Location: Ballroom East
Thursday: setup and testing; 14:00 'til it's done
Friday: two 60min education and training sessions; TBD
Saturday: competition; 10:00 to 22:00
Sunday: post-mortem, comments, suggestions; 16:00-16:45 (International Room)
Network King of the Hill (NetKotH) is a network with servers providing vulnerable services. Attackers attempt to compromise and hold a system, while other teams do the same. Once one team gets in, they try to harden the box so other teams can't get in. Points are based on how long each team can maintain control.
To get points teams at a minimum must put their name in a <team></team> tag, though they can deface the site however they like. Scoring software will check each site once per minute and display them on the scoreboard website.
Each site has multiple vulnerabilities so defending a captured site can be a real challenge.
Referees will work as a blue team to occasionally step in and change things on the target such as IPs, fix the defacement, patch, roll back changes, switch operating systems, etc, just to even the playing field and make things interesting.
We will have a wrap up session at the end so be prepared to share the good, the bad, and the ugly so we can improve the game.
- Only penetrate the hosts at the given IPs, not the scoring box or other contestant's boxes. XSS of a player is ok as long as it's not destructive.
- DoS and network routing/traffic attacks are allowed, even on the traffic coming to and from contestants and the scoring box.
- Stay on the NetKotH network while attacking.
- The referees may change/add other rules at will.
There will be several orientation sessions on Friday
You will need a computer to play. You can use whatever tools and operating system builds you like. Here are some suggestions:
Samurai Web Testing Framework
Bring your skills, test your mettle, and you may leave as the PhreakNIC 18 Network King of the Hill.
Sources & further information:
Network King of the Hill (NetKotH): A hacker wargame for organizers who are lazy
AIDE 2013, April 18th, 2013
Network King of the Hill (NetKotH): A hacker wargame for organizers who are lazy bastards
PhreakNIC 16, November 9th, 2012
Q: Do I have to attend the entire 10:00 to 22:00 session on Saturday?!?
A: No, individuals and teams may come and go whenever they want.
Q: How many people can we have on a team?
A: "Based on feedback from DC404, having 3 to 6 team members is optimal, bigger teams don't necessarily give them an advantage. Let's allow any team size and recommend 3 to 6 on a team."
|Latest NetKotH handout as of Oct 27th.||136 KB|