Difference between revisions of "Ctf-evenings"

From Technologia Incognita
Jump to: navigation, search
m
 
(191 intermediate revisions by 7 users not shown)
Line 1: Line 1:
 
{{Project
 
{{Project
|ProjectStatus=Active
+
|ProjectSkills=Hacking, forensics, problem solving
 +
|ProjectStatus=Dormant
 
|ProjectNiche=Software
 
|ProjectNiche=Software
 
|ProjectPurpose=Fun
 
|ProjectPurpose=Fun
Line 6: Line 7:
 
Welcome to the Tech Inc Capture the Flag (CTF) training event series!
 
Welcome to the Tech Inc Capture the Flag (CTF) training event series!
  
The format of this series is likely to evolve over time, but I currently assume that these evenings will feature a combination of online challenges and/or competitions, and general-purpose training evenings covering a variety of computer security (especially hacking and defensive) topics.    Everyone of all skill levels is welcome!!!!
+
The format of this series is likely to evolve over time, but I currently assume that these evenings will feature a combination of web-based challenges, online competitions, and general-purpose learning/workshop evenings covering a variety of computer security (i.e. hacking, defensive) topics.    Everyone of all skill levels is welcome!!!!
  
= Interesting links =
+
Our current schedule is a meeting at techinc every first monday of the month, we also try to do a ctf event every 1/2 months.
  
- Testing
+
= Training Evenings =
   - Testing
+
 
-- Testing
+
== Upcoming ==
* Testing
+
 
  * Testing
+
* July 14 - Dimitris (Volatility)
  * Testing
+
* August 4 - Brainsmoke (Binary exploitation walkthrough)
** Testing
+
* August 11 - Melanie (wargame or video - TBD)
 +
* August 25 - Hitcon Retrospective
 +
 
 +
* By default, Melanie will fill in the weeks that aren't taken by anybody else
 +
 
 +
== Past ==
 +
 
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-07-07 7 July, 2014] - Pwnium CTF Retrospective (via Dimitris)
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-06-30 30 June, 2014] - Intro to Cuckoo Sandbox
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-06-23 23 June, 2014] - PHP Filter Attacks  (via Coolfire)
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-06-09 9 June, 2014] - Hack in the Box Retrospective (+Leviathan continued)
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-05-12 12 May, 2014] - Leviathan wargame (OverTheWire)
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-04-28 28 April, 2014] - Intro to x86 Assembly, Part 2
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-04-14 14 April, 2014] - Intro to Metasploit
 +
* [https://wiki.techinc.nl/index.php/CTF:x86-assembly-video-day 6 April, 2014] - CTF-related video marathon
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-03-31 31 March, 2014] - Cryptanalysis + OTW Krypton war-game
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-03-24 24 March, 2014] - Binary exploitation + Codegate Minibomb walkthrough
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-03-03 3 March, 2014] - Hack in the Box (HitB) Teaser CTF
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-02-24 24 February, 2014] - Intro to x86 disassembly
 +
* [https://wiki.techinc.nl/index.php/CTF-practice-evening:2014-02-10 10 February, 2014] - IDB challenge @ Certified Secure
 +
* [http://wiki.techinc.nl/index.php/CTF-practice-evening:2014-02-03 3 February, 2014] - Burp Suite and SQLmap
 +
* [http://wiki.techinc.nl/index.php/CTF-practice-evening:2014-01-27 27 January, 2014 ] - PhDays retrospective + walkthroughs
 +
* [http://wiki.techinc.nl/index.php/CTF-practice-evening:2014-01-13 13 January, 2014] - Intro to web hacking + Certified Secure
 +
* [http://wiki.techinc.nl/index.php/CTF-practice-evening:2014-01-06 6 January, 2014] - Wireshark Jumpstart 101 + GitS teaser (Armorall - VNC pcap)
 +
* [http://wiki.techinc.nl/index.php/CTF-practice-evening:2013-12-23 23 December, 2013] - Levels 1/2 @ I/O Smash the Stack
 +
* [http://wiki.techinc.nl/index.php/CTF-practice-evening:2013-12-09 9 December, 2013] - UNIX + OTW Bandit wargame
 +
 
 +
= Competitions =
 +
 
 +
* We compete occasionally as [http://knuffelhackers.nl Team Knuffelhackers]!
 +
* And we occasionally partner w/ team [https://vubar.nl VUBAR]
 +
 
