Presentation is loading. Please wait.

Presentation is loading. Please wait.

OpenInfreno An Open Source RootWars Platform Dennis W. “LittleW0lf” Mattison

Published byNoreen Gilbert Modified over 8 years ago

Similar presentations

Presentation on theme: "OpenInfreno An Open Source RootWars Platform Dennis W. “LittleW0lf” Mattison"— Presentation transcript:

1 OpenInfreno An Open Source RootWars Platform Dennis W. “LittleW0lf” Mattison ltlw0lf@cox.net http://openinfreno.sourceforge.net/

2 Talk Contents ● OpenInfreno Background and Design Goals ● Toorcon RootWars 2003 ● Toorcon RootWars 2004 ● The Future ● Open Source

3 OpenInfreno Background and Design Goals ● What is OpenInfreno? – A Toolkit for RootWars style games ● Why OpenInfreno? – All other models proprietary... RootFU, etc. – Open game design under BSD/GPL Licenses ● Why Open Source? – Allows programmers from many walks of life – Allows me to work from home!

4 OpenInfreno Background and Design Goals ● Background – Originally a “proprietary” program developed for Toorcon RootWars 2003, but “opened” afterward – Version 2.0 used at Toorcon RootWars 2004. ● Design Goals – Modular design, everything revolving around a database. – Simple but secure ● We have a long way to go here!

5 Toorcon RootWars 2003 ● Written by two people: LittleW0lf and Insane. – John C. Hummel wrote the “scoreboard” ● Proprietary code, SAIC sponsored ● Most of code written in PHP, rest was written using Shell-scripting – Non-proprietary version of this system is available at openinfreno.sf.net as version 1.0.0. – 1.0.0 code only available via the BSD License.

6 Toorcon RootWars 2003 ● Backend used modified OpenSSH Daemon on TCP/3128 – Keys were compared using OpenSSL – Traffic penalty generated using ALTQ-PF on Firewall – PHP code was broken into three parts: ● Scorebot – Workhorse, responsible for accessing the SSH daemon and checking for services ● Display-Manager – Gives the points for the roots ● Traffic Manager – Generates penalty points for traffic usage

7 Toorcon RootWars 2003 ● Software performed relatively well, minor bugs: – Some of the “score” fields weren't displayed correctly, despite the fact that the engine properly counted them – No working Windows TM functionality (boo-hoo) – SNMP didn't work as advertised – Several of the targets (Cisco, You Own It...) could not be modified to work with the code because OpenSSH wasn't entirely portable – Other really minor issues that nobody even caught until after game was finished

8 Toorcon RootWars 2003 ● Lessons Learned – Code worked well, with minor issues – Realtime scoring is an absolute necessity! – Giving teams an idea about how the system works and the system scores the teams is really important. – Having the server do all the work caused too much complexity which caused its own problems. An agent version of the engine will probably work better because the server isn't doing everything. – The code must be opened!

9 Toorcon RootWars 2004 ● Written by LittleW0lf as OpenInfreno 2.0 ● Completely Open-Source, GPL and BSD Licensed, and available on openinfreno.sf.net ● Agent based – Agent sends traffic out from target to server using ICMP ECHO-REPLY messages – Agent-server collects the messages, verifies that they are valid packets, and records the results

10 Toorcon RootWars 2004 ● Code is written in both C and PHP – Agent and agent-server are in C – Scorebot, display-manager, and traffic manager are still written in PHP, but scorebot is now just a middle-man ● So, how did it work out?

11 Toorcon RootWars 2004 ● Lessons Learned – OpenSSL ● Poor Documentation ● Code examples of what we wanted to do were non- existant ● 3 rd Party Books are buggy – Linux to BSD Porting ● No standard base-class: u_int32_t vs uint32_t – Windows Agents ● Code needs some serious work, compiles correctly, but doesn't send icmp messages

12 The Future ● Next year, plan is to build score-server and images to be installed on the team's own hardware – Teams become the attackers and defenders – Unfortunately, this is the same thing that Ghetto Hackers do, (we don't want to step on their toes, or make Rootwars like Toorcon Rootfu.) However, we know why Ghetto went to this model (it is far easier on the developer and implementer)

13 The Future ● Need developers... ● Taking agent to the next level – OOB & Subversion – Covert channels – Smarter agents ● Clean-up of code ● Documentation, Documentation, Documentation

14 Isn't Releasing the Code Dangerous? ● We've fought with this for a while: – Releasing the code could allow for cheating – Releasing the code could allow for attacking of the score system – Releasing the code could allow others to take over RootWars and force us out – Releasing the code could just allow folks to create endless forks in the code...which won't help us much

