Ctf-foo: Difference between revisions

From Chaosdorf Wiki
(removed the colons from the "participants" subtopic of each section)
(Added a "topics" title in front of the individual topics)
Line 15: Line 15:
== 2022-03-05-ctf-foo-assembly-basics ==
== 2022-03-05-ctf-foo-assembly-basics ==


=== topics ===
* Memory
* Memory
* Register
* Register
Line 27: Line 28:
== 2022-03-19-ctf-foo-linux ==
== 2022-03-19-ctf-foo-linux ==


=== topics ===
* Syscalls
* Syscalls
* Interrupts
* Interrupts
Line 43: Line 45:
== 2022-04-02-ctf-foo-buffer-overflow ==
== 2022-04-02-ctf-foo-buffer-overflow ==


=== topics ===
* Recap: functions (calling conventions)
* Recap: functions (calling conventions)
* Recap: buffers
* Recap: buffers
Line 54: Line 57:
== 2022-04-16-ctf-foo-shellcode ==
== 2022-04-16-ctf-foo-shellcode ==


=== topics ===
* What is shellcode?
* What is shellcode?
* Why learn to do stuff with it?
* Why learn to do stuff with it?
Line 66: Line 70:
== 2022-04-30-ctf-foo-infoleaks ==
== 2022-04-30-ctf-foo-infoleaks ==


=== topics ===
* How can information be leaked?
* How can information be leaked?
* Why leak information?
* Why leak information?
Line 75: Line 80:
== 2022-05-14-ctf-foo-rop ==
== 2022-05-14-ctf-foo-rop ==


=== topics ===
* What is the initial problem leading to us ropping?
* What is the initial problem leading to us ropping?
* What is "rop"?
* What is "rop"?
Line 90: Line 96:
== 2022-05-28-ctf-foo-mitigations ==
== 2022-05-28-ctf-foo-mitigations ==


=== topics ===
* Start at 0, what are the problems?
* Start at 0, what are the problems?
* What mitigations exist (on a high level)?
* What mitigations exist (on a high level)?
Line 101: Line 108:
== 2022-06-11-ctf-foo-reversing ==
== 2022-06-11-ctf-foo-reversing ==


=== topics ===
* What is reversing?
* What is reversing?
* How do we reverse?
* How do we reverse?
Line 113: Line 121:
== 2022-06-25-ctf-foo-heap-basics ==
== 2022-06-25-ctf-foo-heap-basics ==


=== topics ===
* What primitives exist?
* What primitives exist?
* How do they work?
* How do they work?
Line 125: Line 134:
== 2022-07-09-ctf-foo-heap-techniques ==
== 2022-07-09-ctf-foo-heap-techniques ==


=== topics ===
* What's broken?
* What's broken?
* How do we identify broken stuff?
* How do we identify broken stuff?
Line 135: Line 145:
== 2022-07-23-ctf-foo-race-conditions ==
== 2022-07-23-ctf-foo-race-conditions ==


=== topics ===
* What are race conditions?
* What are race conditions?
* Where do they arise?
* Where do they arise?
Line 147: Line 158:
== 2022-08-06-ctf-foo-fuzzing ==
== 2022-08-06-ctf-foo-fuzzing ==


=== topics ===
* What is fuzzing?
* What is fuzzing?
* Why fuzz stuff
* Why fuzz stuff
Line 159: Line 171:
== 2022-08-20-ctf-foo-kernel-security ==
== 2022-08-20-ctf-foo-kernel-security ==


=== topics ===
* What is the kernel?
* What is the kernel?
* How can we interact with it?
* How can we interact with it?
Line 170: Line 183:
== 2022-09-03-ctf-foo-symbolic-execution ==
== 2022-09-03-ctf-foo-symbolic-execution ==


=== topics ===
* What is symbolic execution?
* What is symbolic execution?
* Into: z3
* Into: z3
Line 181: Line 195:
== 2022-09-17-ctf-foo-automated-program-analysis ==
== 2022-09-17-ctf-foo-automated-program-analysis ==


=== topics ===
* What can be automated?
* What can be automated?
* What can't be automated? (and why not?)
* What can't be automated? (and why not?)

Revision as of 21:58, 21 February 2022

CTF foo
Capture The Flag foo
Art Meet-Up
Datum every other saturday
Start 14:00
Host hanemile
Relevant? Yes

Every two weeks on Saturday from 14:00 - no limit

We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.

2022-03-05-ctf-foo-assembly-basics

topics

  • Memory
  • Register
  • "code" (Assembly)
  • Functions (calling conventions)
  • Buffers
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-03-19-ctf-foo-linux

topics

  • Syscalls
  • Interrupts
  • Kernel
  • Process
  • Init
  • Boot process
  • Filesystems
  • Permissions
  • Uid, Gid
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-04-02-ctf-foo-buffer-overflow

topics

  • Recap: functions (calling conventions)
  • Recap: buffers
  • What do we overwrite?
  • What implications can overwriting data have?
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-04-16-ctf-foo-shellcode

topics

  • What is shellcode?
  • Why learn to do stuff with it?
  • What can we do with it?
  • What problems might arise?
  • How can we solve the problems that arise?
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-04-30-ctf-foo-infoleaks

topics

  • How can information be leaked?
  • Why leak information?
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-05-14-ctf-foo-rop

topics

  • What is the initial problem leading to us ropping?
  • What is "rop"?
  • Why "rop"?
  • Recap: buffer-overflow
  • Recap: infoleaks
  • How can we leak foo using rop?
  • How can we find more gadgets?
  • How can we pop a shell?
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-05-28-ctf-foo-mitigations

topics

  • Start at 0, what are the problems?
  • What mitigations exist (on a high level)?
  • For each problem, what mitigation solves the problem?
  • How can we bypass the mitigations?
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-06-11-ctf-foo-reversing

topics

  • What is reversing?
  • How do we reverse?
  • What tools to we use?
  • What should be looked at in more detail?
  • Qiling
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-06-25-ctf-foo-heap-basics

topics

  • What primitives exist?
  • How do they work?
  • How to read the "docs" (aka. glibc code)
  • How to inspect the heap
  • Getting comfy with debugging hooks
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-07-09-ctf-foo-heap-techniques

topics

  • What's broken?
  • How do we identify broken stuff?
  • How do we break it?
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-07-23-ctf-foo-race-conditions

topics

  • What are race conditions?
  • Where do they arise?
  • How can we identify them?
  • How con we exploit them?
  • TOCTOU
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-08-06-ctf-foo-fuzzing

topics

  • What is fuzzing?
  • Why fuzz stuff
  • How to fuzz stuff
  • Concept (Mutation, Coverage, Snapshots, ...)
  • Harnessing a target, what to look out for
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-08-20-ctf-foo-kernel-security

topics

  • What is the kernel?
  • How can we interact with it?
  • What might break?
  • How can we break it?
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-09-03-ctf-foo-symbolic-execution

topics

  • What is symbolic execution?
  • Into: z3
  • Intro: angr
  • Problems: Path explosion
  • ... (add stuff here that might fit here)

participants

- YOUR NAME HERE

2022-09-17-ctf-foo-automated-program-analysis

topics

  • What can be automated?
  • What can't be automated? (and why not?)

participants

- YOUR NAME HERE