Capture The Flag evening - Part 8

• 24 February, 2014 - 7 PM
• Please bring along a laptop with you!!!

General CTF Info

• See the page for the Ctf-evenings
• Link to the Tech Inc Challenge Website Scoreboard

Codegate Retrospective

• We're happy with our performance at the Codegate CTF!
• Exploiting assembly code with a debugger is still one of our largest hurdles (with the exception of a few people)

• Discussion of problems - we discussed: Weirdshark and 120
• The write-ups for Codegate on CTFtime.org still aren't available yet!
  • We'll email a link to the write-ups when they are available, and can discuss them on the mailing list.

Infra issues

• Marielle saved a copy of the pad contents from Riseup.net (before it disappears), and will email a link to the ctf mailing list
• We need a better way of sharing stuff
• Dimitris setup some great infra, including a file uploader
  • Melanie sent a link to the CTF mailing list with the URL and the login credentials
  • Melanie wasn't able to successfully upload IDA Pro though -- file size limit issues
  • Another limitation is that we can't arrange things into folders ourselves
  • Coolfile also setup a Knuffelhackers (FTP) server, (and emailed the details to the ctf list), since 2 options are better than 1  :-)

• During the next CTF, we should definitely use Dimitris' Etherpad infrastructure:
  • http://0x41414141.info/pad/

IDA Pro

• IDA Pro was AWESOME for decompiling and reversing!!!
  • We definitely need to have an IDA Pro reversing evening -- we'll plan this in
  • But first we need to share it with everybody
  • Melanie created a Windows VM with IDA. She can share it with everybody once the file sharing infrastructure is ready..

Next CTF

• Next CTF? We are thinking that 1 CTF/month is a good amount.. enough to keep us in practice, but not too much to burn people out (because CTFs suck up an entire weekend.)
  • If VUBAR plays on other weekends, that is always an option for people who want to play more than once/month
  • We aren't sure yet which one we want to do. We are going to look at ctftime.org, think about it, and come back with ideas next week

Binary Exploitation

• We're gonna look at Chapter 2 (Programming - start at Page 19 'Getting your hands dirty') of this book:
  • Hacking: the Art of Exploitation
  • You can get the Live CD here

• We talked about calling conventions (cdecl, stdcall, fastcall, etc…) and how they influence function prologues/epilogues/stack cleanup/order of parameter passing/etc…
  • Homework - have a look at: Wikibooks:Calling_Conventions
• Explanation of commonly used x86 ASM commands: Reverse Engineering Cheat Sheet
• Commonly used gdb commands: GDB-Tips
• We went through pages 19-30 on the beamer, with people asking questions