forked from CyberGrandChallenge/cgc-release-documentation
-
Notifications
You must be signed in to change notification settings - Fork 0
/
RELEASE_NOTES.txt
241 lines (229 loc) · 10.3 KB
/
RELEASE_NOTES.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
July, 2016: CFE Update Release
- Adds example CFE CSes:
- KPRCA_00055: Matrix math calculator
- KPRCA_00056: An interpreter for headscratch language
- KPRCA_00057: Glue, a file archiving system
- KPRCA_00058: Secure authentication service
- KPRCA_00059: Sensor reading software
- KPRCA_00060: Simple printer protocol
- NRFIN_00028: Software to secure ICS infrastructure
- NRFIN_00074: Document rendering engine
- NRFIN_00075: Cereal vending machine
- NRFIN_00076: Ski resort modeler
- NRFIN_00077: Multicast chat server
- NRFIN_00078: Eddy text editor
- NRFIN_00079: Family tree builder
- NRFIN_00080: NOPE tax filing software
- Adds option to specify poll seed in cb-testing acceptance
- Fixes typos in cb-proxy
- Adds network appliance test for multiple rules
- Updates poll-generator to sum random number of polls
- Fixes floating point error in poll-generator
May, 2016: CFE Update Release
- Adds example CFE CS:
- NRFIN_00073: CTTP, a reduced overhead web server
- Updates cb-acceptance to use max depth from makefile
- Updates ti-spec,client,server
reflect all four reported values instead of three
- Updates cb-proxy to have max size inspection buffer, new tests,
performance improvement when not debugging
- Update poll-generator to support generating variable number of polls,
verify polls sent and recv data, new tests
- Updates ti-rotate to support poll functionality tests
- Fixes bug for status write timing in ti-rotate
- Fixed typo in in ti_rotate for IDS pathing
- Adds missing "replace" to using network appliance walk-through
- Applies kernel security patches
February, 2016: CFE Update Release
- Adds example CFE CSes:
- CROMU_00070: a GPS package tracking service
- CROMU_00071: a flight planning tool
- Adds ANSI X9.31 library to poll-generator
- Adds evaluation command to sample ti-client
- Update cb-test, cb-acceptance to facilitate passing environment
variables (--cb_env)
- Update service-launcher to facilitate passing environment
variables (-e)
- Update ti-server to use cgcef_verify instead of inline CB validation
- Update ti-rotate
- Add CSID in feedback
- Add type-2 negotiation error emulation
- Update libcgc to compute lightweight check on environment use to
create a CB
- Update cb-proxy to cleanup negotiation-related source
- Update cgcef-verify to cleanup error exception handling
- Fix typos in ti-api-spec to match implementation
- specify TEAMID in example URIs
- cb feedback includes CSID
- range of throws is 0-MAX_THROWS
- Fix typos in libcgc documentation: fdwait.md, random.md, receive.md
- Fix cb-test, cb-acceptance sequential read bug
- Fix ti-client to force feedback field order
- Fix ti-rotate relative path bugs
- Fix but in exit.c: ifdef typo
- Fix this README to include missing Dec 2015 release notes
December, 2015: CFE Update Release
- Fix cgc-cb.mk to facilitate IPC challenge sets
- include pov directory in builds
- Add a flag to cb-test to modify seed for flag page testing
- Add a flag to cb-replay to modify seed for flag page testing
- Update cb-acceptance
- Add a no cleanup flag
- Add a strict flag
- Warn when flag page is not utilized in polls
- Warn when using 1-byte writes
- Check for valid type-2 patches
- Check for valid PATCHED_1...PATCHED_N labels
- Check for valid VULN_COUNT
- Update cb-service-launcher to facilicating using --cb-test --debug
when not using --no_attach
- Update ti-server to reflect CFE size limits
- Update cb-proxy to reflect CFE size limits
- Fix strace u_arg file bug
September, 2015: CFE Update Release
- Speficy RE2 syntax in the CFE network appliance instead of PCRE.
- Fix matching bug in the CFE network appliance.
- Include the xml2c utility in the release to compile a CQE style XML
PoV into a CFE style PoV.
- Internal refactoring of ti-client, ti-server and ti-rotate Virtual
Competition.
- Handle variables in the poll generator.
- Generate 1,000 polls when conducting challenge-set acceptance testing.
- Add a flag to cb-test such that cb-server will not attach to the CB
which allows local debugging but prevents PoV verification.
July, 2015: Initial CFE Release
- Walk-throughs have been updated
- Running the VM
- Virtual Competition
- Understanding CFE PoVs
- Understanding Poll Generators
- Using the Network Appliance
- Building a CB
- Debugging a CB
- Testing a CB
- Submitting a CB - instructions to CB authors
- CRS Team Interface API documentation
- A Virtual Competition has been provided as a CFE simulator until
such a time as the CGC team completes and offers competitor access
to the competition infrastructure.
- Add new CFE PoV mechanisms
- Type 1: Register Set PoV
- Type 2: Memory Disclosure PoV
- Support Autonomous Network Defense AoE
- Service polls have been extended to allow deeper interactions and
have a priori knowledge of the random contents of the CB's flag page
per poll.
