Now, after the pain and misery Lok_Sigma as inflicted upon the contestants, it’s finally time to name the survivors and reward them with their prizes!
There was a lot of hype for the release of Hades; something that was reflected in our web server logs with quite a few people continuously refreshing the page! It was also the main topic of conversation in our IRC channel for at least a week before the release. This grew even more the closer to the release at 7:02pm (6:66) on the big day!
Lok_Sigma: Hades does not sow
Lok_Sigma: Hades pays its debts
-*- Lok_Sigma can still see you. Hades is coming.
barrebas: see you all later– Hades is coming… ;)
Lok_Sigma: Hades is coming!
Lok_Sigma: You’re all excited now.
Lok_Sigma: That may not last…
After the initial frantic downloads (hint: bittorrent users got it quicker), the IRC channel was mostly silent for a few hours, with the exception of people checking each others progress. They were either met with short replies back or left unanswered as a large proportion of the channel was taking part. Lok_Sigma was in the channel, laughing quietly to himself, and torturing anyone and everything…
Lok_Sigma: How’s Hades going?
Lok_Sigma: No comment? :-)
vinicius777: 2 hours on Hades and can’t gent even a shell!
Lok_Sigma: Hades is looking devious indeed!
barrebas: there goes one brave man
vinicius777: go go go go !
Mr-Bot: and that was the last we saw of TheColonial
barrebas: hehe :)
barrebas: found some ports, eh?
TheColonial: more than that ;)
barrebas: i’d say :)
The first sign of progress was from “TheColonial” 14 hours in with code execution. Another hour after, he was the first person to report having a shell. This headway was short lived as another user, hostess, reported to have caught up. Few more hours go by, a few other members also increased their foothold in the machine.
Lok_Sigma: Don’t you have root yet?
TheColonial: shut it :)
vinicius777: it’s driving me nuts!
After 36 hours of Hades being released, it was reported that “barrebas” had managed to escalate his privileges all way to the highest level on the system (root). However, it wasn’t over just yet…
barrebas: thanks, but i’m not quite there yet! need to get the flag.. :) -*- barrebas scratches head
In the post exploitation stage of the challenge, there is a PGP key which the attackers need to retrieve from the depths of Hades, and return it back safely into the competition’s inbox. We can report that TheColonial was the first person to successfully message us with the correct key. He also displayed a snippet showing his victory in the Channel. All in all, Hades was conquered in less than 48 hours of it being released.
For the rest of the month, new people found out about Hades, downloaded it & attempted it. Some of these people then went on to submit their walkthroughs. Being “first” entitles you to bragging rights; however, it wasn’t required to win the competition. What we were looking for was user’s walkthroughs for the challenges. The first complete one in was by “superkojiman” the following day!
@VulnHub Hades writeup coming your way soon! Thanks for the challenge!— Harold Rodriguez (@superkojiman) April 13, 2014
For some of the people who completed the challenge, they kept on digging… And they found something. Something that wasn’t meant to be here… There was a unintentional bug in the challenge, and when it was exploited it would aid you in privilege escalation. Hackers are hackers, they will find things out - even if you don’t intend for them to do so!
So well done to them, we tip our hats to you guys!
If you are reading this, and wish to have a go at Hades yourself now v1 of Hades is what the competition used, v1.0.1 has the issue patched. Both of them are hosted on VulnHub. Its up to you which version you try.
The total amount of keys submitted in the time frame of the competition was 8, however only 6 of them included a walkthrough (there was another walkthrough shortly after it was over). We know Hades isn’t easy, so if you got root or just had a go at the machine: well done! We also understand how much time goes into writing up solutions, so you guys gain additional glory and brownie points.
You are able to see & browse through all the accepted submissions below, allowing you to see what you missed, were you went wrong or to judge our decision:
- Winner - barrebas
- Runner Up - superkojiman
- Runner Up - swappage
- Finalist - NeX-
- Finalist - teh_h3ck
- Finalist - vinicius777
The top three entries all got a e-gift card of their choosing as well as an executive VulnHub t-shirt (and a selection of stickers)! The base design for this can be seen below, as they were personalized for each person. These cannot be found in shops or bought online, the only way to get one, is to win one.
We wish that we were able to offer prizes to everyone who took part, and it pains us to limit it down to just three submissions, so keep your eyes peeled for our next competition to be in for a chance of winning!
This is our second competition that we have run. We learnt from our mistakes from the first time, and ran into other sets of issues. From last time, what we heard:
- Hype - there was more. But not enough!
- Different prizes - the new idea of t-shirts went down well, so we will be using them again (and still thinking of more)
- Longer timeframe - this went down well so we will be doing the next one at 4 weeks again.
What we learnt this time:
- Test the challenge more - try and look at it from every possible angle.
- Post challenge response - we were slow.
- Try and keep the hype going throughout.
Our last words on this are: we would like to thank Lok_Sigma for the opportunity to allow us to do this. Without the “Hades” VM, we couldn’t of done it. If you enjoyed or got highly frustrated at his work, please let him (and us!) know =).
vinicius777: good job on Hades Lok_Sigma, really !
The VulnHub Team