That was a training for SCIT Symbiosis students at India before their CTF.
Training link: https://www.youtube.com/watch?v=OYYuagj9ZvA
Training Agenda:
Introduction to cybersecurity
Famous data breaches
How to start in cybersecurity
What is a CTF
CTF types
CTF resources
How to gain money out of hacking
CTF demo “Let’s Play CTF together”
1. PLAY,LEARN AND HACK
Presented by
Heba Hamdy Farahat
Information Security Consultant, SecureMisr
IFSEC Global Influencer in Security & Fire 2019- #3 in Young Professionals category-
2. WHOAMI
• Information Security Consultant, SecureMisr
• One of three finalists Women in Cybersecurity Awards “New Comers” , ISW
Conference’19, Vienna
• Top Influencers in Security & Fire” for 2019. Ranked #3 in the Young Professionals /
Ones-to-Watch category
• Recent certifications: OSCP and eWPT
• https://www.linkedin.com/in/heba-hamdy-farahat-5501595b/
3. AGENDA
• Introduction to cybersecurity
• Famous data breaches
• How to start in cybersecurity
• What is a CTF
• CTF types
• CTF resources
• CTF demo “Let’s play CTF together ;)”
7. FACEBOOK ADMITS CYBER ATTACK MAY
HAVE EXPOSED INFO FROM 50 MILLION
ACCOUNTS
A vulnerability in Facebook’s code that impacted “View As”.
This allowed attackers to steal Facebook access tokens which they could then use to take over
people’s accounts![*]
[*] Reference:
https://newsroom.fb.com/news/2018/09/security-update/
8. TWITTER CEO AND CO-FOUNDER JACK DORSEY
HAS ACCOUNT HACKED[*]
[*]Reference: https://www.wired.com/story/jack-dorsey-twitter-hacked/
10. THE MIRAI BOTNET (AKA DYN ATTACK)
The largest DDoS attack ever was launched on service provider Dyn
Reference: https://www.youtube.com/watch?v=UMTTaMPJ8fc
11.
12. HUMAN HEART CAN BE HACKED
What hackers can do?
Gain access
Disable some functions
Or even Stop device!
Reference: https://www.newsmax.com/Health/health-news/heart-pacemaker-device-hack/2018/03/15/id/848918/
13. Have you been hacked also?
WHAT ABOUT YOU?
https://haveibeenpwned.com/
15. CYBERSECURITY FUNDAMENTALS
Programming:
• JavaScript, HTML, PHP, C,Python,..etc
Network Fundamentals:
• CCNA routing & switching
Database Fundamentals
Operating Systems Fundamentals
Linux and Windows Administration
16. CORE COURSES
Security Fundamentals
CEH course ( No need to get certificated),Security+
Network Security Fundamentals
• CCNA Security/CCNP Security
VPN- Firewall –Network security concepts –IPS –IDS ..etc
Information Security
Offensive security which covers all penetration testing aspects (network, web, IOT,
etc...)
Malware Analysis and Reverse Engineering
Incident handling and Digital forensics
17. WEB APPLICATION PENETRATION
TESTING
• How does web work? Protocols used?
• Learn about web attacks
• Practice on web attacks and make sure you understand them well
• Useful Resources:
• OWASP TOP 10
• https://www.cybrary.it/course/web-application-pen-testing/
• https://www.hacker101.com/videos
18. WEB APPLICATION PENETRATION
TESTING
• Resources to practice from:
• Vulnerable machines deduced for web attacks such as:
web for pentester machine
https://www.vulnhub.com/entry/pentester-lab-web-for-pentester,71/
• DVWA (DAMN Vulnerable Web Application)
• CTFs websites: will be mentioned in details later
20. DIGITAL FORENSICS AND INCIDENT
RESPONSE
• Reference : SANS 500 & 504 & 508
• Note: digital forensics in real world is quite different than CTFs
21. REVERSE ENGINEERING
• Prerequisites before starting to study reverse:
Basic programming knowledge ( Preferably C++ ) - Basic understanding of Data
structures ( Stack )
• Malware unicorn – Reverse Engineer at Facebook:
https://malwareunicorn.org/workshops/re101.html#1
https://malwareunicorn.org/workshops/re102.html#0
• References: Practical Malware Analysis (Great start)
• CTF:
• http://reversing.kr/
• http://flare-on.com/
22. WHAT IS A CTF?
• CTF (Capture The Flag)
• A kind of information security competition that challenges contestants to solve a
variety of tasks with different difficulty level( easy hard)
23. CTFS(CAPTURE THE FLAG)
• “Knowing is not enough; we must apply. Willing is not enough; we must do.” -
Johann Wolfgang von Goethe
25. JEOPARDY STYLE CTFS
Jeopardy style CTFs challenges are typically divided into categories:
• Cryptography - Typically involves decrypting or encrypting a piece of data
• Forensic: This consists of investigating and analyzing some type of data, such as network
captures (.pcap), core dumps or hard drives.
• Steganography - Tasked with finding information hidden in files or images
References:
https://dev.to/atan/what-is-ctf-and-how-to-get-started-3f04
https://www.sothis.tech/en/ctf-learn-hacking-by-playing/
26. JEOPARDY STYLE CTFS
• Web - This type of challenge is focused on finding and exploiting vulnerabilities in the web
application such as: SQL Injection, Cross-Site Scripting (XSS), brute force, CRLF, CSRF….
• Pwn - Exploiting a server to find the flag
• Reverse Engineering- An executable binary file (BIN, EXE, ELF, APK…) is usually analyzed.
Participants must find the flag or key by decompiling the file.Web - Exploiting web pages to
find the flag
References:
https://dev.to/atan/what-is-ctf-and-how-to-get-started-3f04
https://www.sothis.tech/en/ctf-learn-hacking-by-playing/
27. ATTACK/DEFENSE STYLE CTFS
• It focus on either attacking an opponent's servers or defending one's own.
References:
https://dev.to/atan/what-is-ctf-and-how-to-get-started-3f04
https://www.sothis.tech/en/ctf-learn-hacking-by-playing/
30. • https://ctftime.org/ - Announces upcoming CTFs worldwide
• https://ctftime.org/writeups - CTFs’ writeup
• There are many CTFs however that are online 24/7 that can be used as practice and
learning tools. Here are some of them:
• https://overthewire.org/wargames/bandit/ - To get familiar with linux commands
• https://2019game.picoctf.com/problems- Yearly time-limited CTF now available to use
as practice – My favorite one-
References:
https://dev.to/atan/what-is-ctf-and-how-to-get-started-3f04
https://www.sothis.tech/en/ctf-learn-hacking-by-playing/
CTF RESOURCES& LINKS
31. CTF RESOURCES& LINKS
• Root me https://www.root-me.org/?lang=en -Site with many different types of
challenges, classified by levels.
• NACTF https://www.nactf.com/
• https://ctflearn.com - A collection of various user-submitted challenges aimed
towards newcomers
• https://github.com/apsdehal/awesome-ctf - Comprehensive list of tools and more
References:
https://dev.to/atan/what-is-ctf-and-how-to-get-started-3f04
https://www.sothis.tech/en/ctf-learn-hacking-by-playing/
32. CTF RESOURCES& LINKS
- These aren’t really in a CTF style like the other ones. They are vulnerable machines
with multiple vulnerabilities some of these vulnerabilities are related to web or any
other vulnerable running service. This will combine knowledge gained in web along
with skills required to do network penetration testing.
• Hack The Box: One of the most famous and fashionable hacking laboratories in the
world, they have machines with all kinds of operating systems and challenges with
different themes.
• VulnHub: Vulnerable virtual machines (.OVA) to download and mount on your own
computer.