- Example CFE Challenge Binaries:
- CADET_00003: Palindrome service derived from CADET_00001
- EAGLE_00005: A Hangman-like game
- A cb-acceptance tool to conduct automatic IV&V of submitted CBs
July, 2015: CQE Release
- Publish source code of the Challenge Binaries used in CQE
April, 2015: Scored Event 2 Release
- Source code to Challenge Binaries used in SE-2
- Mapping of CBs to event identifiers
- Clarify backup event submission plan in cgc-qualifier-event-api
walkthrough
- Make poll generator create file names consistent with documentation
- Fix DECREE interaction with Linux capabilities
March, 2015: Pre Scored Event 2 Release
- Update all CQE event scripts:
- Note that dashes in the filenames have been replaced with
underscores to allow for easier python imports
- Method to verify that a local submission matches the submission
received by Amazon S3
- The cgc-qualifier-event-api walk-through has been updated to reflect
the above script changes.
- The cgc-qualifier-event-api walk-through now documents a backup
event submission mechanism in the case of an Amazon S3 outage.
- cb-server utility now uses higher precision task clock to assist in
measuring performance score especially when service polls completed
more quickly than the 10ms scheduler clock
- Update the scoring-cbs walkthrough to reflect the use of the higher
precision task clock performance metric
- Release missing CROMU_00007 CB from Scored Event 1
- Stricter cb-server socket initialization to remove a
non-deterministic corner case in performance calculation on a
loaded system
- Various optimizations to drastically speed up cb-test
- Added a walk-through for using ptrace to perform instruction tracing
of a challenge binary.
- strace bug fixes:
- zero byte allocations
- process args on system call entry
February, 2015: Post Scored Event Release
- Embed CGC Extended Application into every challenge binary
specifically to include the event participation agreement.
- Embed the DECREE debian package listing into every challenge binary
to allow for future repeatable testing.
- Verify PoVs' and polls' XML start tag, DOCTYPE and DTD path
- Add cqe-verify-solution-package script to validate an event
submission
- Fix typo in cgc-qualifier-event-api walkthrough and bug in the
associated cqe-submit-solution.py script
- Update scoring-cbs walkthrough
- Include a Newsletter on cyber security Capture-the-Flag tournaments
on which CGC is based
- Service poll generator graphs percentage of polls which visit a node
- Update allocate() man page
- Better CB memory usage reporting and scoring walkthrough
- Proper PCRE grouping in service polls and PoVs
October 31, 2014: Scored Event #1 update Release
- Updated CQE/Scored Event API documentation and example scripts
in response to competitor feedback.
- Improvements to insure deterministic poller processing.
- PoV/Poller XML parsing limited to ten seconds.
- Correct path to the DTD in generated service polls.
- CBs only dump core on a PoV signal.
- Easier instrumentation and debugging when running CBs in cb-test.
- Walkthrough for running Intel PIN on CGC Challenge Binaries.
- Added a readcgcef-minimal.py which does not depend on insecure libs.
- cgcef_verify re-implemented in python to reduce insecure dependencies.
- Allow more arbitrary mappings from the executable headers.
- Internal robustness improvements.
- Backport Linux security patches.
October 2014: Scored Event #1 Release
- Documentation (http://github.com/CyberGrandChallenge/cgc-release-documentation)
- CQE/Scored Event API documentation and example script
- Updated Master Schedule to confirm scored event on Dec 2, 2014
- Newsletters:
- Interprocess Communication challenges newsletter
- C++ challenges newsletter
- Walk-throughs:
- How to compare the score of replacement CBs
- Refined guidance to authors submitting CBs
- Metrics to evaluate CB authors post-CQE
- Service poll generation improvements
- programmatic delays
- "finish" nodes to call at the end of an poll
- Variable instances
- Allow borrowing implemented algorithms from the CB itself
- More error reporting
- Challenge Binary Testing improvements
- Test utilities measure and report low fidelity CB performance
- Timeouts are no longer mis-reported as a PoV
- IPC CBs exit gracefully
- Testing speed improvements
- fdwait system call timeval truncated to multiples of 10ms
- New Challenge Binary Templates:
- LUNGE_00003: pipeline IPC template
- LUNGE_00004: producer-consumer IPC template
- Additional example challenge binaries
- EAGLE_00004: fix previously release example
- LUNGE_00005: Function pipeline (IPC example)
- TNETS_00002: Virtual pet (C++ example)
August 2014: Challenge Binary Author Release
- Switched challenge binary compiler from GCC to CLANG
- Update Master Schedule to reflect new Scored Event date
- Update CQE Scoring documentation
- Update walk-throughs
- Added service poll generation utility
- Service template provides example usage of all system calls
- Added math intrinsics to libcgc.a
- Additional example challenge binaries
- CADET_00001: Simple Palindrome service
- EAGLE_00004: Tribute to DEFCON CTF (IPC example)
- KPRCA_00001: Gopher-like server
- KPRCA_00003: Image compression
- YAN01_00002: Tennis ball motion calculator
June 2014: Original Cyber Grand Challenge Release