Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
{elysiumsecurity}
THE ART OF CTF
Version: 1.2a
Date: 28/08/2018
Author: Sylvain Martinez
Reference: ESC10-MUSCL
Classifica...
{elysiumsecurity}
cyber protection & response
2
EXAMPLESBENEFITSCONCEPTCONTEXT
• What is a CTF? • Find the image!
• Look a...
{elysiumsecurity}
cyber protection & response
3
EXAMPLESBENEFITSCONCEPTCONTEXT
SKILLS CHALLENGES
Public
62% HAVE NOT INCRE...
{elysiumsecurity}
cyber protection & response
4
EXAMPLESBENEFITSCONCEPTCONTEXT
RESOURCES CHALLENGES
Public
1 MILLION UNFIL...
{elysiumsecurity}
cyber protection & response
5
EXAMPLESBENEFITSCONCEPTCONTEXT
LEARNING CHALLENGES
Public
EXPERIMENTATION ...
{elysiumsecurity}
cyber protection & response
6
WHAT IS A CTF?
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
A SAFE HACKING ENVIRO...
{elysiumsecurity}
cyber protection & response
7
WHAT IS A CTF?
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
MOST CTF ARE FREE
MAN...
{elysiumsecurity}
cyber protection & response
8
WHAT IS A CTF?
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
ACCESSIBLE TO ALL SKI...
{elysiumsecurity}
cyber protection & response
9
LEARN
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
YOU LEARN THE REAL IMPACT OF
K...
{elysiumsecurity}
cyber protection & response
10
PRACTICE
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
YOU PRACTISE REAL ATTACKS
...
{elysiumsecurity}
cyber protection & response
11
WIN!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
YOU GET A FREE TRAINING
GROUND...
{elysiumsecurity}
cyber protection & response
12
FIND THE IMAGE!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
SANS XMAS CHALLENGE...
{elysiumsecurity}
cyber protection & response
13
FIND THE IMAGE!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
ANYTHING STRANGE WI...
{elysiumsecurity}
cyber protection & response
14
FIND THE IMAGE!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
“1337” IS HACKING R...
{elysiumsecurity}
cyber protection & response
15
FIND THE IMAGE!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
SAVE TEXT INTO A FI...
{elysiumsecurity}
cyber protection & response
16
FIND THE IMAGE!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
YOU GET THE IMAGE W...
{elysiumsecurity}
cyber protection & response
17
FIND THE IMAGE!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
YOU LEARNT HOW TO U...
{elysiumsecurity}
cyber protection & response
18
LOOK AT THIS SOUND!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
SANS BROCHURE C...
{elysiumsecurity}
cyber protection & response
19
LOOK AT THIS SOUND!
Public
WHAT TO DO WITH THAT FILE?
EXAMPLESBENEFITSCON...
{elysiumsecurity}
cyber protection & response
20
LOOK AT THIS SOUND!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
SANS BROCHURE C...
{elysiumsecurity}
cyber protection & response
21
LOOK AT THIS SOUND!
Public
EXAMPLESBENEFITSCONCEPTCONTEXT
YOU LEARNT TO P...
{elysiumsecurity}
cyber protection & response
© 2018 ELYSIUMSECURITY LTD.
All Rights Reserved
www.elysiumsecurity.com
ELYS...
Upcoming SlideShare
Loading in …5
×

The Art of CTF

60 views

Published on

We look at what is a Capture the Flag Event and how it can provide a great training opportunity for anyone interested or working in Cyber Security... for free! We also look at some examples of thinking outside the box challenges

