RESOURCES

Pwn

Pwn is exploitation - finding bugs (vulnerabilities) in code and then developing exploits for them. This can involve logic bugs, stack overflows, integer overflows and much much more. For a pwn challenge, you will generally be given a binary (and sometimes source code), and a port on a remote server where that binary is running, ready to be exploited. Find the bug, write your exploit, connect and get the flag.

Useful tools for pwn include:

Ghidra - for reverse engineering binaries if you're not given source code

gdb - for debugging binaries (looking at variables in the binary while it's running)

pwntools - Python library for developing exploits and connecting to remote server

https://www.youtube.com/playlist?list=PLhixgUqwRTjxglIswKp9mpkfPNfHkzyeN - youtube video series on binary exploitation

Reverse Engineering

Reverse Engineering in a CTF is typically the process of taking a compiled (machine code, bytecode) program and converting it back into a more human readable format. It might be a program which takes an input and compares it to the flag in some way and so you have to reverse the flag comparing process to figure out which input is the correct flag.

Useful tools for reverse engineering are:

Ghidra - for reverse engineering binaries, takes a binary and displays the corresponding assembly code and pseudo C code representation

gdb - for debugging binaries (looking at variables in the binary while it's running)

file - for understanding what type of file you are looking at

strings - often strings can give you a good idea of what the binary is running

Pwntools

http://docs.pwntools.com/en/stable/
install with pip install pwntools --user
Used to connect to services and interact with Python (i.e nc beginners.sigint.mx port)
All you should need for this CTF is in http://docs.pwntools.com/en/stable/intro.html#making-connections

Wireshark

https://www.wireshark.org/
Used to capture / analyze network capture files
Most common file format is a .pcap

Misc

https://gchq.github.io/CyberChef/ - allows for all sorts of data transformation

Crypto

Crypto challenges usually involve a piece of encrypted data that you are given, and clues about how it was encrypted that will enable you to decrypt it for the flag. Sometimes you will be given plaintext, other times perhaps a source file that gives you slightly too much information. Sometimes it might be a cipher that has been implemented properly and was once secure, but that is now antiquated and can be broken by modern brute forcing methods.

Typically all you need to solve Crypto challenges is a bit of scripting know-how, sometimes a little maths, and good attention to detail.

A very useful tool is CyberChef (link above), beyond that the internet is your friend! Search for the kind of problem you've been presented with and do a little research.

Example Crypto Chal

Ciphertext: YzJsbmFXNTBlek40Tkcxd2JETmZabXcwWjMwPQ==
The '=' sign at the end of the ciphertext gives away that it's base64 encoded https://en.wikipedia.org/wiki/Base64
Using Cyberchef we can decode the ciphertext using from base64
to get c2lnaW50ezN4NG1wbDNfZmw0Z30=
This Looks like base64 again! so we can decode it again and we get sigint{3x4mpl3_fl4g} A flag!!

Web

Web challenges are about finding hidden information around websites or exploiting vulnerable code in order to take over or knock down the servers.

Some of the main tools used are:
Burp: https://portswigger.net/burp -- Intercepts every request before sending it and allows you to modify it.
Dirb: https://tools.kali.org/web-applications/dirb -- Looks for hidden files or directories on a website.

Misc

Misc Challenges are about everything else! Esoteric languages? Minutiae of differences between language versions? Something truly random? Misc. is unconstrained and can be very odd.

Some useful tools:

Binwalk stegsolve strings cyberchef -- https://gchq.github.io/CyberChef/