API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 1st, 2017
203
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.24 KB | None | 0 0
raw download clone embed print report
  1. TL/DR: khack40 did not cheat;
  2. The accusation against us makes no sense
  3. We have provable explanations
  4. WTH would we need to cheat on that CTF ? Come on guys...
  5.  
  6.  
  7. Dear CTF community, dear solarwind,
  8.  
  9. For the context, the HackIT CTF 2017 was held last week-end, khack40 competed and ended up 15th.
  10. A member of the team dcua, which finished 2nd, openly accused our team, as well as other french teams to have cheated and shared flag.
  11. https://ctftime.org/event/186
  12. https://ctftime.org/event/491/weight/
  13. https://pastebin.com/GbghyRH6
  14. https://pastebin.com/HBZf6aU8
  15. https://pastebin.com/yMg5taSC
  16.  
  17.  
  18. Here is our response as the khack40 team, regarding the accusation and its "proofs".
  19. Of course this text only concern our team, and we do not speak for the other ones that may or may not be guily.
  20.  
  21. First of all, let us state the obvious: khack40 did not cheat and did not share any flag during the competition.
  22. That accusation makes no sense to us, and as a small, yet kind of veteran team, we feel a bit insulted by it.
  23. (veteran in the sense that most of us have been competiting in CTF since more that 4/5 years)
  24. We are sorry that you did not take the time to contact us about the "issue" before openly trying to discredit us.
  25. We are sure that if you got in touch with us, we would have cleared any suspicion you may had.
  26.  
  27. But let's get to your proofs against us.
  28. Talking about evidence, it worth noting that uploading the log file, instead of specific extracts would have been a better choice for the discussion,
  29. but ... nevermind we will focused on your analysis as we totally trust your goodwill on the case.
  30.  
  31.  
  32. "PROOF 1"
  33.  
  34. > After several rounds of debates with orgs that it may be not 100% legit, we managed to receive flag submission logs to analyse ourself. We found several signs of flag sharing, by analysis of time correlation and structure of flag submits.
  35. Last 10 minutes submits:
  36.  
  37. > 1102 [2017-08-27 16:50:53] badfirmware Foren100
  38. > 1103 [2017-08-27 16:51:44] hackthissite Joy30
  39. > 1104 [2017-08-27 16:54:05] khack40 Stego200
  40. > 1105 [2017-08-27 16:55:03] \u706b\u8f66\u8dd1\u5f97\u5feb\uff0c\u5168\u9760\u6885\u795e\u5e26 Joy10
  41. > 1106 [2017-08-27 16:56:16] sec0d Misc150
  42. > 1107 [2017-08-27 16:56:16] Legion of Dumb Reverse250
  43. > 1108 [2017-08-27 16:56:27] sec0d Crypt200
  44. > 1109 [2017-08-27 16:56:32] \u706b\u8f66\u8dd1\u5f97\u5feb\uff0c\u5168\u9760\u6885\u795e\u5e26 Foren150
  45. > 1110 [2017-08-27 16:57:27] ASIS Joy10
  46.  
  47. > where '\u706b...' is https://ctftime.org/team/19216 . Group of teams submits flags in 1 minute interval, it is usually normal to keep flag till the end of CTF and submit in last minute to distract others. But for doing this, you need to be sure that flag is correct -- you will not have time to fix it. This is not the case of Misc150 task, flag in it doesn't have usual h4ck1t{} form, and is not cleanly readable (stego-like task with labyrinth). It is OK to submit such flag in last minutes if you are sure that it is correct, like already verified by other team.
  48.  
  49. We do not even get the problem here ??? In the extract, we are the only team to score Stego200, so ... what is the link with flag sharing ???
  50. And come on, even if someone gave us that flag... Why the hell would we wait to the very end to bump up our score ? That would be odd and stupid ...
  51.  
  52. The thruth is that we flagged Stego200 at the end of the CTF ... because our member that was working on it only solved it at ... the end of the CTF.
  53. We were not holding or whatever and it's not uncommon to finish solving challs during the last 10 min...
  54.  
  55.  
  56.  
  57. "PROOF 2"
  58.  
  59. > 974 [2017-08-27 09:44:34] khack40 Foren100
  60. > 975 [2017-08-27 09:45:14] khack40 Web100
  61. > 976 [2017-08-27 09:46:50] khack40 Joy50
  62. > 977 [2017-08-27 09:47:49] khack40 Foren150
  63.  
  64. [...]
  65.  
  66. > we have problem of not only last 5 minutes -- 4 flags in 3 minutes (974-977) [...]
  67.  
  68. Ok so we validated 4 doable tasks in 4 min, ... so we definitly have cheated ?
  69. I have to admit it might look odd (in fact it looks so odd that we wonder why the fuck a cheater would do that ... but anyway ...)
  70. ARE YOU SURE that there is no other possible explanation beside the obvious cheating ?
  71.  
  72. The reason we submitted 4 flags in 3 min, is however pretty simple: server downtime.
  73. The game plateform suffered from availability issues and we were not able to submit flags for a while.
  74. Other players also reported that (https://ctftime.org/event/491/weight/ )
  75. So we solved some challenges during the downtime, and we validated them when we found out that the site came back.
  76. I guess, this fact would be pretty easy to check using the server logs but too bad you did not published them...
  77.  
  78.  
  79.  
  80.  
  81. Ok, so that was your "evidences" against our team.
  82. They seem both pretty weak and also naive: A cheater who knows CTF would not behave that way, that is just stupid.
  83.  
  84. And just put the whole thing into perspective:
  85. Why whould we even share flags with teams that are direct competitors, only to end up with an average rank (15th) that is close to what we usually did in the past ?
  86.  
  87. Let's be honest that just makes no sense ... especially since this CTF was not a big one and most of us was not even interested to play...
  88. Moreover, the fact that the other teams you suspect are from the same country as our, just makes us want to compete better than them :) and there is no way we would give them flag.
  89.  
  90. So at the end, our explanation is way more *probable* (we definitly do not need to cheat to solve those challs and even if we would never have cheated in a such visible way), but it is also *verifiable* (just check about the downtime!).
  91.  
  92. We totally get the frustration to get overtaken by another team at the end of a CTF, and we hope that you understand that we are a bit upset of to be openly accused of cheating.
  93. There might be something fishy with them other teams on this CTF, but we are definitly not a part of that.
  94.  
  95. What we suggest now is to calm down.
  96. Apologize if you care.
  97. Continue the investigation if you want.
  98.  
  99. But WE DO NOT WANT our team to be involved into more drama so please keep us out of that. #NODRAMA-PLZ
  100.  
  101. I have already spent way too much time on this and we are busy hacking other stuff so there probably won't be any follow-up from us on this issue.
  102.  
  103.  
  104. See you all soon in the next CTF and keep hacking !
  105.  
  106. khack40
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!