Willie Wonka and the Chocolate Hackery


Willie Wonka and the Chocolate Hackery

By Ed Skoudis

The enigmatic Mr. Willie Wonka had caused a worldwide uproar.  The billionaire candy maker had hidden five golden PCMCIA cards in the packaging of his delectable Wonka chocolate bars.  Any child finding a golden card was cordially invited to an exclusive tour of Wonka's factory, the inside of which no human other than Wonka had seen in decades.  One hundred million children scrambled to find the golden cards, but only five were lucky enough to win.

After weeks of frantic chocolate buying, the winning children lined up outside of Wonka's factory gate for the tour.  As you'd expect with today's computer-savvy kids, each child toted a laptop or PDA with a wireless LAN card.  The kids carried a diverse mix of technology:

•Augustus Gloop lugged a Windows 2000 laptop.

•Violet Beauregarde brought an OpenBSD laptop.

•Veruca Salt clutched an iPaq running the PocketPC operating system.

•Mike Teevee carried a PalmOS-based PDA.

•…and Charlie clung to his old, beaten-up Linux-based Thinkpad.

During the tour, the children noticed small, orange men operating the machinery in Wonka's factory.  "What are they?" cried Veruca, in an annoying faux British accent. 

"They're Oompa Loompas from Loompaland," answered Wonka, "They perform all of my system administration, network, and security tasks.  Why, I've got them monitoring IDS sensors everywhere.  Any children caught hacking my systems will be summarily dismissed and searched by my forensics Oompa Loompas!"

"Why all the security?" asked Charlie. 

"It's Slugworth," whispered Wonka, "He's after the formula for my new Everlasting Gobstoppers.  I must keep it secret from him or I'm ruined!"  Wonka briefly showed the children the Everlasting Gobstopper recipe on his computer browser.  The file was named "Gobstopper.txt" and it contained the strings "secret," "gobstopperXZ," and "recipe08".

The tour commenced.  Sadly, at various points of the expedition, each child attacked Wonka's systems.  Augustus conducted a gluttonous port scan of all systems on the chocolate river, blocking the network pipe.  Violet tried swiping an Ooompa Loompa's blackberry, turning into a giant blackberry herself.  Veruca launched a buffer overflow attack, using a bad egg that was instantly detected.  Mike attempted to create a covert channel in a streaming video link.  Even good-natured Charlie accidentally contaminated the controller of a ceiling fan with the SQL Slammer worm.  As the children were dismissed from the tour, they had to submit their computer or PDA to the forensics Oompa Loompas as they left the building.

And that, dear reader, is where you come in.  You get to be a forensics Oompa Loompa, and answer the following questions:

1) On each child's computer, where would you search for the Everlasting Gobstopper recipe?

2) What tools would you use for your search?

3) How would you use these tools to find the recipe?