OOO archive --- DEF CON CTF [ login ]

dc2021f - barb-metal reversing pwn finals

by crowell, matt

This was an attack/defense challenge, part of dc2021f.

Points: 1,000
PCAPs: download

You may spawn the server:

On your laptop
  • Install docker
  • docker pull archiveooo/pub:barb-metal (docker-saved download)
  • docker run -d --name barb-metal archiveooo/pub:barb-metal
  • Local IP: docker inspect barb-metal -f '{{ .NetworkSettings.Networks.bridge.IPAddress }}'
  • Connect to that IP:7829 — Remember to docker rm -f when done.
On your laptop (full source)
  • Install docker and pip install PyYAML coloredlogs
  • git clone
  • cd barb-metal
  • ./spawner --log-level=INFO
  • Connect to the ip:port displayed
Hosted by OOO Right now we're asking players to login first.



This challenge was part of the finals

During finals, scoring happens per-round based on attack (steal flags from others) and defense (patch the service to prevent others from pwning you) points. Patching is not currently simulated on the archive, but keep in mind that most services only allowed a limited amount of bytes to be changed from the original binary. Scoring rules for 2019 2020 2021.

King of the Hill points are also awarded per-round, with only the top-ranking teams getting points.

Teams were informed of game events, with redacted info on the last day. In 2019 players could see traffic pcaps only after some time, in 2020 and 2021 they had the choice the stealth their traffic or not (for half the points).

OOO's new IOT platform: Ruby on Rails? No. Ruby on Bare Metal x86. Building native extensions. This could take a while...
this challenge has no flag limit and can be retired at our discretion

line_weight service line_weight payload.bin


None yet :(
If you wish, you can contribute some.


Spoilers ahead! Code for this challenge is publicly available.