Man.

My team, Maple Bacon, collaborated with CMU’s CTF team PPP and Theori.io’s CTF team The Duck, forming Maple Mallard Magistrates as a merger to participate in DEF CON finals.

The Beginning

Discussions about the merge had occurred earlier in the year - I triangulate it to a month or so before I found myself in Athens, Greece attending ICC. This is important to mention as I heard many people speculate about the existence of MMM and whether or not it was formed as a response to something. The answer is no, the reasoning was very simple: we wanted to play together! Unfortunately, there wasn’t much of a complex reason, we simply had a desire to team up and have fun in Vegas.

Preparation

Shortly after the creation of MMM, general preparations were underway to figure out how to best tackle DEFCON 30. Travel logistics, skill logistics, everything. We wanted to see if there was a way to train altogether in prep for the event, and obviously the best way to do that was to try out in CTFs together, pre-DEFCON. One slight issue though: The merge was a secret. We couldn’t use our full name, since that would likely give away the teams that composed us. It wasn’t a big deal, but we just knew that if we did well in a CTF, then certainly some teams would pick up on this mysterious MMM and wonder who it was. Speculation was inevitable.

Team Setup

From MB side, we brought a subset of people to Vegas but had a slightly bigger subset playing remotely. Of the merger, we had 8 people (me included) attend Vegas with MMM, and around 11 playing remotely.

Now, comparing ourselves to PPP and The Duck, we were certainly new to the scene. We weren’t CTF rookies, but this was our first DEF CON, so the difference in experience was there. Naturally, I was confident in my skills and my team’s but I also wanted to make sure we pulled our weight accordingly in this merger. To that end, MB also participated in and did their own individual training as a way to both gain confidence and to hopefully scale to the top talent in both The Duck and PPP. We played in A/D CTFs together to gain more experience in the format as a team, and to figure out what roles we were comfortable with.

Aside from pure A/D CTFs, we also took a look at as many other CTFs as possible for sake of exposure to as many unique problems as possible. Hell, I would even treat ICC as good exposure and grounds for skill developement! For example, MB played in Faust CTF 2022 solo, finishing 13th. Faust CTF was a great way to get familiar with A/D CTFs for some of us who were new to the format, and allowed us to get some fundamental skills to make our own custom tooling or formulate our own strategies we employed for DEFCON.

Google CTF

GoogleCTF was the first CTF we decided to play in together as MMM. It was a great CTF and a fantastic team-building exercise, and of course, our predictions were correct: for a good portion of the game in GoogleCTF we had occupied first place, so naturally people theorized about our identity. Looking back at it now, I was certain that some people have sussed out that MMM had at least included one of {Maple Bacon | The Duck | PPP}, and I believe that after GoogleCTF some players had indeed managed to figure out some of the truth - some people had (correctly) theorized that MMM had included both The Duck and PPP.

Regardless, we continued on, maintaining secrecy until the time we felt it was right to comment.

GoogleCTF felt like a good barometer to determine what our strengths were, both indiviudally and togehter as a team. It was from here we started to establish friendships and figure out how we worked togehter, how well we meshed together, and things like that.

Nice

DEFCON

Day 0

Prep began on the Thursday, August 11, before the start of the competition. Our hotel was close to the conference room to allow for those going to the floor on any given day convenience when travelling back and forth. We managed to arrive pretty early on this day, so we had some free time to explore Vegas before we began planning.

Omega Mart by Meow Wolf seemed like a great destination to spend some time in - it’s an immersive and surreal art exhibition set in a grocery store. It was very weird, but very fun. I also got my new favourite hat from the gift shop~

Omega Mart entrance

I used to be a real big art buff before the dawn of CTFs in my life, so I really enjoyed the surreal exhibit. Neon aesthetics are especially pretty to me.

Omega Mart entrance This hat go hard

Anyway, after Omega Mart, we reconvened for planning, debriefed on our strategies and figured out what roles we were going to be responsible for during the competition. It was important that we had an idea of what tasks we were doing, and although it was likely that overlap would occur during the contest, we wanted to at least know who was working on what should relevant information appear and we needed to ping a certain subset of people. In hindsight, I think this pre-planning worked quite well and gave everyone a task to do.

Day 1

On the DEF CON grounds

On the first day of DEFCON I was on the floor and helped set up networking and other logistics. Being on the floor was a pretty cool experience, although it was understandably very crowded in the forum. I was just happy to see old friends from back during ICC times, and make new ones.

LiveCTF final results MMM Banner on our table

The first day challenges were unique in that they would be closed down for the day, and new ones would appear the day after - essentially meaning we were free to sleep for that night :> This being my first DEFCON, I unfortunately don’t have anything to compare day 1 against. However, I was told that this was a deviation from the norm, as previous organizers would keep day 1 challenges up for people to hack at overnight. Regardless, the free day of sleep was welcome - but it’s not like I did alot of sleeping anyway.

After the day 1 event ended, my friends and MMMembers JJ, Alueft and I had decided to attend GOTHCON, which seemed like a goth-themed party occurring during the conference. The name is self-explanatory. And yes, we did have fun. We explored the DEFCON floor a bit more thoroughly that night since we didn’t have any time to do so during the competition hours, and I was able to walk around a few other parties and grab a few more stickers.

