Ctf-foo: Difference between revisions

From Chaosdorf Wiki
(Updated the description)
(Added a participants section to each event)
Line 21: Line 21:
* Buffers
* Buffers
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-03-19-ctf-foo-linux ==
== 2022-03-19-ctf-foo-linux ==
Line 34: Line 37:
* Uid, Gid
* Uid, Gid
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-04-02-ctf-foo-buffer-overflow ==
== 2022-04-02-ctf-foo-buffer-overflow ==
Line 42: Line 48:
* What implications can overwriting data have?
* What implications can overwriting data have?
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-04-16-ctf-foo-shellcode ==
== 2022-04-16-ctf-foo-shellcode ==
Line 51: Line 60:
* How can we solve the problems that arise?
* How can we solve the problems that arise?
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-04-30-ctf-foo-infoleaks ==
== 2022-04-30-ctf-foo-infoleaks ==
Line 57: Line 69:
* Why leak information?
* Why leak information?
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-05-14-ctf-foo-rop ==
== 2022-05-14-ctf-foo-rop ==
Line 69: Line 84:
* How can we pop a shell?
* How can we pop a shell?
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-05-28-ctf-foo-mitigations ==
== 2022-05-28-ctf-foo-mitigations ==
Line 77: Line 95:
* How can we bypass the mitigations?
* How can we bypass the mitigations?
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-06-11-ctf-foo-reversing ==
== 2022-06-11-ctf-foo-reversing ==
Line 86: Line 107:
* Qiling
* Qiling
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-06-25-ctf-foo-heap-basics ==
== 2022-06-25-ctf-foo-heap-basics ==
Line 95: Line 119:
* Getting comfy with debugging hooks
* Getting comfy with debugging hooks
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-07-09-ctf-foo-heap-techniques ==
== 2022-07-09-ctf-foo-heap-techniques ==
Line 102: Line 129:
* How do we break it?
* How do we break it?
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-07-23-ctf-foo-race-conditions ==
== 2022-07-23-ctf-foo-race-conditions ==
Line 111: Line 141:
* TOCTOU
* TOCTOU
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-08-06-ctf-foo-fuzzing ==
== 2022-08-06-ctf-foo-fuzzing ==
Line 120: Line 153:
* Harnessing a target, what to look out for
* Harnessing a target, what to look out for
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-08-20-ctf-foo-kernel-security ==
== 2022-08-20-ctf-foo-kernel-security ==
Line 128: Line 164:
* How can we break it?
* How can we break it?
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-09-03-ctf-foo-symbolic-execution ==
== 2022-09-03-ctf-foo-symbolic-execution ==
Line 136: Line 175:
* Problems: Path explosion
* Problems: Path explosion
* ... (add stuff here that might fit here)
* ... (add stuff here that might fit here)
=== participants: ===
- YOUR NAME HERE


== 2022-09-17-ctf-foo-automated-program-analysis ==
== 2022-09-17-ctf-foo-automated-program-analysis ==
Line 141: Line 183:
* What can be automated?
* What can be automated?
* What can't be automated? (and why not?)
* What can't be automated? (and why not?)
=== participants: ===
- YOUR NAME HERE

Revision as of 21:55, 21 February 2022

CTF foo
Capture The Flag foo
Art Meet-Up
Datum every other saturday
Start 14:00
Host hanemile
Relevant? Yes

Every two weeks on Saturday from 14:00 - no limit

We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.

2022-03-05-ctf-foo-assembly-basics

  • Memory
  • Register
  • "code" (Assembly)
  • Functions (calling conventions)
  • Buffers
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-03-19-ctf-foo-linux

  • Syscalls
  • Interrupts
  • Kernel
  • Process
  • Init
  • Boot process
  • Filesystems
  • Permissions
  • Uid, Gid
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-04-02-ctf-foo-buffer-overflow

  • Recap: functions (calling conventions)
  • Recap: buffers
  • What do we overwrite?
  • What implications can overwriting data have?
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-04-16-ctf-foo-shellcode

  • What is shellcode?
  • Why learn to do stuff with it?
  • What can we do with it?
  • What problems might arise?
  • How can we solve the problems that arise?
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-04-30-ctf-foo-infoleaks

  • How can information be leaked?
  • Why leak information?
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-05-14-ctf-foo-rop

  • What is the initial problem leading to us ropping?
  • What is "rop"?
  • Why "rop"?
  • Recap: buffer-overflow
  • Recap: infoleaks
  • How can we leak foo using rop?
  • How can we find more gadgets?
  • How can we pop a shell?
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-05-28-ctf-foo-mitigations

  • Start at 0, what are the problems?
  • What mitigations exist (on a high level)?
  • For each problem, what mitigation solves the problem?
  • How can we bypass the mitigations?
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-06-11-ctf-foo-reversing

  • What is reversing?
  • How do we reverse?
  • What tools to we use?
  • What should be looked at in more detail?
  • Qiling
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-06-25-ctf-foo-heap-basics

  • What primitives exist?
  • How do they work?
  • How to read the "docs" (aka. glibc code)
  • How to inspect the heap
  • Getting comfy with debugging hooks
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-07-09-ctf-foo-heap-techniques

  • What's broken?
  • How do we identify broken stuff?
  • How do we break it?
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-07-23-ctf-foo-race-conditions

  • What are race conditions?
  • Where do they arise?
  • How can we identify them?
  • How con we exploit them?
  • TOCTOU
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-08-06-ctf-foo-fuzzing

  • What is fuzzing?
  • Why fuzz stuff
  • How to fuzz stuff
  • Concept (Mutation, Coverage, Snapshots, ...)
  • Harnessing a target, what to look out for
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-08-20-ctf-foo-kernel-security

  • What is the kernel?
  • How can we interact with it?
  • What might break?
  • How can we break it?
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-09-03-ctf-foo-symbolic-execution

  • What is symbolic execution?
  • Into: z3
  • Intro: angr
  • Problems: Path explosion
  • ... (add stuff here that might fit here)

participants:

- YOUR NAME HERE

2022-09-17-ctf-foo-automated-program-analysis

  • What can be automated?
  • What can't be automated? (and why not?)

participants:

- YOUR NAME HERE

Retrieved from "https://wiki.chaosdorf.de/index.php?title=Ctf-foo&oldid=26944"