-
Notifications
You must be signed in to change notification settings - Fork 2
Getting started with CTFs
CTF stands for Capture The Flag. It is a contest with lots of interesting challenges from various fields of Computer Security like Web Security, Forensics, OS Security and more!
You'll get a unique string or a flag once you solve a challenge. You need to capture it and submit it to get points, thus the name CTF.
Linux has almost all the tools to get started with CTFs. It has C/C++ compilers, python/bash for quick scripting and many more security-related tools. So, it is best to install Linux. The following are the steps to install Linux on Windows / Mac.
- Installing VirtualBox from here.
- Once VirtualBox is installed, follow this tutorial and install Ubuntu.
Once you have installed Linux, you need to learn how to use it. Linux offers an amazing command-line interface. It is essential to be comfortable with the Linux command-line.
You can get started with Linux command-line from here.
In general, security research is classified into 2 categories: Red-team and Blue-team research.
-
Red-team research is the offensive approach to security research where you try to break things, all sorts of things. Programs, websites etc., You’ll need to come up with methods to exploit the loopholes(or vulnerabilities) in the programs.
-
Blue-team research is defensive approach. You come up with methods to defend your systems.
Based on this, there are 2 types of CTFs.
-
Attack-Defense style: There will be red-teams and blue-teams. Red-teams try finding loopholes and exploit it - that is how they get points. Blue-team need to come up with defense mechanisms.
-
Jeopardy style: Complete red-team approach. There are challenges in various fields of security. You need to attack it, tear it apart and get the flag!
Generally, jeopardy style CTFs have various categories. The following are some categories present in a generic CTF.
-
Today’s Internet has become synonymous to World Wide Web - the net of websites which uses Internet.
-
Many complex protocols, techniques and mechanisms are used to make the Web work properly. Websites are designed using various technologies. But there are loopholes here and there which will help an attacker get into the system, which will may give you the database, which will help you another user which uses the accesses the same website etc.,
-
This category deals with such web related challenges.
Topics: Web Development, Vulnerabilities, Exploitation.
Resources:
- overthewire's natas: Starts with very easy challenges and goes till very hard.
- Hack This Site: An amazing website with a variety of challenges.
- ctf101's web exploitation: This has examples that you can try out.
-
There is so much software in the wild which are close-sourced and we just have executables. It is very interesting to know how it does what it does, understand it’s internal functioning, data structures-algorithms used.
-
You will be given a bunch of executables. You need to get the flag by tearing the executable apart. For this, you’ll need to several things. You’ll need to run it with crazy inputs, read assembly code, run it through the debugger and try out any crazy method you can think of.
Topics: Operating Systems, Algorithms, Assembly Programming.
-
One application of Reverse Engineering is finding loopholes(bugs, vulnerabilities) in a software. You figure out it’s internal functioning, see how it is working and see how it is supposed to work. Identify the vulnerability, exploit it and get the flag.
-
Again, generally, you’ll be given an executable that has some bug in it. You’ll have to tear it apart, understand how its working, find the bug and kill it.
Topics: Operating Systems, Reverse Engineering, Assembly Programming, Vulnerabilities, Exploitation
Resources (for both RE and BE):
- Overthewire has a lot of good challenges in the form of games. You may start playing leviathon, Narnia.
- If you fall in love with RE & ME, this place is for you - pwnable.kr
- If you like reading assembly code and figuring out stuff, try challenges.re
As you move forward, you’ll have to read and learn a lot. Some reading material.
- The Shellcoder's handbook : The bible for Binary Exploitation.
- RPISEC's Binary Exploitation Course: A course on RE and BE. Do check it out!
- Intro to RE and BE : Introduction to RE and BE.
-
Whenever a piece of data travels from one machine to another machine over the network, it needs to be hidden or made unreadable for others. Only sender and receiver should be able to read it. How do you achieve this? Use Encryption algorithms. Need a signature for a piece of data, use a hashing algorithm.
-
Cryptography is used a lot in Network Security, data security. So, the algorithms need to be strong enough. Attackers should not be able to break the algorithm and read your secret message to your friend. But weaknesses exist. This category is about finding loopholes in crypto algorithms and getting the flag!
-
The field of Computer Science which deals specifically with breaking cryptographic algorithms is called Cryptanalysis. You'll be doing a lot of cryptanalysis in this category!
Topics: Cryptography, Cryptanalysis.
Resources:
You'll need to read some basic concepts in crypto in general to solve crypto challenges.
- crypto101: This is good introductory book for crypto. Explains each concept in a simple manner.
- Hacking secret ciphers with Python: A hands-on approach to crypto. Read and understand the algorithm, implement it and break it. Good book for beginners.
- Crypto CTF: A special CTF with only crypto challenges. It is over, but you can register and solve the challenges.
-
In real-life when a murder has happened, a forensics investigator will enter and do the job. He/She needs to find clues, marks, weapon or anything to identify the killer. Here, it is the same, but a server has got hacked or a network is infected with some crazy virus.
-
You as the forensics investigator need to use your intuition, tools and see how the network got infected. You’ll have to go through system logs, packet capture files, find how the virus entered the network.
-
Challenges will be like this. Few examples are: You’ll be give system logs of a hacked server and you need to get the flag from that. Or some data is hidden inside an image(also called Steganography), you’ll need to get that.
Topics: Honestly, challenges can be from ANYTHING. But common ones are Steganography, File-formats, Networks.
Resources: For this category, there are no resources as such. Some tools, techniques are present in the following.
These are the categories in which challenges are classified in a generic CTF. There could be new categories too.
For more in-detail description of CTFs, checkout team bi0s's wiki.
Once you are comfortable with the first resource in each category, checkout challenges of last year's ectf here.
Take up a category, read up and start solving challenges!
Happy hacking :)