Ctf-foo: Difference between revisions

Revision as of 21:59, 21 February 2022

CTF foo
Capture The Flag foo
Art	Meet-Up
Datum	every other saturday
Start	14:00
Host	hanemile
Relevant?	Yes

Every two weeks on Saturday from 14:00 - no limit

We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.

2022-03-05-assembly-basics

topics

Memory
Register
"code" (Assembly)
Functions (calling conventions)
Buffers
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-03-19-linux

topics

Syscalls
Interrupts
Kernel
Process
Init
Boot process
Filesystems
Permissions
Uid, Gid
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-04-02-buffer-overflow

topics

Recap: functions (calling conventions)
Recap: buffers
What do we overwrite?
What implications can overwriting data have?
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-04-16-shellcode

topics

What is shellcode?
Why learn to do stuff with it?
What can we do with it?
What problems might arise?
How can we solve the problems that arise?
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-04-30-infoleaks

topics

How can information be leaked?
Why leak information?
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-05-14-rop

topics

What is the initial problem leading to us ropping?
What is "rop"?
Why "rop"?
Recap: buffer-overflow
Recap: infoleaks
How can we leak foo using rop?
How can we find more gadgets?
How can we pop a shell?
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-05-28-mitigations

topics

Start at 0, what are the problems?
What mitigations exist (on a high level)?
For each problem, what mitigation solves the problem?
How can we bypass the mitigations?
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-06-11-reversing

topics

What is reversing?
How do we reverse?
What tools to we use?
What should be looked at in more detail?
Qiling
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-06-25-heap-basics

topics

What primitives exist?
How do they work?
How to read the "docs" (aka. glibc code)
How to inspect the heap
Getting comfy with debugging hooks
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-07-09-heap-techniques

topics

What's broken?
How do we identify broken stuff?
How do we break it?
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-07-23-race-conditions

topics

What are race conditions?
Where do they arise?
How can we identify them?
How con we exploit them?
TOCTOU
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-08-06-fuzzing

topics

What is fuzzing?
Why fuzz stuff
How to fuzz stuff
Concept (Mutation, Coverage, Snapshots, ...)
Harnessing a target, what to look out for
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-08-20-kernel-security

topics

What is the kernel?
How can we interact with it?
What might break?
How can we break it?
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-09-03-symbolic-execution

topics

What is symbolic execution?
Into: z3
Intro: angr
Problems: Path explosion
... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-09-17-automated-program-analysis

topics

What can be automated?
What can't be automated? (and why not?)

participants

- YOUR NAME HERE

@@ Line 13: / Line 13: @@
 We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.
-== 2022-03-05-ctf-foo-assembly-basics ==
+== 2022-03-05-assembly-basics ==
 === topics ===
@@ Line 26: / Line 26: @@
 - YOUR NAME HERE
-== 2022-03-19-ctf-foo-linux ==
+== 2022-03-19-linux ==
 === topics ===
@@ Line 43: / Line 43: @@
 - YOUR NAME HERE
-== 2022-04-02-ctf-foo-buffer-overflow ==
+== 2022-04-02-buffer-overflow ==
 === topics ===
@@ Line 55: / Line 55: @@
 - YOUR NAME HERE
-== 2022-04-16-ctf-foo-shellcode ==
+== 2022-04-16-shellcode ==
 === topics ===
@@ Line 68: / Line 68: @@
 - YOUR NAME HERE
-== 2022-04-30-ctf-foo-infoleaks ==
+== 2022-04-30-infoleaks ==
 === topics ===
@@ Line 78: / Line 78: @@
 - YOUR NAME HERE
-== 2022-05-14-ctf-foo-rop ==
+== 2022-05-14-rop ==
 === topics ===
@@ Line 94: / Line 94: @@
 - YOUR NAME HERE
-== 2022-05-28-ctf-foo-mitigations ==
+== 2022-05-28-mitigations ==
 === topics ===
@@ Line 106: / Line 106: @@
 - YOUR NAME HERE
-== 2022-06-11-ctf-foo-reversing ==
+== 2022-06-11-reversing ==
 === topics ===
@@ Line 119: / Line 119: @@
 - YOUR NAME HERE
-== 2022-06-25-ctf-foo-heap-basics ==
+== 2022-06-25-heap-basics ==
 === topics ===
@@ Line 132: / Line 132: @@
 - YOUR NAME HERE
-== 2022-07-09-ctf-foo-heap-techniques ==
+== 2022-07-09-heap-techniques ==
 === topics ===
@@ Line 143: / Line 143: @@
 - YOUR NAME HERE
-== 2022-07-23-ctf-foo-race-conditions ==
+== 2022-07-23-race-conditions ==
 === topics ===
@@ Line 156: / Line 156: @@
 - YOUR NAME HERE
-== 2022-08-06-ctf-foo-fuzzing ==
+== 2022-08-06-fuzzing ==
 === topics ===
@@ Line 169: / Line 169: @@
 - YOUR NAME HERE
-== 2022-08-20-ctf-foo-kernel-security ==
+== 2022-08-20-kernel-security ==
 === topics ===
@@ Line 181: / Line 181: @@
 - YOUR NAME HERE
-== 2022-09-03-ctf-foo-symbolic-execution ==
+== 2022-09-03-symbolic-execution ==
 === topics ===
@@ Line 193: / Line 193: @@
 - YOUR NAME HERE
-== 2022-09-17-ctf-foo-automated-program-analysis ==
+== 2022-09-17-automated-program-analysis ==
 === topics ===