Ctf-foo: Difference between revisions

From Chaosdorf Wiki
(Added some hints to the event's I wont be able to attend, so we can discuss how to handle this and hopefully find a fitting solution.)
(Moved the individual events to own pages and created a media wiki query for displaying the events.)
Line 9: Line 9:
}}
}}


Every two weeks on Saturday from 14:00 - no limit
An event focused on "Capture the Flag" Events. The main point here is to get people into the security field in a welcoming way and provide a space for interested people to exchange knowledge.
 
The individual events which take place every two weeks have a dedicated topic, but we're also quite flexible and can look into other stuff (So if you've got a topic you might be interested in, bring it up!).


We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.
We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.


=== Topics ===
Here's a list of the past events giving you a brief idea on what we're doing:
Got a topic you'd wish we go over? Put it here:
 
* YOUT TOPIC HERE
 
== 2022-03-05-assembly-basics ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
* Memory
* Register
* "code" (Assembly)
* Functions (calling conventions)
* Buffers
* ... (add stuff here that might fit here)
 
=== participants ===
 
* oryon
* awh4ck3r / keiffrichards@gmail.com
* Spectranis
* Lukas
* @ThisIsM4l1k
 
== 2022-03-19-linux ==
 
=== Mentors ===
 
* {{U|ytvwld}}
 
=== topics ===
 
* Syscalls
* Interrupts
* Kernel
* Process
* Init
* Boot process
* Filesystems
* Permissions
* Uid, Gid
* ... (add stuff here that might fit here)
 
=== participants ===
 
* {{U|ytvwld}}
* Lukas
 
== 2022-04-02-buffer-overflow ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* Recap: functions (calling conventions)
* Recap: buffers
* What do we overwrite?
* What implications can overwriting data have?
* ... (add stuff here that might fit here)
* META: As I won't be able to attend some the following events, we'll need to find a solution (for example: I can provide slides and information for some other people to learn together or so).
 
=== participants ===
 
* Plutarch
 
== 2022-04-16-shellcode ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
* What is shellcode?
* Why learn to do stuff with it?
* What can we do with it?
* What problems might arise?
* How can we solve the problems that arise?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* Plutarch
 
== 2022-04-30-infoleaks ==
(I (Emile) can't be there, but I can provide some slides and an introduction in advance for someone). We'll still need a member to host the event.
 
We could also move this event to 2022-05-07.
 
=== Mentors ===
 
* ???
 
=== topics ===
 
* How can information be leaked?
* Why leak information?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-05-14-rop ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* What is the initial problem leading to us ropping?
* What is "rop"?
* Why "rop"?
* Recap: buffer-overflow
* Recap: infoleaks
* How can we leak foo using rop?
* How can we find more gadgets?
* How can we pop a shell?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-05-28-mitigations ==
(I (Emile) can't be there, but I can provide some slides and an introduction in advance for someone). We'll still need a member to host the event. (I'm also not there the week before and the week after...)
 
=== Mentors ===
 
* ???
 
=== topics ===
 
* Start at 0, what are the problems?
* What mitigations exist (on a high level)?
* For each problem, what mitigation solves the problem?
* How can we bypass the mitigations?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-06-11-reversing ==
 
=== Mentors ===
 
* {{U|hanemile}}
* bdgtwy
 
=== topics ===
* What is reversing?
* How do we reverse?
* What tools to we use?
* What should be looked at in more detail?
* Qiling
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-06-25-heap-basics ==
(This topic might become a complete whole own series of 5-n workshops, so be aware that this might change over time).
 
=== Mentors ===
 
* {{U|hanemile}}
* milo
 
=== topics ===
* What primitives exist?
* How do they work?
* How to read the "docs" (aka. glibc code)
* How to inspect the heap
* Getting comfy with debugging hooks
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-07-09-heap-techniques ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* What's broken?
* How do we identify broken stuff?
* How do we break it?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-07-23-race-conditions ==
(I (Emile) can't be there, but I can provide some slides and an introduction in advance for someone). We'll still need a member to host the event.
 
We could also move this event a week before to 2022-07-16.
 
=== Mentors ===
 
* ???
 
=== topics ===
 
* What are race conditions?
* Where do they arise?
* How can we identify them?
* How con we exploit them?
* TOCTOU
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-08-06-fuzzing ==
 
=== Mentors ===
 
* {{U|maride}}
 
=== topics ===
 
* What is fuzzing?
* Why fuzz stuff
* How to fuzz stuff
* Concept (Mutation, Coverage, Snapshots, ...)
* Harnessing a target, what to look out for
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-08-20-kernel-security ==
 
=== Mentors ===
 
* {{U|hanemile}}
 
=== topics ===
 
* What is the kernel?
* How can we interact with it?
* What might break?
* How can we break it?
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-09-03-symbolic-execution ==
 
=== Mentors ===
 
* {{U|hanemile}}
* {{U|barbieauglend}}
 
=== topics ===
 
* What is symbolic execution?
* Into: z3
* Intro: angr
* Problems: Path explosion
* ... (add stuff here that might fit here)
 
=== participants ===
 
* YOUR NAME HERE
 
== 2022-09-17-automated-program-analysis ==
 
=== topics ===
* What can be automated?
* What can't be automated? (and why not?)
 
=== participants ===


* YOUR NAME HERE
{{#ask:
  [[has title::CTF foo]]
  [[Category:Events]]
  |sort=Has Date
  |order=descending
  |format=embedded
  |embedformat=h1
}}
__NOTOC__

Revision as of 13:02, 31 March 2022

CTF foo
Capture The Flag foo
Art Meet-Up
Datum every other saturday
Start 14:00
Host hanemile
Relevant? Yes

An event focused on "Capture the Flag" Events. The main point here is to get people into the security field in a welcoming way and provide a space for interested people to exchange knowledge.

