Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

The Art of CTF

32 views

Published on

We look at what is a Capture the Flag Event and how it can provide a great training opportunity for anyone interested or working in Cyber Security... for free! We also look at some examples of thinking outside the box challenges

Published in: Technology
  • Be the first to comment

  • Be the first to like this

The Art of CTF

  1. 1. {elysiumsecurity} THE ART OF CTF Version: 1.2a Date: 28/08/2018 Author: Sylvain Martinez Reference: ESC10-MUSCL Classification: Public cyber protection & response
  2. 2. {elysiumsecurity} cyber protection & response 2 EXAMPLESBENEFITSCONCEPTCONTEXT • What is a CTF? • Find the image! • Look at this sound! CONTENTS Public • Skills Challenges; • Resources Challenges; • Learning Challenges; • Learn; • Practice; • Win;
  3. 3. {elysiumsecurity} cyber protection & response 3 EXAMPLESBENEFITSCONCEPTCONTEXT SKILLS CHALLENGES Public 62% HAVE NOT INCREASED SECURITY TRAINING BUDGET 1 OUT OF 3 SECURITY PROS NOT FAMILIAR WITH NEW THREATS Icons from the noun project unless specified otherwise, SOURCE: Business Wire 2014 83% OF ENTERPRISES LACK THE RIGHT SKILLS AND RESOURCES TO PROTECT THEIR IT ASSETS
  4. 4. {elysiumsecurity} cyber protection & response 4 EXAMPLESBENEFITSCONCEPTCONTEXT RESOURCES CHALLENGES Public 1 MILLION UNFILLED SECURITY JOBS WORDWIDE 92% OF HIRING MANAGER SEEKS PAST EXPERIENCE IN SECURITY SOURCE: Business Wire 2014 and CBR ONLINE 2017 <2.4% GRADUATING STUDENTS HAVE SECURITY DEGREES
  5. 5. {elysiumsecurity} cyber protection & response 5 EXAMPLESBENEFITSCONCEPTCONTEXT LEARNING CHALLENGES Public EXPERIMENTATION DANGER TRAINING CREATIVITY
  6. 6. {elysiumsecurity} cyber protection & response 6 WHAT IS A CTF? Public EXAMPLESBENEFITSCONCEPTCONTEXT A SAFE HACKING ENVIRONMENT A GUIDED JOURNEY OF HACKING CHALLENGES CAPTURE THE FLAG IS A LEARNING GAME
  7. 7. {elysiumsecurity} cyber protection & response 7 WHAT IS A CTF? Public EXAMPLESBENEFITSCONCEPTCONTEXT MOST CTF ARE FREE MANY ARE AVAILABLE ONLINE SOME REQUIRE PHYSICAL ACCESS
  8. 8. {elysiumsecurity} cyber protection & response 8 WHAT IS A CTF? Public EXAMPLESBENEFITSCONCEPTCONTEXT ACCESSIBLE TO ALL SKILL LEVELS USUALLY FIND AN MD5 HASH bac2e4a7dab0d89df5f672972910b8c4 MOST CTF OFFENSIVE SOME DEFENSIVE
  9. 9. {elysiumsecurity} cyber protection & response 9 LEARN Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU LEARN THE REAL IMPACT OF KNOWN VULNERABILITIES YOU LEARN THE REAL IMPACT OF MISCONFIGURATION AND PATCHING YOU LEARN WHILST PLAYING A GAME
  10. 10. {elysiumsecurity} cyber protection & response 10 PRACTICE Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU PRACTISE REAL ATTACKS YOU PRACTISE OUTSIDE THE BOX THINKING YOU PRACTISE OTHER IT SKILLS
  11. 11. {elysiumsecurity} cyber protection & response 11 WIN! Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU GET A FREE TRAINING GROUND YOU MAY EVEN GET MONEY/GIFT YOU GET PEERS RECOGNITION
  12. 12. {elysiumsecurity} cyber protection & response 12 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT SANS XMAS CHALLENGE 2015 PART 1, QUESTION 2 FIND THE IMAGE IN THE PCAP FILE DNS TRAFFIC ONLY
  13. 13. {elysiumsecurity} cyber protection & response 13 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT ANYTHING STRANGE WITH THESE DNS QUERIES?
  14. 14. {elysiumsecurity} cyber protection & response 14 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT “1337” IS HACKING REFERENCE! FOLLOW THE UDP STREAM
  15. 15. {elysiumsecurity} cyber protection & response 15 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT SAVE TEXT INTO A FILE AND EXTRACT THE ”EXTRA DNS INFORMATION”
  16. 16. {elysiumsecurity} cyber protection & response 16 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU GET THE IMAGE WHICH WAS TRANSMITTED OVER DNS QUERIES SANS XMAS CHALLENGE 2015 WRITE https://www.elysiumsecurity.com/blog/Challenges/post6.html#two
  17. 17. {elysiumsecurity} cyber protection & response 17 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU LEARNT HOW TO USE WIRESHARK AND INVESTIGATE TRAFFIC FLOW YOU LEARNT HOW TO EXTRACT DATA FROM A PACKET CAPTURE YOU LEARNT OF A HACKING TECHNICS TO EXFILTRATE INFORMATION FROM A LOCKED DOWN ENVIRONMENT YOU LEARNT THAT GNOMES ARE EVIL!
  18. 18. {elysiumsecurity} cyber protection & response 18 LOOK AT THIS SOUND! Public EXAMPLESBENEFITSCONCEPTCONTEXT SANS BROCHURE CHALLENGE 2014 CHALLENGE 3, LEVEL 2 “LOOK AT AN AUDIO FILE” REFERENCE TO AN SVN COPYING REPO PRODUCES FILES BUT NO AUDIO FILE LOOKING AT COMMAND OUTPUT DONOTOPEN.MP3 GETS DELETED EDIT THE REPO.SVN AND REMOVE DELETE INSTRUCTION YOU HAVE A WAVE FILE!
  19. 19. {elysiumsecurity} cyber protection & response 19 LOOK AT THIS SOUND! Public WHAT TO DO WITH THAT FILE? EXAMPLESBENEFITSCONCEPTCONTEXT “Which of the following would you most prefer? A) a puppy B) a pretty flower from your sweetie or C) a large properly formed data file? You have failed this reverse Turing test, now suffer the consequences.. “
  20. 20. {elysiumsecurity} cyber protection & response 20 LOOK AT THIS SOUND! Public EXAMPLESBENEFITSCONCEPTCONTEXT SANS BROCHURE CHALLENGE 2015 WRITE UP: https://www.elysiumsecurity.com/blog/Challenges/post2.html SPECTROGRAM!
  21. 21. {elysiumsecurity} cyber protection & response 21 LOOK AT THIS SOUND! Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU LEARNT TO PAY ATTENTION ABOUT WHAT IS BEING ASKED YOU LEARNT HOW TO USE A REPOSITORY ENVIRONMENT YOU LEARNT TO THINK OUTSIDE THE BOX AND… PERSEVERE! YOU LEARNT A STEGANOGRAPHY TECHNIC
  22. 22. {elysiumsecurity} cyber protection & response © 2018 ELYSIUMSECURITY LTD. All Rights Reserved www.elysiumsecurity.com ELYSIUMSECURITY provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ELYSIUMSECURITY provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. ELYSIUMSECURITY operates in Mauritius and in Europe, a boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.

×