Live CTF day 1

Based on the problem we were given, we decided to let Robert Xiao represent us for the Live CTF portion of DEFCON day 1. He was in the same room hacking away, which definitely was a cool experience being in proximity to the action and celebrating after his triumph. Congrats to OSUSEC as well for the fantastic performance!

Sunset on Day 1

Conclusion of Day 1

Day 2

stickers

I woke up early and found myself in the hacking suites with the rest of MMM working on day 2 challenges. This was one of my favourite days since I was able to have fun with the others in the suite as we all tackled problems, scripted exploits, pushed patches and examined network traffic. I also really liked the food we ordered on this day - how have I never tried arepas before despite saying South American cuisine is one of my favourites?

Anyway, day 2 got really chaotic as the competition continued, as infra issues had unfortunately worsened and many technical difficulties popped up for both ourselves and for the others as a whole. We certainly had our fair share of issues, but realistically every team had some sort of fire to put out. I had a real quick break helping out with food delivery to those on the floor, but only for about 10ish mins since once I was back, I went back to doing my job. During my way back to the suites, I stopped by the car hacking village and a few other villages out of curiosity. I really wanted to spend more time at the Aerospace village and the RF village, fields of security I definitely want to explore on my own because it’s About Damn Time™️ I broaden my skills past web and hopefully I can do that in the future.

Of the challenges, one was of particular interest. The KoTH challenge, “corewars”, followed after the same-named programming game where you pit 2 programs against each other and have them execute instructions in memory round-robin style, each program keen on forcing the other to terminate by executing an invalid instruction. In DEFCON, all 16 teams had their warriors battle it out and each round the results were tallied and kept in a giant grid scoreboard. A fun concept, but the scoreboard had a few issues so it was unreliable as a results metric.

Day 2 challenges were to persist after the night, so even though the network closed at the end of the day, it was far from the end for us. A bunch of us stayed up late to continue working on finding exploits for all available challenges: mambo, corewar-n2 and the nivisor series. Honestly, this was not a new strategy for me, or us. We’re all used to staying up during odd hours of the night in order to solve a challenge :>

End of day 2 Conclusion of Day 2

Live CTF day 2

Oh my god Jinmo is SO FAST

Winner!"

Day 3

The final day. Day 3 was to be a shorter amount of time, ending at 1pm so it lasted only 4 hours. But it would be a chaotic and intense 4 hours, given that every team was operating under the assumption that we had a bunch of exploits ready to yeet at the others (which were found last night) once the light went green for the day. When the network opened on day 3, everyone quickly went into their roles and we focused on the CTF for those hours.

Things got hectic as the challenges that were out got, predictably, hit with new exploits and we raced against time to both reflect them and patch our services to oblivion. We had to do this alongside reporting infra fires and interfacing with the organizers whilst still doing our jobs. Even though day 3 was considerably shorter, we weren’t any less busy.

There were some very unfortunate things that occurred on this day, however, including infra issues abound and some other spats of chaos here and there which forced the organizers to close the game 1 hour early. While unexpected, we still had the LiveCTF event to take a look at.

Live CTF day 3

We were knocked out of the bracket by Starbugs, a very good team, and so the finale of Live CTF was a bout against perfect r✪✪✪t and Starbugs. The latter came out on top, so congrats to them!

LiveCTF final results

The Finale

The end results of DEFCON CTF were announced at the end of the closing ceremony, where we came out on top :) we were followed by Katzebin and Starbugs occupying 2nd and 3rd respectively. I was in the suite when this was announced, but we all cheered when the results came in and a subset of us accepted the black badges during the ceremony. I’m extremely happy to have MMM come in first place, especially given the reputation of DEFCON and the work that was put into it.

Victory!

The final day after the end of the contest was a free-for-all in terms of stuff to do. Since we had the rest of the day to ourselves, many of us wandered around or went sightseeing in Vegas for a bit after the conclusion of DEFCON. Some of us went ahead and had an MMM pool ppparty, since hey we might as well use the pool while we’re here :p

Later that night we saw the other teams at the afterparty, shoutout to perfect r✪✪✪t x organizers, where we mingled and formed plenty new friendships :> special shoutout to team Sauercloud for giving me the matrix gigachad sticker which has a new home on my laptop. One of us also distributed small rubber ducks to the afterparty, and I know this because for a brief 5 minutes the floor was just filled with sounds of rubber ducky squeaks.

Final Thoughts

DEFCON 30 was an interesting and wild ride, all things considered. As I’ve said before, I’m new to the scene so I’m by no means able to talk about this event in any authoritative capacity, so this blog posts comes off less as a general feedback note and more an introspection into what went down during. This was Nautilus Institute’s first DEFCON as organizers of the event, and I’m certain they have already recieved a wealth of feedback, most of which are sentiments I agree on in terms of infra handling, challenge deployment and whatnot. I, like many others, experienced first-hand a few frustrating issues during the CTF, which I believe they have taken note of and are compiling to guide them for next year. I can’t imagine the enormous undertaking it must have been to tackle a world-reknown CTF such as DEFCON, and I am very grateful that they have volunteered and stepped up to the plate for it.

As a whole, I’m happy and grateful for the opportunity given to me and to MB to be a part of MMM. I’ve formulated solid friendships and met some really amazing people, and I can’t have imagined even a year ago that my CTF journey would make its way to Vegas. I have learnt alot from this year’s DEFCON, and I’m excited to see what next year will have in store for us.

MMM

Vie