Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / NewStats: 3,194,150 members, 7,953,556 topics. Date: Thursday, 19 September 2024 at 06:56 PM |
Nairaland Forum / Science/Technology / Programming / Me And The Ctfs. (866 Views)
Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... (2) (3) (4)
Me And The Ctfs. by olioxx(m): 3:51pm On Jan 27, 2022 |
Vulnerability Analysis and or Capturing The Flag. How is this done? There are 3 ways which theoretically proves to be the easy way(methods) to analyse binaries for bugs/vulnerabilities. These are : Fuzzing, Symbolic Execution and Dynamic Symbolic Execution . ************************************* FUZZING: Read more : https://en.m.wikipedia.org/wiki/Fuzzing Fuzzing technique was originally developed by Barton Miller(https://scholar.google.com/citations?user=dywFuRMAAAAJ&hl=en) Basic Concept of Fuzzing : These technique aims to generate inputs that explores all possible path in a binary in hopes of finding one path that will cause the program to crash. Crash Why Practically binary crashes is the first step to finding bugs/vulnerabilities. ************************************** SYMBOLIC EXECUTION : Read more: https://en.m.wikipedia.org/wiki/Symbolic_execution Symbolic execution technique aims to analyse a binary without executing it, using symbols instead of inputs/data. A theorem prover is needed to when dealing with solving paths in symbolic execution. A popular theorem prover is Z3(https://en.m.wikipedia.org/wiki/Z3_Theorem_Prover) There are certain limitations with symbolic execution technique, and this birthed the rise of Dynamic Symbolic Execution. One of the most popular Symbolic Execution tool which luckily is also open sourced is angr. *************************************** DYNAMIC SYMBOLIC EXECUTION DSE technique is just like, "using one stone to kill 2 birds". DSE technique bridges fuzzing and symbolic execution. Theoretically, DSE is the fastest and most efficient technique to spotting bug(s) or analysing a binary. 2 Likes |
Re: Me And The Ctfs. by olioxx(m): 9:07pm On Feb 02, 2022 |
SYSTEM SETUP & CONFIGURATIONS Kali Linux and ParrotOS are the two most used Linux distribution for CTFs and finding bugs. Virtual Machine Security : The process of finding bugs can be tricky and it is always recommended to have a secure firewall, and so I used pfSense. pfSense from NetsGate is a secure firewall that protects a virtualized environment from the wild internet. 1st Image: PFSense image. 2nd Image: PFSense final configuration message. Operating System for Hacks(Ethical): After securing my virtualized environment, the next step is getting the OS, I choose Kali Linux(I downloaded the .ova file specific to Virtualbox. Setting up was a breeze, Offensive Security has made a lot of efforts in simplifying the installation process. 3rd Image: Kali Linux starter screen 4th Image: Kali Linux Home Screen 1 Like
|
Re: Me And The Ctfs. by olioxx(m): 9:17pm On Feb 02, 2022 |
Kali prides as been an OS for hacks thereby coming pre-installed with a lot of useful tools. Testing Tools for binary: In this case I tested for Python and C which came pre-installed. 1st Image: C code for test purpose. After code comes the compilation. gcc is really handy here. 2nd Image: Binary file from compiled source file. At this point I knew that the Kali setup was successful, tools were all working. 3rd Image: Binary works as expected. Next up will be to set up a virtualenv(Python) for symbolic execution of different binaries and playing around with some CTF challenges.
|
Re: Me And The Ctfs. by olioxx(m): 4:55pm On Feb 04, 2022 |
I now have my virtual environment activated. I made some mistakes with some commands, but now it has been fixed. 1st Image: Activated Virtual Environment. 2nd Image: Virtual Environment will use Python 3.9.8. My Kali installation is Kali 2.4 which comes preinstalled with the most recent version of Python, so the venv will use all that dependencies and system level dependencies like gcc(for C code). With Python added, I can also use pip for most installation, and I can use Python script for automation as well. 3rd Image: Angr Script for first CTF. Disclaimer: I found this sample script on the internet. The script will try to find what input will trigger the bug, since I want to find out the passcode from the binary. (From the previous C code, the passcode is 2022, let's see if that will be displayed.) 4th Image: Used pip to install Angr in the venv.
|
Re: Me And The Ctfs. by olioxx(m): 3:34am On Feb 06, 2022 |
1st Image: After running Angr against the script, the base address of the program is shown as well as the password. 2nd Image: Viola the password is shown. I CTF. . I decided to make some detour, I setup the popular Metasploitable VM, which is a vulnerable Linux server, to see what I can glean. 3rd Image: Metasploitable VM 4th Image: I was able to remotely access the Server from Kali. The server + Kali all work in a LAN, so I hacked the IP address using netdiscover command. I also activated some shell commands(script) to remotely reboot and shut down the server.
|
Re: Me And The Ctfs. by olioxx(m): 3:41pm On Feb 07, 2022 |
I finally downloaded the crackmes and the repository. 1st Image: Crackmes and a binary bomb file 2 Image: The Angr CTF repo 3rd Image: Reverse Engineering tasks involves a lot of repetition, and so have a file that aids automation is key. I always have a gdb configuration file to assist with debugging with GDB. I decided to use GDB in sync with Angr to get the full picture of the file. GDB will execute at root level while Angr will execute at venv level. 4th Image: (Optional) I created a file to store list of Flags Captured. I stored this file in the Desktop folder for quick access.
|
Re: Me And The Ctfs. by olioxx(m): 9:01pm On Feb 07, 2022 |
1st Image: Starting now I'll need to get the strings in the crackeme2 file. String is one of the best first step with analysis. You will notice that this is an IOLI crackme challenge. 2nd Image: Next up is to know what is the file format of the binary. Guesses correct; it is an elf file. 3rd Image: Unfortunately GDB doesn't come pre-installed on Kali so I had to install it. 4th Image: After some little debugging now comes the time to write Angr script. The script shows two possible paths(or inputs) to crack the crackme. 1 Like
|
Re: Me And The Ctfs. by olioxx(m): 9:08pm On Feb 07, 2022 |
1st Image: Viola the two paths are shown and finally the correct path(or input) to crack the challenge. 1 Like 1 Share
|
Re: Me And The Ctfs. by Hamzasaid(m): 6:26pm On Mar 31, 2022 |
lets connect bro gat some ctfs we could learn and horn our skillz |
Re: Me And The Ctfs. by olioxx(m): 9:37pm On Mar 31, 2022 |
Hamzasaid:Drop your contact, lemme hook up. |
Re: Me And The Ctfs. by LikeAking: 9:42pm On Mar 31, 2022 |
Nawa! |
Re: Me And The Ctfs. by Hamzasaid(m): 1:39pm On Apr 03, 2022 |
1 Like |
Re: Me And The Ctfs. by Emm22(m): 4:39pm On Apr 03, 2022 |
i successfully used fern to hack my neighbor wi-fi 1 Like 1 Share |
(1) (Reply)
Hi React Devs . Please I Have A Slight Issue .come.in Here / Hp Elite Book 840 G3 Issue / Laptops For Sale.. Affordable As Always !
(Go Up)
Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 28 |