 +
== Upcoming ==
 +
 
 +
* [http://hitcon.org/2014/CTF/ HITCon] - Aug 16-18 (Team Knuffelhackers)
 +
 
 +
== Past ==
 +
 
 +
* [http://41.231.53.44:8282 Pwnium] - July 4-5 (Team Knuffelhackers)
 +
* [http://haxpo.nl/event-registration/?regevent_action=register&event_id=35 Hack in the Box] - May 28-30 (Various teams)
 +
* [https://wiki.techinc.nl/index.php/CTF:Plaid-CTF-2014 Plaid CTF] - 11-13 April, 2014 (Team Knuffelhackers)
 +
* [http://ctf.haxpo.nl/scores/ Hack in the Box (HitB) Teaser] - 3-4 March, 2014 (Team Knuffelhackers) - '''4th place'''
 +
* [http://ctf.codegate.org/ Codegate Preliminaries] - 22-23 February, 2014  (Team Knuffelhackers)
 +
* [https://olympic-ctf.ru/ Olympic CTF Sochi] - 7-9 February, 2014    (w/ Team VUBAR)
 +
* [http://wiki.techinc.nl/index.php/CTF:PhDays-Quals-2014 Positive Hack Days Qualifiers 2014] - 25-27 January, 2014  (Team Knuffelhackers)
 +
* [http://ructf.org/e/ RuCTFe 2013] - 14 December, 2013  (w/ Team VUBAR)
 +
* [http://ictf.cs.ucsb.edu/ UCSB iCTF 2013] - 6-7 December, 2013  (w/ Team VUBAR)
 +
 
 +
=== Write-ups ===
 +
[[CTF:Writeup-Olympic-CTF-Sochi-2014]]
 +
 
 +
= About the CTF Training Evenings =
 +
 
 +
== Types of evenings ==
 +
 
 +
I envision the following 3 kinds of CTF training evenings:
 +
 
 +
* 1 - '''Workshop/learning evenings''' - network analysis/forensics ([http://www.wireshark.org Wireshark]), filesystem forensics, reversing([http://www.ollydbg.de Ollydbg], etc..)/Pwnables, code deobfuscation, pen testing ([http://www.kali.org Kali]-[http://www.backtrack-linux.org Backtrack]/[http://www.metasploit.com Metasploit]/buffer overflows), cryptanalysis, web security (XSS, SQL injection, etc..), stegonography, [http://blog.commandlinekungfu.com Commandline kung-fu], recon/trivia/etc..
 +
** Example: I've got a whole slew of [https://www.lcuportal2.com/check-out-these-courses.html Wireshark training videos] - we can watch them together!
 +
** We could also occasionally screen [https://www.youtube.com/user/DEFCONConference Defcon]/[http://media.ccc.de/browse/congress/ CCC]/[http://www.securitytube.net Other] videos on fun topics!
 +
 
 +
* 2 - '''Challenge website evenings'''
 +
** I setup a [[TechInc-CTF-Scoreboard|Scoreboard]], so we can keep track of who's done which challenges
 +
 
 +
* 3 - '''Actual CTF events'''
 +
** There's a bunch of them on [http://ctftime.org/ CTF Time] - we participate occasionally!
 +
 
 +
== Other things that we can do ==
 +
 
 +
* Setup a vulnerable server ([http://www.securitydistro.com/security-distros/damn-vulnerable-linux-dvl Damn Vulnerable Linux], [http://www.offensive-security.com/metasploit-unleashed/Metasploitable Metasploitable], etc..) and attack it
 +
** Other examples: http://exploit-exercises.com/
 +
* Preparing for competitions
 +
** Setup [http://etherpad.org Etherpad] (or another online "multiplayer notepad") so people can make notes and work together for each challenge
 +
*** We're currently using: [https://pad.riseup.net Riseup Pad]
 +
** Preparing tools ([http://www.backtrack-linux.org Backtrack] VM, other VM images with different tools)
 +
** Being able to emulate weird architectures for binaries
 +
** Being able to test shellcode on our own system
 +
** Maybe we can do something with hardware in the space (i have no idea what the status is of VMWare cluster in space, but i think we have one..)
 +
* Brainsmoke could talk about binary exploitation
 +
** We can also look at gdb / objdump / IDA / Hex-Rays
 +
 
