Blog
Hacking the Planet - A DEFCON ICS CTF 2024 Retrospective
September 16, 2024
In 2023 at DEFCON 31, a few friends and I decided to tackle the Industrial Control Systems (ICS) Capture the Flag (CTF) competition. To our surprise, the four of us secured 2nd place with almost no prior experience in the ICS security space. With coming so close to winning the event we were hooked on it.
This year, in 2024, my team took first place by a whopping 37% more challenges solved than the next team. In this post, we will walk through the experience of winning the competition in 2024, tips for new competitors and I'll even go through the solution for my favorite challenge. Enjoy!
Preparation
From 2021-2023, I ran a workshop on heap exploitation at DEFCON. Last year, this took half of a day for myself and my buddy Kevin Choi. This year, the only activity I participated in was the Red Alert ICS CTF; the more time you spend on challenges, the more challenges you can solve. This year, we wanted to take the event more seriously by committing more time to it and preparing for it in advance. How do you even prepare for a CTF like this?
From reading articles about the event and posts on their Twitter, the Red Alert team seems to reuse challenges and challenge types from year to year. After participating last year, we consciously tried to store all our notes. We solved several challenges almost instantaneously this year from writing down solution steps and keeping scripts from the previous year. This gave us a major leg up on many reused or recycled challenges. The key takeaway is to look for patterns at the events and use this knowledge to your advantage.
Another preparation tip is researching the technologies used in ICS, such as Modbus, OPC-UA, and others. Our team had all of the clients/libraries already downloaded for interacting with the protocols and had detailed notes on how each protocol worked. If any of these ICS-specific protocols came up, we were able to solve these challenges very quickly since we only had to focus on the challenge properties and not how to simply interact with the challenge. Josue even attended a few ICS security conferences to get deeper ingrained in the ecosystem.
Continue Reading →
Cosmos IBC Reentrancy Leads to Stolen FundsExternal
April 23, 2024
Cryptographic Asymmetry and How To Shut Down A Cosmos-Ethereum Bridge
December 27, 2023
Recently, ging3r and I (Strikeout) found a vulnerability in the Gravity Bridge. Since I wrote up the last few vulnerabilities on this blog, Ging3r wanted to use his voice to tell a story. Ging3r decided to write on my blog, becoming the first guest blogger on my site. He's got a good voice and explains the bug well. Enjoy! :)
Asymmetry
I’ve been programming and hacking for about 10 years now, and one of my favorite things in this space is the asymmetry inherently created by cryptography. The most powerful governments in the history of the world have been brought low, and forced to spend billions of dollars to find side channels and make extortive deals, all because given b^k = a mod n, it’s quite difficult to figure out k.
It truly is that simple. There is some essential hardness (in the computational complexity sense of the word) that our symbolic representation of that problem latches onto that is thus far impenetrable. Even organizations with high incentivisation to do so and billions of dollars to throw at legions of mathematicians have yet to figure out a simple way to solve such a simple problem.Yet little old me, here in my little old room, can conceptually latch onto and use those essentially hard problems, for any variety of fascinating ends. With real world consequences.
The set of real world consequences of our manipulations of those symbols has, thanks to Satoshi Nakamoto and others, been thoroughly brought into the economic realm. The mixing of ethereal, abstract mathematical concepts with our human flesh and blood economic incentivization schemes is part of what makes the blockchain space so fascinating to me. Where else in history has such a crossing of conceptual wires occurred? Did Diffie and Hellman know that one day they’d play a part in putting the not-so-metaphorical food on the literal table rof a whole army of blockchain devs, auditors, and blackhat hackers?
In this post, I’m going to explain how I (Ging3r) and Strikeout (the owner of this blog) recently discovered a bug in a Cosmos to Ethereum bridge that, while being only a chain halt, still showed some of the remarkable signs of that inherent asymmetry that I find so fascinating. Before I explain, however, there’s a few important prerequisites.
What Is Cosmos?
Cosmos is one iteration of interchain technology. Instead of trying to create a whole bunch of unique chains each with their own ecosystem, Cosmos seeks to create an ecosystem where a bunch of unique chains can each do their own thing well, and use their integrated interconnectivity to communicate with all other Cosmos chains seamlessly.
