The hacking contest is a yearly competition taking place at the LinuxTag in Berlin. The setup consists of two notebooks with a projector attached to each of them. In phase 1 both teams get a root shell on the notebook and can do arbitrary manipulations to the Linux systems in order to place backdoors. After 15 minutes the teams switch notebooks for phase 2 and each team has the task to find and fix the backdoors placed by the other team in phase 1. After another 15 minutes the teams switch notebooks again and demonstrate the backdoors which are still working. In order to limit the complexity of the backdoors and prevent practically undetectable attacks such as a kernel rootkit, the teams have to enter the exploits to the system with nothing but a standard keyboard/mouse and paper notes.

Some exploits which have been used for the hacking contest in the past are already online at http://blogs.gnome.org/muelli/2011/05/linuxtag-hacking-contest-notes/. In the following series of blogposts I will describe some of the exploits we (Team LEGOFAN) have used in the past years.

The main conclusion of the competition is that there are so many possibilities of hiding a backdoor on a Linux system given temporary root access to the system and that it is practically impossible to securely clean up an infected system without reinstalling. The hacking contest also shows that a well-hidden backdoor doesn't necessarily require a lot of code such as a full kernel rootkit and that it is entirely possible to type in a backdoor via a standard keyboard within a very short time.