By Sumner Lemon
April 24, 2007
IDG News Service
A team of U.S. Army hackers will attend the Hack In The Box (HITB)
Security Conference 2007 in Kuala Lumpur later this year, seeking
redemption after falling short at a hacker competition in Dubai earlier
this month, the conference organizer said Tuesday.
The Army Strong team was drawn from members of the 2nd Battalion of the
U.S. Army's 1st Information Operations Command (Land). The team was
unable to complete the entry-level round, called Level 0, in a
capture-the-flag (CTF) competition held by HITB in Dubai this month,
according to Dhillon Andrew Kannabhiran, founder and chief executive
officer of Hack In The Box.
Unlike other CTF competitions that require teams to attack other servers
while defending their own, the HITB contest in Dubai only required teams
to attack servers and retrieve files, called flags, that were used to
score points. Participants in the contest were also allowed to attack
each other, but denial-of-service attacks were banned.
"The Dubai CTF was also a pure reverse engineering challenge, with teams
having to break six levels of increasing difficulty. Level 0 was a Win32
binary whereas all the other levels were Unix binaries," Kannabhiran
said. "Teams would progress to the next level by cracking the current
level, which reveals a password/credentials needed to access the next
Army Strong was one of three teams competing in the Dubai contest. The
other two teams were Team Eleet, whose members came from the Dubai
Police, and NDMTEAM, a group of hackers from Bulgaria.
"The Bulgarians were the only team to successfully bypass level 0.
However, they did not manage to reverse any of the other flags; as such
there was no winner," Kannabhiran said.
The lack of a winner means the US$6,000 in cash prizes planned for Dubai
were not awarded. Instead, the cash prizes will be carried forward to
the Kuala Lumpur conference, he said.
Hack In The Box has yet to announce details of the CTF contest planned
for the Kuala Lumpur conference, which will be held from Sept. 3-6.
Subscribe to InfoSec News