 +
= Challenge websites =
 +
 
 +
Link to the Tech Inc Challenge Website Scoreboard: [[TechInc-CTF-Scoreboard]]
 +
 
 +
* http://captf.com/practice-ctf/
 +
* http://ctf.forgottensec.com/wiki/
 +
* http://www.overthewire.org/wargames/   (Bandit is good for beginners)
 +
* https://www.certifiedsecure.com
 +
* http://io.smashthestack.org
 +
* http://ismellpackets.com/
 +
* http://www.kroosec.com/?m=1
 +
* http://exploit-exercises.com/fusion
 +
* http://exploit-exercises.com/protostar
 +
* http://opensecuritytraining.info/Training.html
 +
* http://www.securitytreasurehunt.com/
 +
* http://forensicscontest.com/
 +
* http://ebctf.nl/challenges
 +
* http://sourceforge.net/projects/owaspshepherd/files/ - VM
 +
* http://www.hackthissite.org
 +
* https://microcorruption.com/ - Embedded hacking
 +
* http://www.bright-shadows.net
 +
* http://www.matasano.com/articles/crypto-challenges/ - crypto challenges
 +
 
 +
= Reversing and Exploitation =
 +
 
 +
* http://coolfire.insomnia247.nl/BMA/X86_Win32_Reverse_Engineering_Cheat_Sheet.pdf - x86 reverse engineering cheat sheet
 +
* [[GDB-Tips|GDB Tips]] - Some beginning tips for how to use GDB
 +
* https://www.securecoding.cert.org/confluence/display/seccode/CERT+C+Coding+Standard - Helpful for finding C constructs that can be exploited
 +
* http://sourceware.org/gdb/current/onlinedocs/gdb/index.html - GDB manual
 +
* http://sourceware.org/binutils/docs-2.24/binutils/index.html - GNU Binutils manual
 +
* http://www.youtube.com/watch?v=gYOy7CGpPIU - The Making of Atlas: from Script Kiddie to Hacker in 5 Sleepless Nights (video)
 +
* [http://rogunix.com/docs/Reversing&Exploiting/Hacking%20-%20The%20Art%20of%20Exploitation_2nd%20Ed.pdf Hacking: The Art of Exploitation (book)]
 +
* [http://rogunix.com/docs/Reversing&Exploiting/Reversing-Secrets%20of%20Reverse%20Engineering.pdf Reversing: Secrets of Reverse Engineering (book)]
 +
* http://www.woodmann.com/fravia/howto1.htm
 +
* http://www.woodmann.com/crackz/Orc.htm
 +
* [https://github.com/longld/peda Python Exploit Development Assistance]
 +
* [http://www.onlinedisassembler.com/odaweb/ Online Dissassembler]
 +
* [http://ropshell.com Ropshell.com]
 +
 
 +
Tools: objdump, readelf, gdb, ktrace/kdump
 +
 
 +
= Windows binaries =
 +
 
 +
* http://innounp.sourceforge.net - Inno Setup Unpacker
 +
* OllyDbg
 +
* Ida Free
 +
 
 +
= UNIX hacking =
 +
 
 +
* [http://askubuntu.com/questions/24006/how-do-i-reset-a-lost-administrative-password Log into Linux without a PW]
 +
 
 +
= Web hacking =
 +
 
 +
* https://www.owasp.org/index.php/Category:Attack
 +
* https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents
 +
* https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
 +
* http://w3schools.com
 +
* http://yehg.net/lab/#toolbox
 +
* https://hackvertor.co.uk/public
 +
* [http://portswigger.net/burp/ Burp Suite]
 +
* [http://code.google.com/p/fuzzdb/ fuzzdb]
 +
* [http://www.cirt.net/Nikto2 Nikto]
 +
* http://www.irongeek.com/i.php?page=videos/web-pen-testing-workshop - Nice series of videos
 +
 
 +
= Network challenges =
 +
 
 +
* For VNC: [http://rfbproxy.sourceforge.net rfbproxy] / [http://www.tightvnc.com/rfbplayer.php Rfbplayer]
 +
* [http://chaosreader.sourceforge.net chaosreader]
 +
 
 +
= Steganography =
 +
 
 +
* http://www.jjtc.com/Steganography/tools.html
 +
* http://www.slideshare.net/null0x00/nullcon-2010-steganography-stegananalysis-a-technical-psychological-perspective
 +
* http://sox.sourceforge.net - Sound eXchange  (audio "swiss army knife")
 +
* http://spek.cc - Spek spectrum analyzer
 +
* Audacity
 +
* SDRsharp
 +
 
