This year, we have 2 teams for Cyber Patriot. We have a Senior team consisting of Ryan Vrobel, Isaac Trost, Tanmay Sharma and Jarek Smith as well as a Junior team consisting of Alex Cihon, Anthony Spencer and Holly Goodwill.
Both teams started preparing weeks in advance. We had our Cyber Patriot mentor, Brian Theissen, working with the groups on Friday afternoons and I think the efforts really are paying off. Both teams went into round 1 feeling confident and excited with some powershell and bash scripts written to help with initial tasks so that more time could be spent sleuthing out the tough problems.
Gannon was kind enough to once again host us at the I-HACK building and it was an awesome experience!
We arrived at Gannon at about 12:30 and were working on the VMs by about 12:45. This round’s VMs were Windows 10 and Ubuntu 22. The teams shared a lab space but were divided up so that no information was passed from one group to another.
Both groups performed exceptionally well. They both got nearly all the points on Linux (94) before they locked themselves out of admin rights on the boxes….(seniors accidentally corrupted the PAM file, and the Juniors deleted a settings directory or something). The seniors got all 100 points on the Windows machine (a first for us)!…this was a close one though. They updated a security setting to use Windows Hello, but then never actually set it. So they were sitting at 95 points on the box when they restarted to apply updates. At that point, they could no longer log in, but fortunately the last 5 points were registered with the update (that was close!). The Juniors scored 90 points on the Windows machine, missing only the Windows Hello setting, and then the box did not have enough memory to properly reload so it got hung up when applying updates. So, in summary, the Seniors scored 194 and the Juniors scored 184. An amazing job by both teams!
Senior Scores:
Junior Scores:
A few additional notes:
- In the last hour, we were thinking about creating a “nuclear list“…this would be a list of “dangerous” actions we can take to try and knock out the remaining points. These would be actions that could essentially brick the VM, at which point we’d just stop working on it.
- Read the READMEs thoroughly and break them down. All the info needed is in those documents. With respect to the Juniors missing the Windows Hello setting, that was in the readme….of course, it may be best they didn’t get that one or they may have locked themselves out sooner, just like the Seniors.
- There was no packet tracing or quiz in this round do to Cisco NetAcad being scheduled for maintenance during some of the competition window.
In summary, this was an awesome time at I-HACK. Brian has been doing an amazing job mentoring the students and the work they put into this is really paying off. I am so proud of these guys!
