••• | |
| 0050 33 33 33 33 |......... | ••••••••••••••••• | |
+-------------------------------------------------------------------+ |
// >>>> |
// >>>> USERNAME +-----------------+
// >>>> ****************** +---------://:----------+
// >>>> | |
function moreCool(){ | EP003 |
text({something}); | |
hacker = [] +-----------------------+
}
+--------------------------------------+
| hack_art: |
| push esi {__saved_esi} |
| mov esi, dword [esp+0x8 {arg1}] |
| mov eax, dword [esi] |
| cmp byte [eax+0x6], 0x0 |
| jne 0x403e25 |
+----------------://:------------------+
# hexdump ------=%%
+--------------://:-------------------------------------------------+
| 0000 EE EE EE EE | ...| •• |
| 0010 EE EE EE EE | | ••• |
| 0020 EE EE EE EE |...... | ••• |
| 0030 EE EE EE EE | ..........| ••••• |
| 0040 PP PP PP PP | ...| • ••••••••• |
| 0050 PP PP PP PP |......... | ••• ••• ••••••• |
| 0000 PP PP PP PP | ...| •• ••• •••••• |
| 0010 PP PP PP PP | | ••••• ••• |
| 0020 00 00 00 00 |...... | • ••••• •• |
| 0030 00 00 00 00 | ..........| ••• ••• •• • •• •• |
| 0040 00 00 00 00 | ...| ••••• •••••• ••••• •• |
| 0050 00 00 00 00 |......... | •• • •••••••• • •••• |
| 0000 00 00 00 00 | ...| ••• •••• •••••• ••• |
| 0010 00 00 00 00 | | ••• •••••• ••••••• ••• |
| 0020 33 33 33 33 |...... | •••• ••••• ••••••• •••• |
| 0030 33 33 33 33 | ..........| •••• •••• ••••• •••• |
| 0040 33 33 33 33 | ...| •••• •••• • •••••••••• |
| 0050 33 33 33 33 |......... | ••••••••••••••••• |
+-------------------------------------------------------------------+
#
# hexdump ════╗
╔═════════════╩═══════════════════════════════════════════════════════════╗
║ 0000 20 20 20 20 20 20 20 2 •• 20 20 20 20 e2 80 20 | ...|║
║ 0010 a2 a2 a2 0a 20 20 20 ••• 20 20 20 20 20 20 a2 |.... |║
║ 0020 a2 a2 a2 e2 80 a2 e2 ••• 0a 20 20 20 20 20 a2 |.......... |║
║ 0030 20 20 20 20 2 0 e2 ••••• 80 a2 e2 80 a2 20 | ..........|║
║ 0040 20 20 20 20 • 0 20 ••••••••• 20 20 e2 80 20 | ...|║
║ 0050 a2 a2 a2 e2 ••• 0 20 ••• ••••••• 2 0a 20 20 a2 |............. |║
║ 0060 80 80 80 a2 •• ••• •••••• 2 80 a2 e2 80 | ... .....|║
║ 0070 80 80 80 a2 ••••• ••• 0 a2 e2 80 80 |................|║
║ 0080 a2 a2 a2 e2 • ••••• •• a2 a2 |....... .......|║
║ 0090 20 20 20 20 ••• ••• •• • •• •• e2 20 |.. ........|║
║ 00a0 e2 e2 e2 80 ••••• •••••• ••••• •• e2 e2 |. ..............|║
║ 00b0 80 80 80 •• • •••••••• • •••• 80 80 |........ ......|║
║ 00c0 20 20 20 ••• •••• •••••• ••• 2 20 20 | ......... |║
║ 00d0 20 20 20 ••• •••••• ••••••• ••• 0 a2 20 | .............|║
║ 00e0 e2 e2 e2 •••• ••••• ••••••• •••• 2 80 e2 |...... ...|║
║ 00f0 a2 a2 a2 e •••• •••• ••••• •••• 0 20 a2 |............ |║
║ 0100 20 20 20 2 •••• •••• • •••••••••• 0a 20 20 | .......... |║
║ 0110 80 80 80 a2 ••••••••••••••••• e2 80 a2 80 | ... ..........|║
╚═════════════════════════════════════════════════════════════════════════╝
# hexdump ════╗
╔═════════════╩═════════════════════════════════════════════════════╗
║ 0000 20 20 20 20 | ...| •• ║
║ 0010 e2 80 a2 0a | | ••• ║
║ 0020 e2 80 a2 e2 |...... | ••• ║
║ 0030 20 20 20 20 | ..........| ••••• ║
║ 0040 20 20 20 20 | ...| • ••••••••• ║
║ 0050 e2 80 a2 e2 |......... | ••• ••• ••••••• ║
║ 0000 20 20 20 20 | ...| •• ••• •••••• ║
║ 0010 e2 80 a2 0a | | ••••• ••• ║
║ 0020 e2 80 a2 e2 |...... | • ••••• •• ║
║ 0030 20 20 20 20 | ..........| ••• ••• •• • •• •• ║
║ 0040 20 20 20 20 | ...| ••••• •••••• ••••• •• ║
║ 0050 e2 80 a2 e2 |......... | •• • •••••••• • •••• ║
║ 0000 20 20 20 20 | ...| ••• •••• •••••• ••• ║
║ 0010 e2 80 a2 0a | | ••• •••••• ••••••• ••• ║
║ 0020 e2 80 a2 e2 |...... | •••• ••••• ••••••• •••• ║
║ 0030 20 20 20 20 | ..........| •••• •••• ••••• •••• ║
║ 0040 20 20 20 20 | ...| •••• •••• • •••••••••• ║
║ 0050 e2 80 a2 e2 |......... | ••••••••••••••••• ║
╚═══════════════════════════════════════════════════════════════════╝