Difference between revisions of "CTF-practice-evening:2014-01-13"

From Technologia Incognita
Jump to: navigation, search
Line 41: Line 41:
  
 
* Afterwards, Stef did some web hacking demonstrations, using Certified Secure
 
* Afterwards, Stef did some web hacking demonstrations, using Certified Secure
** Challenge: Herman Vluchtbeveiliging
+
* Challenge: Herman Vluchtbeveiliging
 
** Add a single quote at the end of a URL to see if it breaks
 
** Add a single quote at the end of a URL to see if it breaks
 
** Can we request a specific page?  Example: pagina=/etc/passwd
 
** Can we request a specific page?  Example: pagina=/etc/passwd
 
** This doesn't work, but we get enough information to be able to see where it's located in the filesystem
 
** This doesn't work, but we get enough information to be able to see where it's located in the filesystem
 
** With some directory traversal, we can dump the password file
 
** With some directory traversal, we can dump the password file
 +
* Challenge: Security Shop
 +
** We can exploit the Search Product field
 +
** Once again, we want to cause an error that gets information from the backend..  we can use a single quote again
 +
** This indeed gives us the SQL query, including part of the database schema
  
 
== Informational Links ==
 
== Informational Links ==

Revision as of 21:52, 13 January 2014

CTF-practice-evening:2014-01-13
Date 2014/01/13
Time
Location Tech Inc
Type Workshop
Contact Melanie

Capture The Flag evening - Part 4

  • 13 January, 2014 - 8 PM
  • Please bring along a laptop with you!!!

General CTF Info

Our 1st CTF

  • Positive Hack Days (PhD) qualifier
    • 48 hours: Jan. 25, 2014, 8 a.m. — Jan. 27, 2014, 8 a.m.
    • http://quals.phdays.ru/
    • TODO: Add to Tech Inc event list
  • Let's meet at Tech Inc on Saturday
    • Jan 25 - 10 AM

Web hacking!!!!

  • Julius is talking about OWASP and Web Hacking this evening
    • Topics: brute force, SQL injections, Network eavesdropping, XSS, Session hijacking
  • Afterwards, Stef did some web hacking demonstrations, using Certified Secure
  • Challenge: Herman Vluchtbeveiliging
    • Add a single quote at the end of a URL to see if it breaks
    • Can we request a specific page? Example: pagina=/etc/passwd
    • This doesn't work, but we get enough information to be able to see where it's located in the filesystem
    • With some directory traversal, we can dump the password file
  • Challenge: Security Shop
    • We can exploit the Search Product field
    • Once again, we want to cause an error that gets information from the backend.. we can use a single quote again
    • This indeed gives us the SQL query, including part of the database schema

Informational Links

Web-Hacking Wargames