% Created 2019-06-15 Sat 14:50
% Intended LaTeX compiler: pdflatex
\documentclass[presentation]{beamer}
\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
\usepackage{graphicx}
\usepackage{grffile}
\usepackage{longtable}
\usepackage{wrapfig}
\usepackage{rotating}
\usepackage[normalem]{ulem}
\usepackage{amsmath}
\usepackage{textcomp}
\usepackage{amssymb}
\usepackage{capt-of}
\usepackage{hyperref}
\usepackage{tabu}
\usepackage{minted}
\usepackage[english]{babel}
\hypersetup{pdfauthor="Vasilij Schneidermann", pdftitle="WTF CTF", colorlinks, linkcolor=, urlcolor=blue}
\setminted{fontsize=\footnotesize,escapeinside=||}
\usetheme{Rochester}
\usecolortheme[RGB={87,83,170}]{structure}
\author{Vasilij Schneidermann}
\date{June 2019}
\title{WTF CTF}
\hypersetup{
 pdfauthor={Vasilij Schneidermann},
 pdftitle={WTF CTF},
 pdfkeywords={},
 pdfsubject={},
 pdfcreator={Emacs 26.2 (Org mode 9.1.9)}, 
 pdflang={English}}
\begin{document}

\maketitle
\begin{frame}{Outline}
\tableofcontents
\end{frame}

\AtBeginSection{\frame{\sectionpage}}

\section{WTF CTF}
\label{sec:orgd8545e5}

\begin{frame}[fragile,label={sec:org2f3f001}]{About}
 \begin{itemize}
\item Vasilij Schneidermann, 26
\item Software developer, bevuta IT GmbH
\item mail@vasilij.de
\item \url{https://github.com/wasamasa}
\item Played a few CTFs and helped organizing one
\item Chanop on \texttt{\#wargames} at OverTheWire IRC network
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org4c5b224}]{What is a CTF?}
\begin{itemize}
\item Hacker contest
\item Task: Capturing flags for points
\item Timeboxed
\item Competitive
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org3610037}]{Why should I care?}
\begin{itemize}
\item It's fun
\item \sout{Mess} compete with the best
\item Great learning opportunity
\item Entry gateway to the infosec world
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org11df11a}]{How do they look like?}
\begin{itemize}
\item Attack and Defense
\begin{itemize}
\item Defend your own boxes, attack other boxes
\item Not as popular, requires admin skills
\end{itemize}
\item Jeopardy
\begin{itemize}
\item Many tasks that can be completed independently
\item Categorized into web/pwn/rev/forensic/stego/crypto/misc/\ldots{}
\item Very popular
\end{itemize}
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org3cafd9b}]{Where/when do they happen?}
\begin{itemize}
\item All over the world
\item Often it's online
\item Sometimes it's local or requires admission
\item \url{https://ctftime.org}
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org235aa9d}]{What stuff do they do at a Jeopardy event?}
\begin{itemize}
\item Web
\item Binary Exploitation
\item Reverse Engineering
\item Forensics
\item Steganography
\item Cryptography
\item Miscellaneous
\end{itemize}
\end{frame}

\begin{frame}[label={sec:orgb1fc01e}]{What do they do during a Jeopardy event?}
\begin{itemize}
\item Register user/team
\item Solve challenges and submit flags
\item Report bugs
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org060633f}]{What do they do after a Jeopardy event?}
\begin{itemize}
\item Figure out how challenge XYZ was supposed to work
\item Celebrate
\item Vote on \url{https://ctftime.org}
\item Publish writeups
\item Look for the next CTF to compete in
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org6341d09}]{How do I learn this stuff?}
\begin{itemize}
\item Learn basics (your OS, programming, \ldots{})
\item Online labs (wargames, \url{http://wechall.net})
\item Set up a lab (\url{https://vulnhub.net})
\item Play an entry-level or highschool CTF
\item Learn from your mistakes
\item Study writeups
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org02d86fd}]{Web}
\begin{itemize}
\item Learn to use your browser effectively
\item Intercepting proxy (Burp)
\item OWASP Top 10
\item OverTheWire: Natas
\item WebGoat
\item Random stuff found on \url{https://vulnhub.net}
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org6ce7dfe}]{Binary Exploitation}
\begin{itemize}
\item Classic Phrack articles
\item\relax [Jon Erickson] Hacking: The Art of Exploitation
\item LiveOverflow YouTube channel
\item \url{https://microcorruption.com}
\item OverTheWire (everything after Bandit/Natas/Krypton/Leviathan)
\item \url{http://io.netgarage.org/}
\item \url{http://smashthestack.org/}
\end{itemize}
\end{frame}

\begin{frame}[fragile,label={sec:orgeaf33a5}]{Reverse Engineering}
 \begin{itemize}
\item Know your OS and toolchain (binutils) well
\item Learn IDA/Ghidra/Hopper/Binary Ninja/radare2
\item\relax [Dennis Yurichev] Reverse Engineering for Beginners
\item \texttt{angr} is pretty cool
\end{itemize}
\end{frame}

\begin{frame}[fragile,label={sec:org12e2756}]{Forensics}
 \begin{itemize}
\item It's either packet analyzer captures or (broken) file systems
\item Learn Wireshark
\item \texttt{binwalk} is OK for carving
\item radare2 was originally developed for this purpose
\end{itemize}
\end{frame}

\begin{frame}[fragile,label={sec:orgd890916}]{Steganography}
 \begin{itemize}
\item Lots of guessing
\item Common tools:
\begin{itemize}
\item \texttt{strings}
\item \texttt{binwalk}
\item \texttt{exiftool}
\item \texttt{steghide}
\item \texttt{zsteg}
\end{itemize}
\end{itemize}
\end{frame}

\begin{frame}[label={sec:orgb536e04}]{Cryptography}
\begin{itemize}
\item \url{https://cryptopals.com}
\item Lots of RSA/ECC/linear algebra
\item Some (sage) math may be required
\item Sometimes they just throw classic ciphers at you\ldots{}
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org12bd294}]{Miscellaneous}
\begin{itemize}
\item Programming challenges (typically involving the network)
\item Knowing trivia about your OS/toolchain
\item Be ready for anything
\end{itemize}
\end{frame}

\begin{frame}[label={sec:org19bc675}]{Demo time}
\begin{itemize}
\item Here's some web challenges I've encountered
\item It's all PHP, sources are provided
\item No remote bruteforce
\item Can you figure one of them out?
\item \url{http://91.121.107.198:10000/}
\end{itemize}
\end{frame}
\end{document}