Forensic Challenge

Forensic Challenge 8 - "Malware Reverse Engineering" - Deadline Extended

Taking a look at the first submissions it seems like the Forensic Challenge 8 - "Malware Reverse Engineering" - is quite difficult to solve. For this reason we decided to extend the submission deadline to June 30th.

Have fun!

Angelo Dell'Aera
The Honeynet Project

Forensic Challenge 8 - "Malware Reverse Engineering"

I am pleased to announce the next forensic challenge: Forensic Challenge 8 - "Malware Reverse Engineering".

The challenge has been created by Angelo Dell'Aera and Guido Landi from the Sysenter Honeynet Project Chapter.

Submission deadline is June 15th and we will be announcing winners around the third week of July. We have a few small prizes for the top three submissions.

Have fun!

Angelo Dell'Aera
The Honeynet Project

Forensic Challenge 7 – “Forensic Analysis of a Compromised System” - And the winners are...

Folks, Guillame and Hugo have judged all submissions and results have been posted on the challenge web site. The winners are:

1. Dev Anand
2. Fernando Quintero & Camilo Zapata
3. (3 submissions) Matt Erasmus, Joseph Kahlich and Kevin Mau

Congratulations to the winners!

With challenge 7 completed, we are getting ready to launch challenge 8 on May 9th. This challenge has been prepared by Guido Landi and Angelo Dell'Aera from the Sysenter Chapter and it deals with

Forensic Challenge 7 - Publication of Results Delayed

An important update for Forensic Challenge 7 challengers. For reasons related to reviewers' everyday job committments the challenge results will be announced on Friday, May 6th 2011 and not on Friday, 29th April as announced in the previous blog post.

Thanks for your patience and regards.

Angelo Dell'Aera
The Honeynet Project

Forensic Challenge 7 - Submission deadline passed

Folks the submission deadline for the Forensic Challenge 7 – “Forensic Analysis of a Compromised System” - put up by Hugo Gonzalez from the Mexico Chapter and Guillaume Arcas from the French Chapter - has passed. We have received 16 submissions and will be announcing results on Friday, Apr 29th 2011. The winners will get a copy of the book "Virtual Honeypots - From Botnet Tracking to Intrusion Detection" written by Niels Provos and Thorsten Holz.

UPDATE: Forensic Challenge 7 results will be announced on Friday, May 6th 2011.

Angelo Dell'Aera
The Honeynet Project

Forensic Challange 7 - Only 5 days left!

Folks, challenge 7 - forensic analysis of a compromised server - put up by Hugo Gonzalez from the Mexico Chapter and Guillaume Arcas from the French Chapter is in full swing. Submissions are due by March 31st, so if you want to participate, you have 5 days left. We award little prizes for the top three submissions! Hope to see your submission.

Christian

Forensic Challenge 2010/5 - Log Mysteries - What Apache version was used?

Carl Pulley, a loyal follower of our Forensic Challenges, has written up an analysis on how could one determine the Apache version that generated the logs. His analysis can be found at http://acme-labs.org.uk/news/2011/01/20/apache2-version-analysis/ and http://acme-labs.org.uk/news/2011/01/21/apache2-version-analysis-data-visualisation/. Check it out!

Forensic Challenge 2010/6 - Analyzing Malicious Portable Destructive Files - The winners are ...

Folks, holiday greetings from forensic challenge headquarter in Seattle. Mahmud and Ahmad from the Malaysian Chapter have judged all submissions and results have been posted on the challenge web site. The winners are:

1. Vos from Russia with perfect score!
2. Codrut from Romania
3. Mike from Canada

Congratulations!

We received a total of 21 submissions and they were very competitive. The top three submissions came within a point of a perfect score and Vos from Russia actually received a perfect score. We have posted the top three submissions from Vos, Cordut and Mike on the challenge web site . As I said, these submissions are top notch and I encourage you to read through them.

With the forensic challenge 2010 coming to an end, we will be taking a little break for the holidays, but will be back in full force in early 2011.

Happy Holidays.

Christian Seifert
Chief Communications Officer
The Honeynet Project

Forensic Challenge 2010/6 - Analyzing Malicious Portable Destructive Files is now live

Another challenge is ready to be tackled by forensic analysts, students, hackers and alike. This time, we present you with an attack vector that has become quite successful: malicious PDF files!

For challenge 6 of our series (provided by Mahmud Ab Rahman and Ahmad Azizan Idris from the Malaysia Honeynet Project Chapter) we present you with a pcap file that contains network traffic generated by the following scenario: An unsuspecting user opens a compromised web page, which redirects the user's web browser to a URL of a malicious PDF file. As the PDF plug-in of the browser opens the PDF, the unpatched version of Adobe Acrobat Reader is exploited and, as a result, downloads and silently installs malware on the user's machine.

We prepared a set of questions that requires you to dive deep into the portable document format. Submit your solution by November 30th 2010. The top three submissions will receive small prizes.

Enjoy!

Christian Seifert
Chief Communications Officer
The Honeynet Project

Forensic Challenge 2010/5 - Log Mysteries - Results are in ...

Folks, Sebastien, Anton, Raffy and Julia have judged all submissions and results have been posted on the challenge web site. The winners are:

  1. William Söderberg (sweden)
  2. Nikunj Shah (USA)
  3. David Bernal Michelena (Mexico)

Congratulations to the winners.

Apparently challenge 5 was a true challenge. While we had many folks hit the challenge web site, we only received 7 submissions in total and quite a few participants missed more subtle attacks embedded in the deep corner of the logs. This illustrates how difficult log analysis is and a reason why we included it in the mix of challenges. The original challenge files remain on the web site and we have posted the top three submissions from Wiliam, Nikunj and David. Take a look and see whether you would have been able to identify all attacks in the logs.

With challenge 5 completed, we are getting ready to launch challenge 6 on November 1st. This challenge has been prepared by Mahmud and Ahmad from the Malaysian Chapter. It deals with 'Analyzing Malicious Portable Destructive File' and we hope to see you participating.

Christian Seifert
Chief Communications Officer
The Honeynet Project

Syndicate content