A couple of weeks after completing OSCP I competed in a capture the flag (CTF) competition. The CTF were called v1p3rth0n and were setup by the people at Red Team Labs, big thanks it was a lot of fun and sure intend to attend more CTF’s now.
Anyhow, truth be told I was pretty nervous (my first CTF ever) since I really did not have any idea on what to expect from such an event. However I decided to stack up on some energy drinks and some food that were easy to make. Preparation is key after all!
H4v0k asked me if I wanted to create a team with him and c0ldg0ld, I accepted and Team 0xBADF00D was born.
Here’s the outline of what the CTF challenges included.
It is quite a lot of topics so I figured I’d have to have, at the very least, one Linux installation as well as a Windows VM. I decided the Linux choice were simple, ArchAssault, and then using VirtualBox to virtualize Windows XP (yea I know).
Since I do not know if the creators of the CTF intend to re-use any of the challenges I will not write much about it. However I can at least list a few tools I did find very useful while working through the various challenges. Some of the tools are a real nobrainer but I try to keep the tool usage down if possible.
– ArchAssault –
- dirbuster
- wpscan
- msfpayload from the Metasploit Framework
- netcat :)
– Windows RE VM –
- Immunity Debugger with mona.py
- ILSpy
- PEiD
- hexeditor
Here’s the scoreboard.
Pictures from Red Team Labs.
Leave a Reply