Difference between revisions of "CTF-practice-evening:2014-01-13"
Line 41: | Line 41: | ||
* Afterwards, Stef did some web hacking demonstrations, using Certified Secure | * Afterwards, Stef did some web hacking demonstrations, using Certified Secure | ||
− | + | * Challenge: Herman Vluchtbeveiliging | |
** Add a single quote at the end of a URL to see if it breaks | ** Add a single quote at the end of a URL to see if it breaks | ||
** Can we request a specific page? Example: pagina=/etc/passwd | ** Can we request a specific page? Example: pagina=/etc/passwd | ||
** This doesn't work, but we get enough information to be able to see where it's located in the filesystem | ** This doesn't work, but we get enough information to be able to see where it's located in the filesystem | ||
** With some directory traversal, we can dump the password file | ** With some directory traversal, we can dump the password file | ||
+ | * Challenge: Security Shop | ||
+ | ** We can exploit the Search Product field | ||
+ | ** Once again, we want to cause an error that gets information from the backend.. we can use a single quote again | ||
+ | ** This indeed gives us the SQL query, including part of the database schema | ||
== Informational Links == | == Informational Links == |
Revision as of 21:52, 13 January 2014
CTF-practice-evening:2014-01-13 | |
---|---|
Date | 2014/01/13 |
Time | |
Location | Tech Inc |
Type | Workshop |
Contact | Melanie |
Contents
Capture The Flag evening - Part 4
- 13 January, 2014 - 8 PM
- Please bring along a laptop with you!!!
General CTF Info
- See the page for the Ctf-evenings
- Link to the Tech Inc Challenge Website Scoreboard
Our 1st CTF
- Positive Hack Days (PhD) qualifier
- 48 hours: Jan. 25, 2014, 8 a.m. — Jan. 27, 2014, 8 a.m.
- http://quals.phdays.ru/
- TODO: Add to Tech Inc event list
- Let's meet at Tech Inc on Saturday
- Jan 25 - 10 AM
- We are now registered for the Positive Hack Days, as team Knuffelhackers
- See: http://knuffelhackers.nl
- Stuff to prepare
- Stepping stone box (for storing tools, and allowing lots of people access)
- Edit pad - etherpad or https://quadpad.lqdn.fr
- We will want to archive this afterwards, for write-ups and stuff
- IRC channel - create a password-protected #techinc-ctf channel
- We have a mailing list already - http://technologia-incognita.nl/cgi-bin/mailman/listinfo/ctf
Web hacking!!!!
- Julius is talking about OWASP and Web Hacking this evening
- Topics: brute force, SQL injections, Network eavesdropping, XSS, Session hijacking
- Afterwards, Stef did some web hacking demonstrations, using Certified Secure
- Challenge: Herman Vluchtbeveiliging
- Add a single quote at the end of a URL to see if it breaks
- Can we request a specific page? Example: pagina=/etc/passwd
- This doesn't work, but we get enough information to be able to see where it's located in the filesystem
- With some directory traversal, we can dump the password file
- Challenge: Security Shop
- We can exploit the Search Product field
- Once again, we want to cause an error that gets information from the backend.. we can use a single quote again
- This indeed gives us the SQL query, including part of the database schema
Informational Links
Web-Hacking Wargames
- https://www.certifiedsecure.com
- https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project - Web hacking stand-alone SW
- http://tostercrums.blogspot.nl/2011/11/running-webgoat-owasp-in-ubuntu-vm.html - Installation advice
- http://webappsecmovies.sourceforge.net/webgoat/ - solutions
- http://www.hackthissite.org