sliders-logo.jpgSalutations, challenge fans! Ed Skoudis here, ready to introduce our newest challenge. Jim Shewmaker, SANS Instructor and creator of the Netwars Capture the Flag Competition, has taken the keyboard this time, creating an awesome challenge for you based on the TV show, Sliders. It’s got some fun twists and turns, and includes jumps to parallel universes! What’s not to like? Have fun unwrapping this mystery. As always, we’ll choose three winners: the best technical one, a creative entry that is also technically correct, and a random draw. Even if you don’t know all the answers or can only guess, submit an entry with what you do have, and you’ll be entered in that random draw. Winners will receive signed copies of my book, Counter Hack Reloaded. All entries are due by November 23, 2009. Have a good time and I’m sure you’ll learn cool things along the way with Jim’s challenge!

–Ed Skoudis Challenge Master
Author of Counter Hack Reloaded, Co-Founder, InGuardians, SANS Fellow

By James Shewmaker
October 2009

Quinn Mallory was an inventing scientist.  He was working on a project to manipulate gravity and stumbled across an inter-dimensional path to another version of the Earth.  Quinn asked his friend, Wade Wells, and physics professor, Maximillian Arturo, to explore this parallel version of Earth with him.

“How does this vortex work?” asked Wade.

“It crosses an Einstein-Rosen-Podolsky Bridge — sending whatever goes through the vortex to another version of Earth,” Arturo explained.

“I don’t know if I’m up for space travel,” commented Wade.

“It’s not space travel, and it’s not time travel.  We just end up in another version of Earth that has some differences from the Earth we know.  Time is relatively constant on both worlds, so the same amount of time passes here as on the other world.   Since we never physically leave Earth but experience a different environment, I decided to call it ‘sliding.’

Quinn continued to explain that another Quinn from an alternate Earth slid in and gave him the solution to sliding.  “I tested it with random objects, and with this timing device, they return.  I have to admit that since this is an experiment, I’m not 100% sure on the preciseness of how this device follows the equations.  The vortex is created with:

ssh –i id.dsa –L 1111:
“nc –l 2222> 100;nc 2222<;killall -9 sh”

“With the vortex open, I tested it by sending a basketball into the vortex.  Sure enough, in 100 seconds, a basketball comes bouncing back, apparently spending 100 seconds on the alternate dimensional Earth,” Quinn said.

echo “basketball” >.vortex;cat .vortex| nc 1111 ; nc –l –p 1111

1) What assumptions does the timer device make if the basketball returns as described?

Wade asked in amazement, “How do you know it’s the same basketball?  What if somebody else threw a basketball back.  Hey! If you go into the vortex and return, how do we know it’s you?”

Quinn hesitated before responding, “I guess you would have to look for a subtle difference, maybe the alternate me would just go by his last name.  An alternate Earth version of me might be drastically different I suppose… my alternate might even be female, and even on a popular 80s sitcom…”

Wade interrupts, “Or maybe your childhood TV crush is slightly different; what if Justine Bateman is just an alternate of Justin Bateman.”

Quinn winced then closed his eyes to try to focus on the present. “Whatever! As long as I have this back channel, I know whatever I send into the vortex can return.  And with this timer, I know that if I send myself into the vortex instead of the basketball, I will know how much time I have left to return home before the vortex closes.”

Quinn, Wade, and Professor Arturo prepared to slide by upping the vortex’s power.  Meanwhile, an innocent bystander, Rembrandt “Crying Man” Brown, is traveling by in his classic Cadillac.

Quinn decides to up the power of the vortex to be sure that it can handle all three sliders but accidently sends the Crying Man through the vortex as well.

2)  If Mr. Brown’s Caddie travels over TCP and was coming from an arbitrary port on the host to another destination such as a stadium hosted at port 80, what changes to the vortex and environment did Quinn make that would collect any passerby and send them through the vortex as well?

Quinn and his friends slide to many worlds, helping many people in the process.  During their travels, the timer device that controls their inter-dimensional tunnels gets damaged and requires many hacks and kludges just to keep them moving on, hoping to find the coordinates of their true home.  Some of the modifications to the timer are not perfect, because the proper tools are usually not available.  Currently, the timer counts down, but the vortex destabilizes the environment before sliding.  Here is the that Quinn carries with him:

let x=`echo -e "$RANDOM/60"|bc`
export j=`date "-v+$x"S "+%s"`
echo -e "echo sliding…|wall;killall –HUP sshd" | at “now +$x seconds”
export PS1=’`date -j -f ‘%s’ $(echo -e "$j-$(date +%s)"|bc) "+%M:%S"`> ‘

3) How can be fixed to be more reliable?

4) How can the sliders bring the timer with them on every slide automatically?

On their next slide, Quinn realizes the timer isn’t functioning correctly.  “For some reason, our timer isn’t doing its job on this world.  Maybe the laws of time and space are different here.  This resembles our Earth, but there are likely many things slightly different because uname told us FreeBSD previously; now it says Linux.”

5) How can the timer be modified to show the correct countdown on either the original or this gnu world?

Quinn’s crew also runs into a world that desperately needs to slide the entire population to a new world, before rogue pulsar fragments destroy all life on their world. 

6) How could Quinn modify the vortex to send multiple people and objects in parallel (at the same time) to the alternate Earth?

7) One of the sliders’ enemies is disrupting their vortex by changing the timer.  How should they enhance the timer to ensure it hasn’t been tampered with?

8 ) How can Quinn record the coordinates (host and port) of each world as he slides, so he can arbitrarily return to any of the previous worlds?


Submit your answers to skillz1009 ( at ) with the subject line "Skillz Submission" by November 23, 2009 for a chance to win an autographed copy of Counter Hack Reloaded. The autograph will congratulate you on your prowess in mastering this challenge!  We’ll choose three winners, as usual, one in each of the three following categories:

– Best Technical Answer
– Best Creative Answer (that is also technically correct)
– Random Draw (Anyone can win, so send in a response, any response… it doesn’t matter)

James Shewmaker has over 15 years experience in IT, primarily developing appliances for automation and security for broadcast radio, internet, and satellite devices. He is one of the first GIAC Platinum certified Malware (GSM) experts. James is a founder and active consultant for Bluenotch Corporation which focuses on investigations, penetration testing, and analysis. He has contributed to the courseware in various SANS courses including Security Essentials and Reverse Engineering Malware: Advanced Techniques. His focus in 2009 has been constructing and running the NetWars Capture the Flag Competition, part of the US Cyber Challenge.