15 Isn't Releasing the Code Dangerous? ● Is it really dangerous? – Openinfreno code was up on cvs.sf.net – Benefits of open source far outweigh potential risks – If someone can take over our job, doing it for free, and can do a better job, they are free to do so – Code forks are a risk, but keeping the code proprietary doesn't prevent code forks either

16 Joining the OpenInfreno Team ● Developers – Development is being done on sourceforge at the moment – Developers are welcome to join...however, folks interested in playing should not join, but can submit code changes to us ● Implementers – Folks interested in running rootwars like games using our code are welcome to do so...please let us know how it works for you, and how we can change it for the better

Download ppt "OpenInfreno An Open Source RootWars Platform Dennis W. “LittleW0lf” Mattison"

Similar presentations

The Web Wizards Guide to Freeware/Shareware Chapter Six Open Source Software.

The Web Wizards Guide to Freeware/Shareware Chapter Six Open Source Software.
Current methods for negotiating firewalls for the Condor ® system Bruce Beckles (University of Cambridge Computing Service) Se-Chang Son (University of.

Current methods for negotiating firewalls for the Condor ® system Bruce Beckles (University of Cambridge Computing Service) Se-Chang Son (University of.
SSH Operation and Techniques - © 2001-2006 William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…

SSH Operation and Techniques - © William Stearns 1 SSH Operation and Techniques The Swiss Army Knife of encryption tools…
Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.

Adding scalability to legacy PHP web applications Overview Mario A. Valdez-Ramirez.
Welcome Windows SharePoint Service 3.0. Craig Carpenter MCSE, MCT Director, Combined Knowledge.

Welcome Windows SharePoint Service 3.0. Craig Carpenter MCSE, MCT Director, Combined Knowledge.
Introduction to InfoSec – Recitation 6 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 6 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Raw Sockets CS-480b Dick Steflik Raw Sockets Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using.

Raw Sockets CS-480b Dick Steflik Raw Sockets Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using.
The OWASP Foundation AppSec DC Learning by Breaking A New Project for Insecure Web Apps Chuck Willis Technical Director MANDIANT

The OWASP Foundation AppSec DC Learning by Breaking A New Project for Insecure Web Apps Chuck Willis Technical Director MANDIANT
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
Akamai OS War Stories Bruce Maggs. 2 15-410 Gratuitous Quote of the Day Well you’re not hardcore (No you’re not hardcore) Unless you live hardcore (Unless.

Akamai OS War Stories Bruce Maggs Gratuitous Quote of the Day Well you’re not hardcore (No you’re not hardcore) Unless you live hardcore (Unless.
Chapter 3.1 Teams and Processes. 2 Programming Teams In the 1980s programmers developed the whole game (and did the art and sounds too!) Now programmers.

Chapter 3.1 Teams and Processes. 2 Programming Teams In the 1980s programmers developed the whole game (and did the art and sounds too!) Now programmers.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research

1 Security and Software Engineering Steven M. Bellovin AT&T Labs – Research
How the Internet Works Jon Crowcroft,

How the Internet Works Jon Crowcroft,
Software Development Unit 6.

Software Development Unit 6.
U-Mail System Design Specification Joseph Woo, Chris Hacking, Alex Benson, Elliott Conant, Alex Meng, Michael Ratanapintha April 28, 2008 1.

U-Mail System Design Specification Joseph Woo, Chris Hacking, Alex Benson, Elliott Conant, Alex Meng, Michael Ratanapintha April 28,
ITK Lecture 12: Open Source & Cross Platform Software Development Methods in Image Analysis CMU Robotics Institute 16-725 U. Pitt Bioengineering 2630 Spring.

ITK Lecture 12: Open Source & Cross Platform Software Development Methods in Image Analysis CMU Robotics Institute U. Pitt Bioengineering 2630 Spring.
P OTENTIAL OCR S OFTWARE FOR N UTRITION F ACTS L ABELS Dennis Given.

P OTENTIAL OCR S OFTWARE FOR N UTRITION F ACTS L ABELS Dennis Given.
 Advantages  Easy to learn  Graphical Advantages  Help and Support  Widely used  Software compatibility  Customisable  Customisable Hardware 

 Advantages  Easy to learn  Graphical Advantages  Help and Support  Widely used  Software compatibility  Customisable  Customisable Hardware 
GIT is for people who like SVN September 18 th 2012 Vladimir Kerkez and BK.

GIT is for people who like SVN September 18 th 2012 Vladimir Kerkez and BK.

Similar presentations

Ads by Google