Wargames

A bunch of attempts and successes at various security breach challenges

Comment

Inspiration

We'd never tried to hack, bypass or exploit a system before so we thought this would be a great opportunity to learn!

What it does

There's no 'it', we decrypted a couple messages, exploited a few binaries, SQL injected a website and broke into a smart lightbulb :)

How we built it

I wrote a small python script to try and break into the bulb, however, it didn't end up being of use. We used the bulb's manual primarily along with a few terminal commands such as 'nmap' and 'nc' to find the IP of the bulb and then send packets to it. The encryptions were solved mainly by doing online research and trying different types of encoding. The web challenge was completed through trial and error and a lot of investigation into the page. And finally, the binary file exploits were done through the terminal using commands such as 'strings' and by utilising the provided 'gdb' debugger.

Challenges we ran into

As we both had no previous experience in participating Capture The Flag challenges, this whole thing was new to us and we had to find patterns from scratch. At first, we weren't even sure what the flag is supposed to be! However, throughout the past 24 hours, we scratched the surface of many different topics and as much as it was very challenging, it was extremely rewarding as well.

Accomplishments that we're proud of

Even though it was tough and we could have given up two hours into the hackathon, we pushed through and manage to get 650 points!

What we learned

Aiste learnt that cryptography would be a great topic for her bachelor's dissertation and Lewis learnt a bit about assembly code and how to run through it instruction by instruction using the gdb debugger. We also both put the skills and knowledge we have picked up this semester in our networking class into practice whilst trying to break into the bulb which felt really nice :)

What's next for Wargames

We will endeavour to keep hacking into various appliances and international organizations :)

Built With

  • nothing-was-built
  • only-broken-:)
Share this project:

Updates