Start of the talk: try to get people motivated with a good talk on protocol hacking. Explain Netmap2's uses, show a use of it. Explain the format of popular services: DNS, SSH, HTTP, BitTorrent, UDP Session Development. Explain the problem of writing services. Explain the Neg9 CTF project. We're done, split into groups.
2 - 4 teams Each team needs at least one coder/developer/guru. Each team needs 1-3 designers who do little/no code. One person can be the designated group teacher if they want or they can teach on demand / as necessary.
Each team must design and build a protocol in 1 hour. The protocol must input user data, modify it, and return data.
The code must be original, written tonight, open source, and easily portable to
Linux ("the server"). Docked points for problems on other computers.
When the client and server are written, you must put it up on "the server".
You then must publish the source of client and server as well as design docs. Each team downloads them, and then attacks the servers with their evil clients. The teams have 1 hour to attack and publish exploits for their opponent's servers.
Criteria for judging servers:
Slogans for the whiteboard:
Sally might be your best friend, but don't trust her input data.
Measure twice, cut once.
Mind your Ps and Qs.
If it looks like a duck and quacks like a duck, it might be a duck, but it might also be a trojan duck.
Criteria for judging clients:
Criteria for judging exploits:
First Prize: Hacker Book from Univ. Washington Bookstore.
Close Second: $15 gift certificate to ThinkGeek.
Close Third: A paid copy of the open source distro of your choice (<$40).
Obsfucated constants prize: UNI Washington $5 calling card.
Unextensibility prize: Slightly used crayola crayons.
Incompatibility prize: Ubuntu CD.
Two rules exist for the prizes:
1) Allow someone temporary use of the prize upon reasonable request.
2) Any prize not won (close second/third, or special) will become a prize for next meeting.
Netmap1 and Netmap2 Homepage
Printable PDF of this document