Published in: Technology
  • Be the first to comment

  • Be the first to like this

The Art of CTF

  1. 1. {elysiumsecurity} THE ART OF CTF Version: 1.2a Date: 28/08/2018 Author: Sylvain Martinez Reference: ESC10-MUSCL Classification: Public cyber protection & response
  2. 2. {elysiumsecurity} cyber protection & response 2 EXAMPLESBENEFITSCONCEPTCONTEXT • What is a CTF? • Find the image! • Look at this sound! CONTENTS Public • Skills Challenges; • Resources Challenges; • Learning Challenges; • Learn; • Practice; • Win;
  3. 3. {elysiumsecurity} cyber protection & response 3 EXAMPLESBENEFITSCONCEPTCONTEXT SKILLS CHALLENGES Public 62% HAVE NOT INCREASED SECURITY TRAINING BUDGET 1 OUT OF 3 SECURITY PROS NOT FAMILIAR WITH NEW THREATS Icons from the noun project unless specified otherwise, SOURCE: Business Wire 2014 83% OF ENTERPRISES LACK THE RIGHT SKILLS AND RESOURCES TO PROTECT THEIR IT ASSETS
  4. 4. {elysiumsecurity} cyber protection & response 4 EXAMPLESBENEFITSCONCEPTCONTEXT RESOURCES CHALLENGES Public 1 MILLION UNFILLED SECURITY JOBS WORDWIDE 92% OF HIRING MANAGER SEEKS PAST EXPERIENCE IN SECURITY SOURCE: Business Wire 2014 and CBR ONLINE 2017 <2.4% GRADUATING STUDENTS HAVE SECURITY DEGREES
  5. 5. {elysiumsecurity} cyber protection & response 5 EXAMPLESBENEFITSCONCEPTCONTEXT LEARNING CHALLENGES Public EXPERIMENTATION DANGER TRAINING CREATIVITY
  6. 6. {elysiumsecurity} cyber protection & response 6 WHAT IS A CTF? Public EXAMPLESBENEFITSCONCEPTCONTEXT A SAFE HACKING ENVIRONMENT A GUIDED JOURNEY OF HACKING CHALLENGES CAPTURE THE FLAG IS A LEARNING GAME
  7. 7. {elysiumsecurity} cyber protection & response 7 WHAT IS A CTF? Public EXAMPLESBENEFITSCONCEPTCONTEXT MOST CTF ARE FREE MANY ARE AVAILABLE ONLINE SOME REQUIRE PHYSICAL ACCESS
  8. 8. {elysiumsecurity} cyber protection & response 8 WHAT IS A CTF? Public EXAMPLESBENEFITSCONCEPTCONTEXT ACCESSIBLE TO ALL SKILL LEVELS USUALLY FIND AN MD5 HASH bac2e4a7dab0d89df5f672972910b8c4 MOST CTF OFFENSIVE SOME DEFENSIVE
  9. 9. {elysiumsecurity} cyber protection & response 9 LEARN Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU LEARN THE REAL IMPACT OF KNOWN VULNERABILITIES YOU LEARN THE REAL IMPACT OF MISCONFIGURATION AND PATCHING YOU LEARN WHILST PLAYING A GAME
  10. 10. {elysiumsecurity} cyber protection & response 10 PRACTICE Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU PRACTISE REAL ATTACKS YOU PRACTISE OUTSIDE THE BOX THINKING YOU PRACTISE OTHER IT SKILLS
  11. 11. {elysiumsecurity} cyber protection & response 11 WIN! Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU GET A FREE TRAINING GROUND YOU MAY EVEN GET MONEY/GIFT YOU GET PEERS RECOGNITION
  12. 12. {elysiumsecurity} cyber protection & response 12 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT SANS XMAS CHALLENGE 2015 PART 1, QUESTION 2 FIND THE IMAGE IN THE PCAP FILE DNS TRAFFIC ONLY
  13. 13. {elysiumsecurity} cyber protection & response 13 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT ANYTHING STRANGE WITH THESE DNS QUERIES?
  14. 14. {elysiumsecurity} cyber protection & response 14 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT “1337” IS HACKING REFERENCE! FOLLOW THE UDP STREAM
  15. 15. {elysiumsecurity} cyber protection & response 15 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT SAVE TEXT INTO A FILE AND EXTRACT THE ”EXTRA DNS INFORMATION”
  16. 16. {elysiumsecurity} cyber protection & response 16 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU GET THE IMAGE WHICH WAS TRANSMITTED OVER DNS QUERIES SANS XMAS CHALLENGE 2015 WRITE https://www.elysiumsecurity.com/blog/Challenges/post6.html#two
  17. 17. {elysiumsecurity} cyber protection & response 17 FIND THE IMAGE! Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU LEARNT HOW TO USE WIRESHARK AND INVESTIGATE TRAFFIC FLOW YOU LEARNT HOW TO EXTRACT DATA FROM A PACKET CAPTURE YOU LEARNT OF A HACKING TECHNICS TO EXFILTRATE INFORMATION FROM A LOCKED DOWN ENVIRONMENT YOU LEARNT THAT GNOMES ARE EVIL!
  18. 18. {elysiumsecurity} cyber protection & response 18 LOOK AT THIS SOUND! Public EXAMPLESBENEFITSCONCEPTCONTEXT SANS BROCHURE CHALLENGE 2014 CHALLENGE 3, LEVEL 2 “LOOK AT AN AUDIO FILE” REFERENCE TO AN SVN COPYING REPO PRODUCES FILES BUT NO AUDIO FILE LOOKING AT COMMAND OUTPUT DONOTOPEN.MP3 GETS DELETED EDIT THE REPO.SVN AND REMOVE DELETE INSTRUCTION YOU HAVE A WAVE FILE!
  19. 19. {elysiumsecurity} cyber protection & response 19 LOOK AT THIS SOUND! Public WHAT TO DO WITH THAT FILE? EXAMPLESBENEFITSCONCEPTCONTEXT “Which of the following would you most prefer? A) a puppy B) a pretty flower from your sweetie or C) a large properly formed data file? You have failed this reverse Turing test, now suffer the consequences.. “
  20. 20. {elysiumsecurity} cyber protection & response 20 LOOK AT THIS SOUND! Public EXAMPLESBENEFITSCONCEPTCONTEXT SANS BROCHURE CHALLENGE 2015 WRITE UP: https://www.elysiumsecurity.com/blog/Challenges/post2.html SPECTROGRAM!
  21. 21. {elysiumsecurity} cyber protection & response 21 LOOK AT THIS SOUND! Public EXAMPLESBENEFITSCONCEPTCONTEXT YOU LEARNT TO PAY ATTENTION ABOUT WHAT IS BEING ASKED YOU LEARNT HOW TO USE A REPOSITORY ENVIRONMENT YOU LEARNT TO THINK OUTSIDE THE BOX AND… PERSEVERE! YOU LEARNT A STEGANOGRAPHY TECHNIC
  22. 22. {elysiumsecurity} cyber protection & response © 2018 ELYSIUMSECURITY LTD. All Rights Reserved www.elysiumsecurity.com ELYSIUMSECURITY provides practical expertise to identify vulnerabilities, assess their risks and impact, remediate those risks, prepare and respond to incidents as well as raise security awareness through an organization. ELYSIUMSECURITY provides high level expertise gathered through years of best practices experience in large international companies allowing us to provide advice best suited to your business operational model and priorities. ABOUT ELYSIUMSECURITY LTD. ELYSIUMSECURITY provides a portfolio of Strategic and Tactical Services to help companies protect and respond against Cyber Security Threats. We differentiate ourselves by offering discreet, tailored and specialized engagements. ELYSIUMSECURITY operates in Mauritius and in Europe, a boutique style approach means we can easily adapt to your business operational model and requirements to provide a personalized service that fits your working environment.

×