• [root~]# ls /Important_Dates
• 2006-08-01: Registration_Opens
• 2006-09-01: Challenges_Sent
• 2006-12-01: Solutions_Due
• 2006-12-15: Winner_Announced
• [root~]#

The Challenge

In case javascript is not enabled in your browser, here is a list of challenge descriptions.

Back to main page

• Audio Steganography
  Examiners must develop and document a methodology used to determine which files in the Steg Audio folder contain steg. You will also be expected to identify the carrier file and payload, in addition to recovering the password (where applicable) for each file you identify as containing Steganography. Points will be awarded for each successfully accomplished task.
  
  Total Weighted Points: 250
  
  
• Steganography using S-Tools
  Examiners must develop and document a methodology used to determine which files in the Steg Stools folder contain steg. You will also be expected to identify the carrier file and payload, in addition to recovering the password (where applicable) for each file you identify as containing Steganography. Points will be awarded for each successfully accomplished task.
  
  Total Weighted Points: 200
  
  
• Password Cracking
  Examiners must develop and document a methodology used to discover the payload of password protected files located in the Password Cracking folder. You will be expected to identify the payload and password for each file. You will find passwords varying in difficulty ranging from 40-bit to 256-bit key strength. Points will be awarded for each piece of information recovered.
  
  Total Weighted Points: 250
  
  
• Image Analysis: Real vs. CG
  Examiners must develop and document a methodology used to determine whether the images in the Image Analysis folder are real or computer-generated (CG). You will be expected to identify the nature of each picture. Points will be awarded for each successfully identified picture provided you supply a detailed methodology of how you derived your conclusion. Points will not be awarded for guessing.
  
  Total Weighted Points: 200
  
  
• Data Carving: Linux LVM Interpretation
  Examiners must develop and document a methodology used to interpret a Logical Volume Management (LVM) partition. An image of an LVM partition can be found in the LVM folder. You will be expected to develop a method to effectively analyze and recover a deleted file from an LVM partition. Points will be awarded for your proof of analysis by means of your methodology.
  
  Total Weighted Points: 250
  
  
• Data Acquisition: Boot a dd Image
  Examiners must develop and document a methodology for booting a dd image without reconstructing the media with normal conventions. A dd image can be found in the dd Image folder. You will be expected to develop a method to conduct a live analysis of a dd image by booting the dd image as if it was the local partition housing the bootable operating system. Points will be awarded for your proof of analysis by means of your methodology.
  
  Total Weighted Points: 250
  
  
• Data Acquisition: Boot a Split dd Image
  Examiners must develop and document a methodology for booting a split dd image without reconstructing the media with normal conventions. A split dd image can be found in the Split dd Image folder. You will be expected to develop a method to conduct a live analysis of a split dd image by booting the split dd image as if it was the local partition housing the bootable operating system. You may not concatenate the slices of the dd image into one piece. Points will be awarded for your proof of analysis by means of your methodology.
  
  Total Weighted Points: 500
  
  
• Media Recovery: Compact-disc
  Examiners must develop and document a methodology used to recover data from a damaged compact-disc. You will be expected to recover a piece of known data from the CD. Points will be awarded for successfully extracting data from the compact-disc.
  
  Total Weighted Points: 1000
  
  
• Media Recovery: Floppy Diskette
  Examiners must develop and document a methodology used to recover data from a damaged floppy diskette. You will be expected to recover a piece of known data from the floppy. Points will be awarded for successfully extracting data from floppy diskette.
  
  Total Weighted Points: 300
  
  
• Keylog Cracking
  Examiners must develop and document a methodology used to recover the contents of an encrypted keylog file. The keylog file can be found in the Keylog Cracking folder. You will be expected to develop a method to effectively decrypt and recover the contents of the keylog files. Points will be awarded for your proof of analysis by means of your methodology.
  
  Total Weighted Points: 250
  
  
• Metadata Extraction
  Examiners must develop and document a methodology used to recover the contents of several files. These files will vary in type and the information will be found in several different metadata standards. Clues will be given to help participants know what to look for in each file.
  
  Total Weighted Points: 200
  
  

Back to top