[Article]-The Nightmare Before Charlie Brown`s Christmas

Viewing 23 reply threads
  • Author
    Posts
    • #5871
      Don Donzal
      Keymaster

      They’re baaaaaack… Ed Skoudis and I felt strongly that although we haven’t had a Skillz Challenge in quite some time, that it would be a shame if we didn’t continue the annual tradition of an Ed Skoudis penned Xmas Challenge. If this one goes well, we’ll pick it up again and have many more challenges in 2011. So be sure to help spread the word.

      Permanent link: [Article]-The Nightmare Before Charlie Brown`s Christmas

      [align=center:28yg914s][/align:28yg914s]

      Happy Holidays, challenge fans! Ed Skoudis here, with this year’s holiday hacking challenge. Have you ever seen the classic video A Charlie Brown Christmas, and pondered why Charlie Brown is so upset at the start of the video? Also, have you ever wondered why the rest of the Peanuts gang is so focused on the materialism of the Christmas season? Well, this year’s hacking challenge answers these questions. In our tale, you’ll discover that something happened before the start of the Charlie Brown Christmas video that put these characters into such a state. That something is what we like to call…

      [font=Verdana:28yg914s]The Nightmare Before Charlie Brown’s Christmas[/font:28yg914s]

      These challenges, which are an annual tradition here at EthicalHacker.net, are designed to help people develop their skills, show off their abilities, and have some fun. During past holiday seasons, you got to tangle with the Grinch, Rudolph, that Messy Marvin kid, Frosty, and even Santa himself. And who can forget last year’s Miracle on Thirty-Hack Street. Read this challenge, answer the questions, and send your responses in by January 3, 2011 to skillz1210 (at) ethicalhacker.net. We’ll choose three winners, each of whom will get an autographed copy of my Counter Hack Reloaded book. One prize will go to the best technical answer, another to the most creative answer that is technically correct, and the final prize is based on a random draw from every person who submits an answer. Even if you have no idea whatsoever for how to answer the questions, send in your best shot to be entered in the random draw. And now, without further adieu, the curtain rises on our story…

      [align=right:28yg914s]–Ed Skoudis
      EthicalHacker.net Challenge Master
      Author of Counter Hack Reloaded, Co-Founder, InGuardians, SANS Instructor[/align:28yg914s]

      Have fun and be sure not to give the answers away,
      Don

    • #36808
      sil
      Participant
    • #36809
      caissyd
      Participant

      That’s what happen when you work too much sil!  😉

      For me, it’s the opposite: I see it as an opportunity to practice in my lab what I have studied for CEH last year. So thanks for the links!

    • #36810
      rattis
      Participant

      I’m happy to see the challenge. I’ve been waiting all year for it. I might get 1 question answered.

      I still claim to be clueless at these things, but like seeing them, because if I remember correctly, one of the other challenges is what got me introduced to EH.net.

    • #36811
      sil
      Participant

      🙁 I sadly did it this morning. Didn’t get too technical, figured I’d give it a shot while on a conference call (imagine that!). I don’t want to disclose much but I will say this to those analyzing VoIP or thinking about VoIP security as a whole…

      VoIP is no different than any other protocol (SMTP, HTTP, HTTPS). It is subject to the same attacks, same threats. Forget about the “call” and think about the connection between two devices as you would think about say an SMTP connection. What could occur there? How could it occur? What do I need to look for?

      Anyway, I didn’t want to get too detailed into the contest because I do this for a living however, I’d like to wait until its over and offer a video demonstration of what I did to analyze, so I will wait until all is said and done, get perms from Don, and present it after the winner is announced.

      / Edited for now to protect the innocent 😉

    • #36812
      sil
      Participant

      Alright, work calls 😉

    • #36813
      hayabusa
      Participant

      Wow, sil!  You QUICKLY edited out that story modification / addendum / twist of yours!

    • #36814
      Don Donzal
      Keymaster

      That was me. We were afraid that it might possibly give away answers.

      Don

    • #36815
      caissyd
      Participant

      Ouff, I had time to read it!  ;D

    • #36816
      hayabusa
      Participant

      @don wrote:

      That was me. We were afraid that it might possibly give away answers.