References:
https://dev.to/atan/what-is-ctf-and-how-to-get-started-3f04
https://www.sothis.tech/en/ctf-learn-hacking-by-playing/
33. THE MOST IMPORTANT RESOURCE
Hacking is about learning something on the fly and CTFs give you this skill
39. THE NUMBERS SOLUTION
• We see that there are exactly 7 letters before {, so each number represents one
letter ( ‘P’ -> 16, ‘I’ -> 9, ‘C’ -> 3, etc.).
Aha, rule is easy!
the letter ‘P’ is on the 16th position in the alphabet, the letter ‘I’ on the 9th, and so on.
41. THE NUMBERS SOLUTION
16 9 3 15 3 20 6 { 20 8 5 14 21 13 2 5 18 19 13 1 19 15 14}
P I C O C T F {T H E N U M B E R S M A S O N}
PICOCTF{THENUMBERSMASON}
42. WEB CHALLENGES
• First of all, what is burp suite?
https://2019shell1.picoctf.com/problem/9509/
43. WEB CHALLENGES
How to configure burp proxy?
https://2019shell1.picoctf.com/problem/9509/
48. GOOD LUCK IN YOUR CTF
• Feel free to contact me through LinkedIn
https://www.linkedin.com/in/heba-hamdy-farahat-5501595b
Notes de l'éditeur
“Data breaches occur through weak credentials, poor password policies, lack of multi-factor authentication, unnecessary exposure of systems and services to the internet or unpatched vulnerabilities,” said Alex Hinchliffe, threat intelligence analyst at Unit 42 - a threat research team at American cybersecurity firm Palo Alto Networks.
Why does data breaches occur?
https://newsroom.fb.com/news/2018/09/security-update/
https://9to5mac.com/2018/09/28/facebook-admits-cyber-attack-may-have-exposed-info-from-50-million-accounts-to-hackers/
Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.
Back in October of 2016, the largest DDoS attack ever was launched on service provider Dyn using an IoT botnet.
This lead to huge portions of the internet going down, including Twitter, the Guardian, Netflix, Reddit, and CNN.
This IoT botnet was made possible by malware called Mirai. Once infected with Mirai, computers continually search the internet for vulnerable IoT devices and then use known default usernames and passwords to log in, infecting them with malware. The infected household infected devices like: printers, baby monitors, cameras and smart refrigerators, digital cameras and DVR players...etc [mainly smart devices]
================================================================================================
It targets the smart devices within your home network. Mirai has been used in some of the cyber attacks ever recorded. In October 2016,attackers managed to infect thousands and thousands of household connected devices like printers, baby monitors, cameras and smart refrigerators just as those u may have around in ur home. They took control of smart devices and used them to flood the server’s of an important internet infrastructure company with malicious traffic appearing to come from millions of internet locations. Many major websites became unavailable to users in Europe and North America “DDoS attack” flooded with tons of lookup requests for web addresses servers can’t cope with all these traffic so they stopped working and the websites they supposed to sent traffic to become unavailable.
Mirai’s job is to create a botnet where a group of computers( in this cases smart devices) once infected act like a zombie army, owners remain unware that their smart devices that been tuning to zombies that receive instructions to launch malicious attacks that’s why it is so important to protect your smart devices https://www.youtube.com/watch?v=UMTTaMPJ8fc
Massive Ddos attack – many companies went Offline
Heart Devices Vulnerable to Hacking: Here's How to Protect Yourself | Newsmax.com Someone wants to physically harm the patient can gain remote access to the person’s implanted device by using a computer with an Internet connection. The hacker could disrupt the functioning of the device or deactivate certain features. These hacks aren’t just limited to pacemakers, but could also include cardiverter defibrillators.
As many as 465,000 pacemakers made by Abbott (formerly St. Jude Medical) may be vulnerable to hacking, according to the U.S. Food and Drug Administration.
pacemakers,
https://www.newsmax.com/Health/health-news/heart-pacemaker-device-hack/2018/03/15/id/848918/
PicoCTF:
https://2019game.picoctf.com/problems
– Bandit – OverTheWire: Great for starting out in the hacking world and getting familiar with Linux commands.