Need Help With Darknet Security


#1

Hey, what's up? stuck_out_tongue Now that the intrusion attempts on the darknet have trailed off, I've been working on some serious security improvements for our systems. I'm trying to implement some kernel-level security modules, and I could really use some help. Having more people working on it will make the work go faster and provide awesome diversity of approaches. sunglasses

Here's where you come in. I need security systems with a small memory footprint. That means a small amount of working resources as well as a lot of code reuse.

Give me your best systems that fit into a 4x4 block of memory and only use three kinds of nodes, not counting the root/goal node.

There's no security in obscurity, so make them public and link to them in this thread. Give feedback on the ones that are posted, and I'll incorporate them into my security setup. You don't need to do whole clusters; just a system or two will do.

Let me know if you have any questions! blush

peace,
sk3tch


#2

Well it's my first foray into system making, but heap on the criticism!

https://exploitzeroday.com/system/yr7PKk/

(Edit: Went back to my system. I had intended for players to have to fire both the vertical ports a bit staggered, but there's a solution that avoids that. Oh well)

Also: how do I delete systems?


How to Delete Systems
#3

this is a good one, and tricky on timing. 👌


#4

I got one for you guys. Any good?
https://exploitzeroday.com/system/GkM5lk/


#5

Here's my first one:
https://exploitzeroday.com/system/5djeyg/


#6

@omega12, I'd recommend removing one of the ports (top of 3rd column left to right) just so that the solution is just a little bit harder.


#7

@TChosen1 I enjoyed yours! Easy for n00bs like me.


#8

Here's mine:
https://exploitzeroday.com/system/qrAJAk/

It's pretty nasty, if I say so myself.


#9

Finally cracked your one! Yeah, that was a really tricky one to work out the timings for.


#10

Finally decided to make one of my own. I'm new here, but I can handle almost any system that you guys can come up with. Here's mine. https://exploitzeroday.com/system/Ege1Kg/


#11

Thanks, everybody! heart_eyes I've compiled the systems you provided into a VM for a final round of testing before I integrate them into the darknet infrastructure. Check it out!

Developers, feel free to keep tweaking things, and everyone give whatever feedback you need to. If you missed out on being included in this effort, don't worry; I'm hoping to have plenty of opportunities for you to contribute in the future! information_desk_person

I'll give a week or so for feedback and tweaks before I integrate this.

peace,
sk3tch


#12

@CuCN 4+5+6 can cause a lock-out if the top left port is the first one activated. Not sure if it is intentional, but having to restart can be a minor annoyance.


#13

@WUBRG considering the types of levels he's made (at least the truly difficult ones), I assume it is intentional. It is annoying, but it is a little bit of a motivator to not mess up again.


#14

Hey sk3tch you might like to check for any recent changes to systems in your cluster since say around Friday, particularly those that make getting in somewhat easier. Something a little "sk3tchy" is going on, imo. I'll clarify in PM.

You may complain about the lack of trust I've given you guys (sorry), but given who we're dealing with "trust, but verify" should be our watchword.

((OOC: won't actually send pm unless absolutely necessary))


#15

You there sk3tch? I'd think reassuring us on the security of the darknet quickly is a pretty important thing, given who we're up against and fairly recent events that I shouldn't need to clarfy.


#16

Yeah! I'm keeping an eye on the systems. I'm definitely seeing a bunch of traffic hitting them, including some stuff that looks like automated penetration attempts. That's cool! We want to test these as much as possible. +1

I'm seeing some of the contributors modifying their systems, hopefully to patch stuff that's coming up. None of the modifications have seemed too major so far: minor tweaks, small enough that I can't say whether they make a huge difference. I'll trust you folks' judgment unless I have reason not to!

I never got that PM; I'll hit you up for the deets. peace!


#17

So this took longer than I hoped, but I spent extra time to do some audits. confused This sort of thing is hard to judge. I'll reassure you all that none of the systems are outwardly broken in their security, but it's a judgement call as to whether or not they're less effective than they could be.

I have gotten pretty clear evidence that someone has been offering to pay for easier access. That's a real bummer. I'd hope that none of you would take them up on it, but, well... I don't really know you all that well. sweat

I've talked with @KernelPop and @TripleThreat and in the end we decided to go ahead with this kernel cluster. It'll be installed in the darknet kernel. At some point we might upgrade it, but for now I think it'll do well enough.

peace.


Are We Ready to Act?
#18

Made another system, not sure if it would be considered secure enough for this kernel.

https://exploitzeroday.com/system/YkOZ3r/


#19