      Don

      Oops, my bad…  (sorry sil)  Just noticed I’d seen something, and it disappeared so quickly!  😛

    • #36817
      sil
      Participant

      No apologies needed hayabusa, in fact I apologized to Don and now to others as I may have made things easier. I’m hoping once its over, I can make a walkthrough on the steps I took, tools I used, etc., I think some may find use in it

    • #36818
      rattis
      Participant

      Actually, I found Sil’s post useful. I’ve been looking forward to this all year, but I know I don’t have the time time to play with it.

      I was going to ask about creating a side channel for those of us that want to use it to gain skills, but are willing to publicly and privately bow out of the contest in exchange of creating it. IRC or mailing list.

      I have way way too much on my plate right now. Trying to LEARN, NOT DUMP to pass the Security+ by the end of the year. I’ve already put some of the things I’ve learned into practice at work. (Improvement of my monitoring tools, and the such). I have a lot of things to do by the end of the year, and not sure I’ll get it all done, but going to try.

      So somewhere to do a group crack on this challenge and learn some things along the way would be great.

      Looking forward to a writeup.

    • #36819
      Don Donzal
      Keymaster

      They’ll be plenty of time for open discussion of everything related to the challenge after the answers & winners are announced in mid Jan. Also keep in mind, that Ed usually does a very thorough job of explaining the answers along with the thoughts behind the challenges. He also explains why participants were chosen as winners or given honorable mention.

      Hang in there,
      Don

    • #36820
      Pookie
      Participant

      This is my first challenge I have participated in.  I really enjoyed applying a great deal of my knowledge I acquired by studying for my Network+ and Security+ certs this year.  I also learned more about tools I have poked around with in the past.

      Thank you

    • #36821
      borat
      Participant

      i’m following here my first challenge and i haven’t any knowledge on VoIP. Would you recommend me more to start with past challenges on domains i can face all days or this challenge can be solved without prior knowledge on VoiIP ?
      Thanks a lot.

    • #36822
      tturner
      Participant

      Even if you don’t get it right you will learn a lot attempting the challenge. It’s a great way to learn!

    • #36823
      Pookie
      Participant

      Borat,

      This is my first challenge ever and I have almost zero prior knowledge of VoIP.  I feel good about my answer and have learned a good bit about my tools and VoIP as a whole as a result of this.  It’s not like you get electric shock if you are incorrect.  Have fun and try it!

    • #36824
      borat
      Participant

      Ok  pookie & tturner ! Thanks a lot taking time to answer, hope to hear something like that.
      I’ll be happy to try this one. I’ll participate !
      🙂

    • #36825
      Don Donzal
      Keymaster

      Submitted to digg:

      http://t.co/Wg3qE2J

      Please vote and spread the word. Tweet if you can.

      Thanks,
      Don

    • #36826
      Don Donzal
      Keymaster

      Nice little interview with myself and Ed Skoudis for Darlene Storm’s blog at ComputerWorld:

      Attention hackers: holiday hacking contest
      http://blogs.computerworld.com/17566/attention_hackers_holiday_hacking_contest

      Digg the interview here:
      http://digg.com/news/technology/attention_hackers_holiday_hacking_contest

      Let us know what you think,
      Don

    • #36827
      sandcrawler
      Participant

      Just started working on it this morning.  I’ve also been waiting on this all year and I’m going to put a bit more effort into my answer this year as well.

      For those new to the challenge it’s just as the more experienced have said, it’s a great opportunity to learn and unlike some places where you’re never given then answer or how the answer was derived you can guarantee Ed’s gonna give us both.  If nothing else you’ll learn what your strengths and weaknesses are and then once you’re hooked on these you’ll be better prepared by the time this rolls around next year.

      Happy Hacking!

    • #36828
      Don Donzal
      Keymaster

      Don’t forget to get your answers in ASAP. Only a few more hours left before the deadline. Also, remember that even submissions with wrong or incomplete answers will still be entered into the random drawing to win a signed copy of Ed’s book, Counter Hack Reloaded.

      Good luck & hope you all had fun with this one.

      Don

    • #36829
      sandcrawler
      Participant

      For those of you with CEHs that submitted for this, it wouldn’t hurt to turn your documentation in to EC-Council for credits.  Heck, you might even try if you didn’t make the deadline.  I turned mine in last year as a “case study.”  It was accepted and I managed to eek a few points out of them 😀

    • #36830
      borat
      Participant

      Hi all,

      I was happy yo participate.
      Thanks team for the challenge 🙂

Viewing 23 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?