Introduction to Attack Techniques CTF

With @sambowne, @djhardb, @infosecirvin, and @KaitlynGuru.

Scoreboard · Submit Flags

Scores from HOPE 2020

Final Scores for Cyber June'Gle 2020

Videos from CircleCityCon, June 2020
Scores from CircleCityCon

Basics

H 100: Binary Games  50
H 110: Linux Journey  83
B: Bandit Challenges  230
U-Cen and U-Cyb: PowerShell  75

Cyber Range Setup

Cyber Range Planning
H 201: Google Cloud Linux Server  10
H 202: Kali Virtual Machine  15
H 220: Windows Virtual Machine  15
H 221: Google Cloud Windows Server  10
H 240: WireGuard VPN  15
ED 290: Desktop on a Cloud Linux Server  10

Command Injection

ED 102: Command Injection  60
ED 103: SQLI Challenges  185
ED 104: CMD Injection  40
ED 105: Server Side Template Injection (SSTI)  35
W 401: Command Injection on Salt  30
ED 106: PHP-FPM Command Injection  15

Metasploit

H 310: Metasploit v. ActiveMQ  20
H 311: Adding a Custom Exploit to Metasploit  15
H 312: Writing a Custom Metasploit Module  25
H 320: Creating a Trojan with Metasploit  15

Networking

H 410: Nmap  40
H 420: Wireshark  110
H 430: Scapy  20
H 130: sslh  10
H 131: Stealing an SSH Password with strace  10

Passwords & Cryptography

H 510: Reset Windows Password with an Install Disk  15
H 520: Hashcat  60
H 530: Blockchains  15
H 531: Hyperledger IROHA  15
H 532: Hacking PoWHCoin  15

Android Emulator Setup

Mac or Linux

M 101: Genymotion 15
M 103: Burp 20

Windows

Do M 108 below first
M 104: BlueStacks 15
M 106: Burp and Nox 20

Any OS

M 105: Plaintext Login    15
M 107: GenieMD Broken SSL (Harvard & IBM)    15 + 40 extra
M 108: Kali Virtual Machine 15
Download Kali VM

Android Debug Bridge

Mac or Linux

M 201: ADB on Genymotion on a Mac    15
M 202: BlueStacks on a Mac 15 extra

Windows

M203: ADB & Nox on Windows    15

Any OS

M 204: Equity Pandit    15 + 50 extra
M 207: ES Explorer Command Injection    10

Smali

M 401: Trojaning Progressive and Bank of America    20 + 20 extra
M 402: mAadhaar Code Modification    20
M 410: Exploiting an Android Phone with Metasploit    15 extra

Resources

Textbook

Class in Ethical Hacking

Textbook

Advanced Ethical Hacking Class

Violent Python Book

Violent Python 3 CTF

Last updated 7-27-2020