(removed the colons from the "participants" subtopic of each section) |
(Added a "topics" title in front of the individual topics) |
||
| Line 15: | Line 15: | ||
== 2022-03-05-ctf-foo-assembly-basics == | == 2022-03-05-ctf-foo-assembly-basics == | ||
=== topics === | |||
* Memory | * Memory | ||
* Register | * Register | ||
| Line 27: | Line 28: | ||
== 2022-03-19-ctf-foo-linux == | == 2022-03-19-ctf-foo-linux == | ||
=== topics === | |||
* Syscalls | * Syscalls | ||
* Interrupts | * Interrupts | ||
| Line 43: | Line 45: | ||
== 2022-04-02-ctf-foo-buffer-overflow == | == 2022-04-02-ctf-foo-buffer-overflow == | ||
=== topics === | |||
* Recap: functions (calling conventions) | * Recap: functions (calling conventions) | ||
* Recap: buffers | * Recap: buffers | ||
| Line 54: | Line 57: | ||
== 2022-04-16-ctf-foo-shellcode == | == 2022-04-16-ctf-foo-shellcode == | ||
=== topics === | |||
* What is shellcode? | * What is shellcode? | ||
* Why learn to do stuff with it? | * Why learn to do stuff with it? | ||
| Line 66: | Line 70: | ||
== 2022-04-30-ctf-foo-infoleaks == | == 2022-04-30-ctf-foo-infoleaks == | ||
=== topics === | |||
* How can information be leaked? | * How can information be leaked? | ||
* Why leak information? | * Why leak information? | ||
| Line 75: | Line 80: | ||
== 2022-05-14-ctf-foo-rop == | == 2022-05-14-ctf-foo-rop == | ||
=== topics === | |||
* What is the initial problem leading to us ropping? | * What is the initial problem leading to us ropping? | ||
* What is "rop"? | * What is "rop"? | ||
| Line 90: | Line 96: | ||
== 2022-05-28-ctf-foo-mitigations == | == 2022-05-28-ctf-foo-mitigations == | ||
=== topics === | |||
* Start at 0, what are the problems? | * Start at 0, what are the problems? | ||
* What mitigations exist (on a high level)? | * What mitigations exist (on a high level)? | ||
| Line 101: | Line 108: | ||
== 2022-06-11-ctf-foo-reversing == | == 2022-06-11-ctf-foo-reversing == | ||
=== topics === | |||
* What is reversing? | * What is reversing? | ||
* How do we reverse? | * How do we reverse? | ||
| Line 113: | Line 121: | ||
== 2022-06-25-ctf-foo-heap-basics == | == 2022-06-25-ctf-foo-heap-basics == | ||
=== topics === | |||
* What primitives exist? | * What primitives exist? | ||
* How do they work? | * How do they work? | ||
| Line 125: | Line 134: | ||
== 2022-07-09-ctf-foo-heap-techniques == | == 2022-07-09-ctf-foo-heap-techniques == | ||
=== topics === | |||
* What's broken? | * What's broken? | ||
* How do we identify broken stuff? | * How do we identify broken stuff? | ||
| Line 135: | Line 145: | ||
== 2022-07-23-ctf-foo-race-conditions == | == 2022-07-23-ctf-foo-race-conditions == | ||
=== topics === | |||
* What are race conditions? | * What are race conditions? | ||
* Where do they arise? | * Where do they arise? | ||
| Line 147: | Line 158: | ||
== 2022-08-06-ctf-foo-fuzzing == | == 2022-08-06-ctf-foo-fuzzing == | ||
=== topics === | |||
* What is fuzzing? | * What is fuzzing? | ||
* Why fuzz stuff | * Why fuzz stuff | ||
| Line 159: | Line 171: | ||
== 2022-08-20-ctf-foo-kernel-security == | == 2022-08-20-ctf-foo-kernel-security == | ||
=== topics === | |||
* What is the kernel? | * What is the kernel? | ||
* How can we interact with it? | * How can we interact with it? | ||
| Line 170: | Line 183: | ||
== 2022-09-03-ctf-foo-symbolic-execution == | == 2022-09-03-ctf-foo-symbolic-execution == | ||
=== topics === | |||
* What is symbolic execution? | * What is symbolic execution? | ||
* Into: z3 | * Into: z3 | ||
| Line 181: | Line 195: | ||
== 2022-09-17-ctf-foo-automated-program-analysis == | == 2022-09-17-ctf-foo-automated-program-analysis == | ||
=== topics === | |||
* What can be automated? | * What can be automated? | ||
* What can't be automated? (and why not?) | * What can't be automated? (and why not?) | ||
Revision as of 22:58, 21 February 2022
| CTF foo | |
|---|---|
| Capture The Flag foo | |
| Art | Meet-Up |
| Datum | every other saturday |
| Start | 14:00 |
| Host | hanemile
|
| Relevant? | Yes |
Every two weeks on Saturday from 14:00 - no limit
We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.
2022-03-05-ctf-foo-assembly-basics
topics
- Memory
- Register
- "code" (Assembly)
- Functions (calling conventions)
- Buffers
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-03-19-ctf-foo-linux
topics
- Syscalls
- Interrupts
- Kernel
- Process
- Init
- Boot process
- Filesystems
- Permissions
- Uid, Gid
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-04-02-ctf-foo-buffer-overflow
topics
- Recap: functions (calling conventions)
- Recap: buffers
- What do we overwrite?
- What implications can overwriting data have?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-04-16-ctf-foo-shellcode
topics
- What is shellcode?
- Why learn to do stuff with it?
- What can we do with it?
- What problems might arise?
- How can we solve the problems that arise?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-04-30-ctf-foo-infoleaks
topics
- How can information be leaked?
- Why leak information?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-05-14-ctf-foo-rop
topics
- What is the initial problem leading to us ropping?
- What is "rop"?
- Why "rop"?
- Recap: buffer-overflow
- Recap: infoleaks
- How can we leak foo using rop?
- How can we find more gadgets?
- How can we pop a shell?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-05-28-ctf-foo-mitigations
topics
- Start at 0, what are the problems?
- What mitigations exist (on a high level)?
- For each problem, what mitigation solves the problem?
- How can we bypass the mitigations?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-06-11-ctf-foo-reversing
topics
- What is reversing?
- How do we reverse?
- What tools to we use?
- What should be looked at in more detail?
- Qiling
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-06-25-ctf-foo-heap-basics
topics
- What primitives exist?
- How do they work?
- How to read the "docs" (aka. glibc code)
- How to inspect the heap
- Getting comfy with debugging hooks
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-07-09-ctf-foo-heap-techniques
topics
- What's broken?
- How do we identify broken stuff?
- How do we break it?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-07-23-ctf-foo-race-conditions
topics
- What are race conditions?
- Where do they arise?
- How can we identify them?
- How con we exploit them?
- TOCTOU
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-08-06-ctf-foo-fuzzing
topics
- What is fuzzing?
- Why fuzz stuff
- How to fuzz stuff
- Concept (Mutation, Coverage, Snapshots, ...)
- Harnessing a target, what to look out for
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-08-20-ctf-foo-kernel-security
topics
- What is the kernel?
- How can we interact with it?
- What might break?
- How can we break it?
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-09-03-ctf-foo-symbolic-execution
topics
- What is symbolic execution?
- Into: z3
- Intro: angr
- Problems: Path explosion
- ... (add stuff here that might fit here)
participants
- YOUR NAME HERE
2022-09-17-ctf-foo-automated-program-analysis
topics
- What can be automated?
- What can't be automated? (and why not?)
participants
- YOUR NAME HERE