 +
= Forensics =
 +
 
 +
* [http://www.garykessler.net/library/file_sigs.html File Signatures Table], [http://www.filesignatures.net File Signatures.net], [http://asecuritysite.com/forensics/magic DF Magic Numbers] - File format signatures
 +
 
 +
= Crypto =
 +
 
 +
== Cryptanalysis ==
 +
 
 +
* http://www.simonsingh.net/The_Black_Chamber/chamberguide.html
 +
* http://www.cryptool-online.org/index.php?option=com_content&view=article&id=55&Itemid=53&lang=en
 +
* http://luizfirmino.blogspot.nl/2011/10/cryptanalysis-tools.html
 +
* http://www.matasano.com/articles/crypto-challenges/
 +
 
 +
== Cracking ==
 +
 
 +
* http://hashcat.net/oclhashcat/ - Hashcat
 +
 
 +
= Setting up a CTF =
 +
 
 +
* http://ictf.cs.ucsb.edu/software.html
 +
* http://www.cipher-ctf.org/Gameserver.php
 +
 
 +
= Other stuff =
 +
 
 +
* http://ctftime.org/ - Event listings and write-ups
 +
* http://hackflag.org/forum/
 +
* http://sysexit.wordpress.com/category/writeups/
 +
* http://www.hackers.nl/about/introduktie/
 +
* http://www.enigmagroup.org/pages/basics/
 +
* http://shell-storm.org/repo/CTF/ - Archive of previous CTFs
 +
* http://mitrecyberacademy.org/stem/moodle/course/view.php?id=13
 +
* http://opensecuritytraining.info/Training.html
 +
* http://www.irongeek.com/i.php?page=security/hackingillustrated

Latest revision as of 02:22, 1 October 2015

Projects
Participants MRieback
Skills Hacking, forensics, problem solving
Status Dormant
Niche Software
Purpose Fun

Welcome to the Tech Inc Capture the Flag (CTF) training event series!

The format of this series is likely to evolve over time, but I currently assume that these evenings will feature a combination of web-based challenges, online competitions, and general-purpose learning/workshop evenings covering a variety of computer security (i.e. hacking, defensive) topics. Everyone of all skill levels is welcome!!!!

Our current schedule is a meeting at techinc every first monday of the month, we also try to do a ctf event every 1/2 months.

Training Evenings

Upcoming

  • July 14 - Dimitris (Volatility)
  • August 4 - Brainsmoke (Binary exploitation walkthrough)
  • August 11 - Melanie (wargame or video - TBD)
  • August 25 - Hitcon Retrospective
  • By default, Melanie will fill in the weeks that aren't taken by anybody else

Past

Competitions

Upcoming

  • HITCon - Aug 16-18 (Team Knuffelhackers)

Past

Write-ups

CTF:Writeup-Olympic-CTF-Sochi-2014

About the CTF Training Evenings

Types of evenings

I envision the following 3 kinds of CTF training evenings:

  • 2 - Challenge website evenings
    • I setup a Scoreboard, so we can keep track of who's done which challenges
  • 3 - Actual CTF events
    • There's a bunch of them on CTF Time - we participate occasionally!

Other things that we can do

  • Setup a vulnerable server (Damn Vulnerable Linux, Metasploitable, etc..) and attack it
  • Preparing for competitions
    • Setup Etherpad (or another online "multiplayer notepad") so people can make notes and work together for each challenge
    • Preparing tools (Backtrack VM, other VM images with different tools)
    • Being able to emulate weird architectures for binaries
    • Being able to test shellcode on our own system
    • Maybe we can do something with hardware in the space (i have no idea what the status is of VMWare cluster in space, but i think we have one..)
  • Brainsmoke could talk about binary exploitation
    • We can also look at gdb / objdump / IDA / Hex-Rays

Challenge websites

Link to the Tech Inc Challenge Website Scoreboard: TechInc-CTF-Scoreboard

Reversing and Exploitation

Tools: objdump, readelf, gdb, ktrace/kdump

Windows binaries

UNIX hacking

Web hacking

Network challenges

Steganography

Forensics

Crypto

Cryptanalysis

Cracking

Setting up a CTF

Other stuff