From Technologia Incognita
CTF-practice-evening:2014-02-24
|
Date
|
2014/02/24
|
Time
|
|
Location
|
ACTA
|
Type
|
Workshop
|
Contact
|
Melanie
|
Capture The Flag evening - Part 8
- 24 February, 2014 - 7 PM
- Please bring along a laptop with you!!!
General CTF Info
Codegate Retrospective
- We're happy with our performance at the Codegate CTF!
- Exploiting assembly code with a debugger is still one of our largest hurdles (with the exception of a few people)
- Discussion of problems - we discussed: Weirdshark and 120
- The write-ups for Codegate on CTFtime.org still aren't available yet!
- We'll email a link to the write-ups when they are available, and can discuss them on the mailing list.
Infra issues
- Marielle saved a copy of the pad contents from Riseup.net (before it disappears), and will email a link to the ctf mailing list
- We need a better way of sharing stuff
- Dimitris setup some great infra, including a file uploader
- Melanie sent a link to the CTF mailing list with the URL and the login credentials
- Melanie wasn't able to successfully upload IDA Pro though -- file size limit issues
- Another limitation is that we can't arrange things into folders ourselves
- Coolfile also setup a Knuffelhackers (FTP) server, (and emailed the details to the ctf list), since 2 options are better than 1 :-)
- During the next CTF, we should definitely use Dimitris' Etherpad infrastructure:
IDA Pro
- IDA Pro was AWESOME for decompiling and reversing!!!
- We definitely need to have an IDA Pro reversing evening -- we'll plan this in
- But first we need to share it with everybody
- Melanie created a Windows VM with IDA. She can share it with everybody once the file sharing infrastructure is ready..
Next CTF
- Next CTF? We are thinking that 1 CTF/month is a good amount.. enough to keep us in practice, but not too much to burn people out (because CTFs suck up an entire weekend.)
- If VUBAR plays on other weekends, that is always an option for people who want to play more than once/month
- We aren't sure yet which one we want to do. We are going to look at ctftime.org, think about it, and come back with ideas next week
Binary Exploitation
- We're gonna look at Chapter 2 (Programming - start at Page 19 'Getting your hands dirty') of this book:
- We talked about calling conventions (cdecl, stdcall, fastcall, etc…) and how they influence function prologues/epilogues/stack cleanup/order of parameter passing/etc…
- Explanation of commonly used x86 ASM commands: Reverse Engineering Cheat Sheet
- Commonly used gdb commands: GDB-Tips GDB Cheat Sheet
- We went through pages 19-30 on the beamer, and interactively with GDB in the live CD, with people asking questions
- We will continue with the material next time..