Difference between revisions of "CTF-practice-evening:2014-02-24"

From Technologia Incognita
Jump to: navigation, search
 
(9 intermediate revisions by the same user not shown)
Line 47: Line 47:
 
** We aren't sure yet which one we want to do.  We are going to look at ctftime.org, think about it, and come back with ideas next week
 
** We aren't sure yet which one we want to do.  We are going to look at ctftime.org, think about it, and come back with ideas next week
  
= Binary Exploitation =
+
= Intro to x86 Disassembly =
  
* We're gonna look at Chapter 3 (Exploitation - start at Page 119) of this book:
+
* We're gonna look at Chapter 2 (Programming - start at Page 19 'Getting your hands dirty') of this book:
 
** [http://rogunix.com/docs/Reversing&Exploiting/Hacking%20-%20The%20Art%20of%20Exploitation_2nd%20Ed.pdf Hacking: the Art of Exploitation]
 
** [http://rogunix.com/docs/Reversing&Exploiting/Hacking%20-%20The%20Art%20of%20Exploitation_2nd%20Ed.pdf Hacking: the Art of Exploitation]
 
** You can get the Live CD [http://www.nostarch.com/hackingCD.htm here]
 
** You can get the Live CD [http://www.nostarch.com/hackingCD.htm here]
 +
 +
* We talked about calling conventions (cdecl, stdcall, fastcall, etc…) and how they influence function prologues/epilogues/stack cleanup/order of parameter passing/etc…
 +
** Homework - have a look at: [http://en.wikibooks.org/wiki/X86_Disassembly/Calling_Conventions Wikibooks:Calling_Conventions]
 +
* Explanation of commonly used x86 ASM commands: [http://coolfire.insomnia247.nl/BMA/X86_Win32_Reverse_Engineering_Cheat_Sheet.pdf Reverse Engineering Cheat Sheet]
 +
* Commonly used gdb commands: [[GDB-Tips]], [http://darkdust.net/files/GDB%20Cheat%20Sheet.pdf GDB Cheat Sheet]
 +
 +
* We went through pages 19-30 on the beamer, and interactively with GDB in the live CD, with people asking questions
 +
** Homework: read pages 1-30 of 'Hacking: the Art of Exploitation' in detail (following along in the Live CD)

Latest revision as of 22:48, 24 February 2014

CTF-practice-evening:2014-02-24
Date 2014/02/24
Time
Location ACTA
Type Workshop
Contact Melanie

Capture The Flag evening - Part 8

  • 24 February, 2014 - 7 PM
  • Please bring along a laptop with you!!!

General CTF Info

Codegate Retrospective

  • We're happy with our performance at the Codegate CTF!
  • Exploiting assembly code with a debugger is still one of our largest hurdles (with the exception of a few people)
  • Discussion of problems - we discussed: Weirdshark and 120
  • The write-ups for Codegate on CTFtime.org still aren't available yet!
    • We'll email a link to the write-ups when they are available, and can discuss them on the mailing list.

Infra issues

  • Marielle saved a copy of the pad contents from Riseup.net (before it disappears), and will email a link to the ctf mailing list
  • We need a better way of sharing stuff
  • Dimitris setup some great infra, including a file uploader
    • Melanie sent a link to the CTF mailing list with the URL and the login credentials
    • Melanie wasn't able to successfully upload IDA Pro though -- file size limit issues
    • Another limitation is that we can't arrange things into folders ourselves
    • Coolfile also setup a Knuffelhackers (FTP) server, (and emailed the details to the ctf list), since 2 options are better than 1  :-)

IDA Pro

  • IDA Pro was AWESOME for decompiling and reversing!!!
    • We definitely need to have an IDA Pro reversing evening -- we'll plan this in
    • But first we need to share it with everybody
    • Melanie created a Windows VM with IDA. She can share it with everybody once the file sharing infrastructure is ready..

Next CTF

  • Next CTF? We are thinking that 1 CTF/month is a good amount.. enough to keep us in practice, but not too much to burn people out (because CTFs suck up an entire weekend.)
    • If VUBAR plays on other weekends, that is always an option for people who want to play more than once/month
    • We aren't sure yet which one we want to do. We are going to look at ctftime.org, think about it, and come back with ideas next week

Intro to x86 Disassembly

  • We went through pages 19-30 on the beamer, and interactively with GDB in the live CD, with people asking questions
    • Homework: read pages 1-30 of 'Hacking: the Art of Exploitation' in detail (following along in the Live CD)