Loading presentation...

Present Remotely

Send the link below via email or IM

Copy

Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.

DeleteCancel

Make your likes visible on Facebook?

Connect your Facebook account to Prezi and let your likes appear on your timeline.
You can change this under Settings & Account at any time.

No, thanks

CTF Introduction

Brief introduction of CTF
by

little fater

on 5 December 2012

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of CTF Introduction

From or follow a team Capture The Flag by littlefater Challenges How to participate def make_secure():
UNSAFE_BUILTINS = ['open',
'file',
'execfile',
'compile',
'reload',
'__import__',
'eval',
'input'] ## block objet?

for func in UNSAFE_BUILTINS:
del __builtins__.__dict__[func]

from re import findall
make_secure()

print 'Go Ahead, Expoit me >;D'

while True:
try:
inp = findall('\S+', raw_input())[0]
a = None
exec 'a=' + inp
print 'Return Value:', a
except Exception, e:
print 'Exception:', e Python Jail

You are surrounded by zombies. You heard there's a safe house nearby, but climbing fences is hard with a beer belly. Thank god, there's another survive over there. "Hey! Help me!", you shout. He just laughs and shakes you off the fence. Asshole. Later, you see his dead body lying in front of a high security door secured by automated weapons. Heh... karma is a bitch. But that means you'll have to find another way in. In this nerd area, all the doors are secured with stupid computer puzzles. So, what the heck.

Hint: You'll find the entrance in "./key" Object.__class__.__base__.__subclasses__()[40](‘./key’,'r’).read()


findall.func_globals['sys'].modules['os'].system("cat\x20./key") Zombie Talk

Zombies got communication-problems because of their heterogeneity, so they defined a standard for their communication. We need to know how to decrypt their messages in order to successfully defeat them. Luckily, a friend of mine found one of those encrypted messages:

0x1be15dc
77676058612
03062372
676
0x9542
0x2546c9ec
02614610
0x3b3154e5a0a923ff

Hint: uppercase seems legit. HELLO
ZOMBIES
HERE
IS
THE
ACCESS
FLAG
WELOVEBRAINZ Character set: A-Z 0-9

0x1be15dc --> 17 14 21 21 24

17 - H
14 - E
21 - L
21 - L
24 - O Knowledge Reward Teamwork & friendship Have more fun ~~ Gains CTF Overview What is CTF ? Style Topics 1 2 3 Jeopardy
style Attack-defence
style Mixed-style Cryptography
Penetration Test
Forensics
Buffer overflow
Reverse Engineering
Mobile security Upcoming We can Enjoy them togther ~~ Capture the Flag (CTF) is a special kind of information security competitions. New vulnerabilities (0Day)

Useful skills

Advanced technologies

New thoughts or ideas Travel to another country

Attractive prizes

A huge bonus Working with and making friend with many excellent talents Study the rules of the game Training sessions Register & Qualifying Final wave
Full transcript