Capture The Flag evening - Part 8
- 24 February, 2014 - 7 PM
- Please bring along a laptop with you!!!
General CTF Info
- We're happy with our performance at the Codegate CTF!
- Exploiting assembly code with a debugger is still one of our largest hurdles (with the exception of a few people)
- Discussion of problems - we discussed: Weirdshark and 120
- The write-ups for Codegate on CTFtime.org still aren't available yet!
- We'll email a link to the write-ups when they are available, and can discuss them on the mailing list.
- Marielle saved a copy of the pad contents from Riseup.net (before it disappears), and will email a link to the ctf mailing list
- We need a better way of sharing stuff
- Dimitris setup some great infra, including a file uploader
- Melanie sent a link to the CTF mailing list with the URL and the login credentials
- Melanie wasn't able to successfully upload IDA Pro though -- file size limit issues
- Another limitation is that we can't arrange things into folders ourselves
- Coolfile also setup a Knuffelhackers (FTP) server, (and emailed the details to the ctf list), since 2 options are better than 1 :-)
- During the next CTF, we should definitely use Dimitris' Etherpad infrastructure:
- IDA Pro was AWESOME for decompiling and reversing!!!
- We definitely need to have an IDA Pro reversing evening -- we'll plan this in
- But first we need to share it with everybody
- Melanie created a Windows VM with IDA. She can share it with everybody once the file sharing infrastructure is ready..
- Next CTF? We are thinking that 1 CTF/month is a good amount.. enough to keep us in practice, but not too much to burn people out (because CTFs suck up an entire weekend.)
- If VUBAR plays on other weekends, that is always an option for people who want to play more than once/month
- We aren't sure yet which one we want to do. We are going to look at ctftime.org, think about it, and come back with ideas next week
Intro to x86 Disassembly
- We're gonna look at Chapter 2 (Programming - start at Page 19 'Getting your hands dirty') of this book:
- We talked about calling conventions (cdecl, stdcall, fastcall, etc…) and how they influence function prologues/epilogues/stack cleanup/order of parameter passing/etc…
- Explanation of commonly used x86 ASM commands: Reverse Engineering Cheat Sheet
- Commonly used gdb commands: GDB-Tips, GDB Cheat Sheet
- We went through pages 19-30 on the beamer, and interactively with GDB in the live CD, with people asking questions
- Homework: read pages 1-30 of 'Hacking: the Art of Exploitation' in detail (following along in the Live CD)