Ah, it's there for sure, although you're not sure which bug they exploited. Interesting to draw some corrolations. For example DeepRed (Raytheon) got two weird heap overflows exploited, and then a lot of stack overflows...did that heap overflow come from a replay of someone else's bug? Is that a thing?
Heap Overflows: 1. http://www.lungetech.com/cgc-corpus/challenges/CROMU_00055/ 2. *http://www.lungetech.com/cgc-corpus/challenges/NRFIN_00052/* Hmm. Lots of interesting information here, although somewhat hard to dig through I guess? -dave On 8/17/2017 3:31 PM, Chris Eagle wrote: > Dave, > > You may find some of what you want here: > http://www.lungetech.com/cgc-corpus/cfe/ > > I have all the raw data from the event including the answers to some of your > questions below. If I can format then in some useful manner I will post some > of those answers. > > Chris > > On 8/17/2017 8:51 AM, dave aitel wrote: >> So I wanted to type up some notes on the CGC Wrapup >> <https://www.youtube.com/watch?v=SYYZjTx92KU> video, which was excellent. I >> mean, a part of what you want to do, while you watch it, is strip out all >> the parts of the thing that are about "playing the game". I know Jordan >> loves CTFs as some sort of e-sport and also there's a whole community who >> for whatever reason plays CTFs instead of playing corewars on helpless >> Chinese networks like of yore, but that stuff is 100% distraction when it >> comes to the CGC. >> >> >> As you can see, the tiny red lines on the right are supposed to be some >> combination of "could hack and could secure a service". I can't find >> anywhere something that has a simple spreadsheet of which samples >> <http://www.lungetech.com/cgc-corpus/challenges/NRFIN_00080/> (and even >> which vulns in which samples) were able to be attacked by which teams. So >> much of the game was weighted towards performance characteristics that it's >> hard to determine the information you really need from the scores, although >> the video goes over some anecdotal examples where RUBEUS and MECHAPHISH were >> able to attack particular historically interesting programs. It's telling >> that Mayhem won despite being basically off for half the contest. ;) >> >> Does anyone have better data on this? >> >> -dave >> >> P.S. Holy cow the visualizations on program execution are next gen! Worth a >> close watch just to see them. >> >> >> >> _______________________________________________ >> Dailydave mailing list >> [email protected] >> https://lists.immunityinc.com/mailman/listinfo/dailydave >>
_______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
