Pesky Neighbor¶
To earn the Pesky Neighbor flag, attackers must cause the neighbor’s decoder to violate one of the three Security Requirements.
Competitors will interface with the Pesky Neighbor scenario through slack in a similar manner as to
the testing service. This will be with the /pesky_neighbor_ref command for the reference design
and the /pesky_neighbor command to target other teams in the attack phase. Attackers will select
a target team and upload a zip file containing the attack script named pesky_neighbor.py to be
executed and an optional setup.sh file to install dependencies. The path to the decoder will be
in argv[1] when the python script is executed.
Note
Each team channel can only run one pesky neighbor attack at a time, so plan accordingly!
While only changing the timestamp metadata associated with a frame can be a useful primitive for constructing attacks, doing this by itself will NOT be considered a successful pesky neighbor attack.
Upon a successful attack, the flag will be returned to the slack channel as a flag.txt file
upload. You will see a message similar to Job pesky_neighbor_ref completed with result: success.
This indicates the success or failure of the attack.
Upload Format¶
The zip file competitiors upload must follow a specified format. Specifically, it MUST include a
file named pesky_neighbor.py, which will be the entrypoint of the exploit. Any files you need to
use (e.g., subscription updates, exploit payloads, additional libraries, etc.) may be included in
the zip file and will be available at the CWD, /workdir/.
# Your files will be unzipped to /workdir/. Optionally, you may include a setup.sh script to
# install dependencies. Finally, run `pesky_neighbor.py <device>`. NOTE: it is not safe to
# assume <device> will always be /dev/decoder as shown here. This device may change. You should
# trust sys.argv[1]
cp /attack_files.zip /workdir && unzip attack_files.zip
timeout 1m bash -c '([ ! -f "setup.sh" ] || sh ./setup.sh) && python3 pesky_neighbor.py /dev/decoder'
if [ $? -eq 124 ]; then
echo '1 minute timeout reached!'
else
true
fi
You may download an example zip file here: pesky_example_25.zip.
