Scenario: EDA001
Skype, a free online service that allows users to communicate by voice, video, and chat, was a cause for a bug that allowed hackers to execute malicious code remotely. This bug was leaked and then discovered by Skype themselves; following this, the bug was mitigated and fixed. A group of hackers managed to replicate this bug in the new version, but all they provided is a POC.
Scenario: EDA002
A group of international cyber activists managed to abuse a vulnerability in an FTP Server; the company rushed to fix the issue, but after months of going back and forth, they were unable to replicate the steps that the cyber group preformed. Following this, the company issued a bug-hunting program, rewarding the first to provide a working POC.
Scenario: EDA003
Some unknown hackers managed to hack into the Linux Mint website and replaced the download links on the site that pointed to one of their servers, offering malicious ISO images for the Linux Mint OS. Your group was tasked with analyzing the ISO file and by thus finding the attackers.
Scenario: EDA004
A famous group of Chinese hackers carried out political espionage, dubbed the “MessageTap”. This backdoor malware data miner has recently been discovered installed on a Linux-based SMSC server of an unnamed telecommunications company. It seems that the backdoor was based on vulnerability; we require your assistance with gaining access and retaking the servers.
Scenario: EDA005
The GHOST vulnerability is a buffer overflow condition that can be easily exploited locally and remotely, which makes it extremely dangerous. Our firm suspects that specific machines on the network are compromised. Use your skills to detect compromised hosts and provide a POC of the issue.