The individual events which take place every two weeks have a dedicated topic, but we're also quite flexible and can look into other stuff (So if you've got a topic you might be interested in, bring it up!).

We'll look at specific topics at each event and maybe play some CTF that is currently running afterwards in order to try out our newly learnt skills.

Here's a list of the past events giving you a brief idea on what we're doing:

Ctf-foo/2022-09-03

CTF foo
Symbolic execution
Art Meet-Up
Datum 2022-09-03
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

symbolic execution

Mentors

topics

  • What is symbolic execution?
  • Into: z3
  • Intro: angr
  • Problems: Path explosion
  • ... (add stuff here that might fit here)

participants

CTF foo
Kernel Security
Art Meet-Up
Datum 2022-08-20
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

kernel security

Mentors

topics

  • What is the kernel?
  • How can we interact with it?
  • What might break?
  • How can we break it?
  • ... (add stuff here that might fit here)

participants

CTF foo
Fuzzing
Art Meet-Up
Datum 2022-08-06
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

Fuzzing

Mentors

topics

  • What is fuzzing?
  • Why fuzz stuff
  • How to fuzz stuff
  • Concept (Mutation, Coverage, Snapshots, ...)
  • Harnessing a target, what to look out for
  • ... (add stuff here that might fit here)

participants

CTF foo
Race Conditions
Art Meet-Up
Datum 2022-07-23
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

race conditions

(I (Emile) can't be there, but I can provide some slides and an introduction in advance for someone). We'll still need a member to host the event.

We could also move this event a week before to 2022-07-16.

Mentors

  • ???

topics

  • What are race conditions?
  • Where do they arise?
  • How can we identify them?
  • How con we exploit them?
  • TOCTOU
  • ... (add stuff here that might fit here)

participants

CTF foo
Heap techniques
Art Meet-Up
Datum 2022-07-09
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

heap techniques

Mentors

topics

  • What's broken?
  • How do we identify broken stuff?
  • How do we break it?
  • ... (add stuff here that might fit here)

participants

CTF foo
Heap basics
Art Meet-Up
Datum 2022-06-25
Start 20:00
Dauer 4h
Host hanemile
Relevant? Yes

Heap basics

(This topic might become a complete whole own series of 5-n workshops, so be aware that this might change over time).

Mentors

topics

  • The "introduction" event to the heap-foo.
  • Will just explain a bit what might await us and what might be nice to know beforehand.
  • Summary: Heap exploitation is amazing and we don't want to do this in only a few hours, but dive a lot deeper into it, so this is going to be a whole series.

participants

CTF foo
Reversing
Art Meet-Up
Datum 2022-06-11
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

Reversing

Mentors

topics

  • What is reversing?
  • How do we reverse?
  • What tools to we use?
  • What should be looked at in more detail?
  • Qiling
  • ... (add stuff here that might fit here)

participants

CTF foo
Mitigations
Art Meet-Up
Datum 2022-05-29
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

Mitigations

  • moved from the 28th to the 29th*

Mentors

  • harryr

topics

  • Start at 0, what are the problems?
  • What mitigations exist (on a high level)?
  • For each problem, what mitigation solves the problem?
  • How can we bypass the mitigations?
  • ... (add stuff here that might fit here)

participants

CTF foo
Return Oriented Programming
Art Meet-Up
Datum 2022-05-14
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

Return Oriented Programming (ROP)

Mentors

topics

  • What is the initial problem leading to us ropping?
  • What is "rop"?
  • Why "rop"?
  • Recap: buffer-overflow
  • Recap: infoleaks
  • How can we leak foo using rop?
  • How can we find more gadgets?
  • How can we pop a shell?
  • ... (add stuff here that might fit here)

participants

CTF foo
Infoleaks
Art Meet-Up
Datum 2022-05-07
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

Infoleaks

Mentors

  • hanemile

topics

  • How can information be leaked?
  • Why leak information?
  • ... (add stuff here that might fit here)

participants

CTF foo
Shellcode
Art Meet-Up
Datum 2022-04-16
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

Shellcode

Mentors

topics

  • What is shellcode?
  • Why learn to do stuff with it?
  • What can we do with it?
  • What problems might arise?
  • How can we solve the problems that arise?
  • ... (add stuff here that might fit here)

participants

CTF foo
Cryptography
Art Meet-Up
Datum 2022-04-02
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

Cryptography

Mentors

topics (planned)

  • Recap: functions (calling conventions)
  • Recap: buffers
  • What do we overwrite?
  • What implications can overwriting data have?
  • ... (add stuff here that might fit here)
  • META: As I won't be able to attend some of the following events, we'll need to find a solution (for example: I can provide slides and information for some other people to learn together or so). (I will be there on 2022-04-02)

topics (actual)

participants

CTF foo
Linux
Art Meet-Up
Datum 2022-03-19
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

linux

Mentors

topics

  • Syscalls
  • Interrupts
  • Kernel
  • Process
  • Init
  • Boot process
  • Filesystems
  • Permissions
  • Uid, Gid
  • ... (add stuff here that might fit here)

participants

CTF foo
Assembly Basics
Art Meet-Up
Datum 2022-03-05
Start 14:00
Dauer 4h
Host hanemile
Relevant? Yes

Assembly Basics

Mentors

topics

  • Memory
  • Register
  • "code" (Assembly)
  • Functions (calling conventions)
  • Buffers
  • ... (add stuff here that might fit here)

participants

  • oryon
  • awh4ck3r / keiffrichards@gmail.com
  • Spectranis
  • Lukas
  • @ThisIsM4l1k
Retrieved from "https://wiki.chaosdorf.de/index.php?title=Ctf-foo&oldid=27226"