Overall, CSAW2009 was really exciting and fun 😀

We met a LOT of people who are very passionate about security. To be honest, I expected to see little bit dorky/geeky + dry people there. But, I gotta say, they were really cool, funny and geeky AT THE SAME TIME :p

Anyways, the event we participated this year was Capture The Flag (CTF). It was basically only on solving problems, instead of having attack/defense network.

To illustrate, we had three big categories and one problem for each:

  1. Writing a Shellcode — We were given the instruction manual for SuperH processor. For those who don’t know where SupherH is used, it’s used for Dreamcast. Then, we had to write a shellcode using the instructions for SuperH.
  2. Reverse Engineering — We were given a virtual image containing Windows XP with two snapshots; before/after infected by a virus. So, we had to figure out what the “virus” installed onto a computer and reverse engineer it to find out what it’s doing. After all, it was a Windows kernel driver communicating over IOCTL.
  3. Java Applet — Java Applet was given, and when decompiled, it contained over 700+ class files. And guess what. We had only 2 hrs. So, we haven’t had enough time to look closely into this problem.

Since the competition started little late, we didnt have enough time. So, we couldn’t fully finish the problems by the time that it was over. We just sent whatever we had. (shellcode + analysis on driver) Yeah. We really thought we lost the competition so badly.

We couldn’t believe our ears when we heard that we have won the competition xD

I thank everyone who prepared and participated CSAW 2009.