Cosmos uses the idea of application specific blockchains to craft this ecosystem uniquely suited to interconnectivity. The Cosmos SDK provides all the protocols and packages and algorithms, you just build your application specific chain to do it’s application specific thing. Then turn on a few extra knobs and toggles and whistles and such and you can natively interact with all the other chains using the same protocols. I’ll save some ink for both you and I and keep my brief description brief, but you can also read strikeout’s excellent introduction to the Cosmos SDK.
Continue Reading →
Not Your Stdout Bug - RCE in Cosmos SDK
October 11, 2023
Imagine, you're hunting for bugs in a project. You're reading through the documentation of a widely used framework with millions of dollars at stake. Then, you stumble across this:
Cosmovisor is small process manager for Cosmos SDK application binaries that monitors stdout for incoming chain upgrade proposals. If it sees a proposal that gets approved, cosmovisor can automatically download the new binary, ..., switch from the old binary to the new one, and finally restart the node with the new binary.
Wait, what? It looks like the watchdog program scans through stdout to determine if an update has occurred. If that's true, then this is completely insane! All you would have to do is find a way to write to stdout and the process manager would update your binary. Is this real?
This was the position we were in: a horrible design flaw staring us in the face. While Nathan and I were reviewing the Cosmos SDK, this documentation caught my eye. And there was no going back. Both of us had been here before though. Most of the time, these "obvious" issues turn into sad and unfruitful dead ends. But this time, for once, it was real. Our deep dive into the codebase, and all our time chasing down all those loose ends, had finally paid off. I want you to join us on our journey through the high of discovering, exploiting, and reporting this bug.
For those outside of the blockchain space, this is an interesting application security issue that requires no blockchain-specific knowledge. For those in web3, this is a fascinating wake up call that not all bugs are in smart contracts; they can be within the infrastructure of the blockchain too. Enjoy! :)
Background
Cosmos SDK
Ethereum allows for the execution of arbitrary code on the blockchain. However, as the first of its kind, it has several drawbacks:
- The transactions per second (tps) is extremely slow at around 14 per second.
- Gas, or paying for your code to be executed on the network, is expensive.
- Lack of customization of the functionality of the blockchain provided to its developers.
- Lack of built-in interoperability between other blockchains. Bridges exist but are clunky and prone to vulnerabilities.
What's the solution to these problems? Create something that is faster, cheaper and allows for customization as well as interoperability between other blockchains. The Cosmos SDK is a blockchain development framework that perfectly meets all of these criteria to make application-specific blockchains. Application-specific blockchains are services made for a specific project, allowing more control over the ecosystem for the developers and users.
Continue Reading →
Eating 4 Day Old Sushi - Replicating the SushiSwap Hack
April 20, 2023
Millions of dollars are commonly lost on DeFi hacks. In any other industry, this would mean lawsuits and jail time. In DeFi, as shown by Rekt leaderboard of hacks, this is just another day.
The most recent victim was a days-old contract: a Router from the Automated Market Maker (AMM) SushiSwap. A whitehat partially saved the funds of one user, but this triggered the MEV bots and blackhats to swoop in to clear everything else out. How was this done? In this article, we will dive into the vulnerability and write a full proof of concept exploit for the security issue. Included in this post is a demo environment to tinker around with the exploit code and understand this deeper. If you want to watch this in a video form, go watch the livestream with OpenSense.
Background
Before diving into the technical details, some context is required. My goal is to provide everything needed to understand this vulnerability with links to dive deeper, but some basic programming knowledge and some familiarity with Solidity (addresses, msg.sender, tokens, etc.) will help understand the bug in full. Have fun!
High Level Issue
The Sushiswap vulnerability is complicated when looking at the system as a whole. So, above in Figure 1, is a super simple version of the exploitable contract like you would find in a CTF.
The smart contract takes in an address as the parameter in func1(). The call sets the pool variable to be the user provided address parameter. In a different function, func2(), restricts access to the code based on the pool parameter.
Since a malicious user controls the pool parameter from the previous call, an attacker can bypass the restriction to perform sensitive operations. In this case, an attacker stole funds from other users. And that's basically it! You now have a high level understanding of the bug! After the general background section, we'll get into the nitty-gritty details of how this works.
Continue Reading →
