Shellphish is a group of security enthusiasts born in the University of California, Santa Barbara (UCSB) in 2004. Since then Shellphish played countless Capture the Flag (CTF) security competitions, winning the DEFCON CTF finals in 2005 (and Nuit du Hack CTF Quals in 2016).
In 2015, Shellphish enrolled in the DARPA Cyber Grand Challenge (CGC). Differently from other security competitions, in which humans have to solve security challenges (such as exploiting binaries or web services), during the CGC participants have to build an automatic system that solves them! In particular, teams have to build a system that is able to automatically find vulnerabilities in binaries, exploit them, and patch them, without any human intervention.
In this talk we will present the system we developed to participate in the CGC. Our system was able scored among the top 7 teams during the qualification event of the CGC, qualifying us for the CGC final event, and winning a 750000$ qualification prize. During the talk, we will also introduce how we are preparing for the CGC final event, which will be held in August 2016 at Las Vegas. During this event, qualified teams will compete against each other to win a first-place prize of 2 millions dollars (and eternal bragging rights).
Part of the system we developed is based on angr, the open source binary analysis framework developed at UCSB. During the talk we will demo angr, showing how it can be used to automatically find vulnerabilities in binaries.