2023 Jiangxi Province Ganzhou Skills Competition Network Security Competition Test Questions Task Book
-
- A module infrastructure setting/security hardening (200 points)
- Module B Security Incident Response/Network Security Data Forensics/Application Security (400 points)
- Module C CTF Capture the Flag-Attack (200 points for this module)
- Module D CTF Capture the Flag - Defense (200 points for this module)
- If you have any questions, if you need an environment, you can check the homepage in the lower left corner to contact the blogger.
A module infrastructure setting/security hardening (200 points)
A-1 task 1 login security hardening:
1. Password policy:
a1. The password policy must satisfy both uppercase and lowercase letters, numbers, and special characters
2. Login policy:
a. Set the account lockout threshold to 6 incorrectly locked accounts, the lockout time to 1 minute, and reset the account lockout counter to 1 minute later b. Only
5 failed logins are allowed within one minute. lock for 1 minute
3. User security management:
a. Prohibit sending unencrypted passwords to third-party SMB servers
b. Disable guest accounts, prohibiting guest users from accessing computers or accessing domain built-in accounts
A-2 task two local security policy settings:
4. Clear the virtual memory page file when shutting down the system
5. Prohibit the system from shutting down without logging in
6. Disable floppy disk copy and access to all drives and all folders
7. Prohibit displaying the last logged-in user name
A-3 Mission Three Traffic Integrity Protection:
8. Create the website www.chinaskills.com, and create a homepage named chinaskills.html in the C:\web folder. The homepage displays the content "Warmly celebrate the successful opening of the 2023 Vocational Education Week National Launch Ceremony". At the same time, only Use SSL and only use the domain name (the domain name is www.test.com) to access
9. In order to prevent passwords from being stolen during login or transmission information, only use certificates to log in to SSH
A-4 task four event monitoring:
10. The application log file will be archived when the maximum size reaches 60M, and the event will not be overwritten
A-5 mission five service reinforcement:
11. SSH service reinforcement:
a. SSH prohibits remote login of the root user:
b. Set up scheduled tasks for the root user. The SSH service is automatically opened at 7:50 every morning and closed at 22:50; the SSH service is restarted every Saturday at 7:30
c. Modify the SSH service port to 2228
12. VSFTPD service hardening:
a. Set the timeout period of the data connection to 60 seconds
b. Set the maximum transmission rate for local user access of the site to 2M
13. IIS reinforcement:
a. Prevent file enumeration vulnerabilities from enumerating network server root directory files, and prohibit IIS short file name disclosure
b. Turn off the WebDAV function of IIS to enhance the security of the website
Module B Security Incident Response/Network Security Data Forensics/Application Security (400 points)
Task 1: Operating system penetration testing:
1. Use Kali, the penetration testing platform in the local PC, to perform system service and version scanning penetration testing on the server scenario, and submit the service version information string corresponding to the samba service in the operation display result as the Flag value, and the Flag format is flag{xxx} ;
2. Conduct a penetration test on the server scenario through the penetration testing platform Kali in the local PC, and submit the DNS information in the network connection information of the scenario as a Flag value (for example: 8.8.8.8), and the Flag format is flag{xxx}; 3
. Penetration test the server scenario through the penetration testing platform Kali in the local PC, and submit the password of the current highest account administrator in the scenario as the Flag value, and the Flag format is flag{xxx}; 4. Through the penetration testing platform Kali in the local
PC To conduct a penetration test on the server scenario, submit the file name of the file in the 111 folder on the desktop of the scenario as the Flag value, and the Flag format is flag{xxx}; 5. Conduct a penetration test on the server scenario through the penetration testing platform Kali in the local PC
, Submit the document content of the file in the folder on the desktop of the scenario as a Flag value, and the flag format is flag{xxx};
6. Perform a penetration test on the server scenario through the penetration testing platform Kali in the local PC, and put the file in the folder on the desktop of the scenario The content in the only picture is submitted as the Flag value, and the Flag format is flag{xxx};
Task two digital forensic analysis:
1. Find out the packet number of the malicious user’s initial access to the HTTP service by analyzing the data packet, and submit this value as the Flag value, the Flag format is flag{xxx}; 2.
Continue to check the data packet file to analyze which ports the malicious user scanned, Use all port numbers in a certain order as the Flag value, prompt: pay attention to the size of the port number (form: flag {port 1, port 2, port 3..., port n} to submit; 3. Continue to check the packet file to analyze the
malicious What is the password used by the user to log in to the background, submit the background password as the Flag value, and the Flag format is flag{xxx}; 4.
Continue to check the data package file to analyze what the password is written by the malicious user into the Trojan horse, and submit the password as the Flag value , the Flag format is flag{xxx};
5. Continue to check the data package file to analyze the file downloaded by the malicious user, and submit the content of the file as the Flag value, and the Flag format is flag{xxx}.
Task 3: Cross-site scripting file penetration:
1. Access the server website directory 1, and submit the obtained pop-up frame information as a flag according to the completion conditions of the page information, and the flag format is flag{xxx}
; Frame information is submitted as a flag, and the flag format is flag{xxx};
3. Visit the server website directory 3, and submit the obtained pop-up frame information as a flag according to the completion conditions of the page information, and the flag format is flag{xxx}; 4. Access the
server
Website directory 4, according to the completion conditions of the page information, submit the obtained bullet frame information as a flag, and the flag format is flag{xxx}; Submit, the Flag format is flag{xxx};
6. Visit the server website directory 6, according to the completion conditions of the page information, submit the obtained bullet box information as a flag, and the Flag format is flag{xxx};
Task 4 system privilege escalation:
1. Use an infiltration machine to collect server information, and submit the service port number displayed on the server as a flag, and the flag format is flag{xxx}; 2. Use an
infiltration machine to collect server information, and submit the host name in the server as a flag , the Flag format is flag{xxx};
3. Use the infiltration machine to collect server information, and submit the system kernel version in the server as a flag, and the Flag format is flag{xxx};
4. Use the infiltration machine to elevate the server administrator’s privileges, And submit the text content under the main directory of the server as a flag, and the flag format is flag{xxx};
5. Use the infiltration machine to elevate the server administrator's privileges, and submit the password of the administrator in the server as a flag, and the flag format is flag {xxx};
6. Use an infiltration machine to elevate the server administrator's rights, and submit the picture content in the main directory of the server as a flag, and the flag format is flag{xxx}.
Module C CTF Capture the Flag-Attack (200 points for this module)
1. Project and task description:
Assume that you are a network security penetration test engineer of an enterprise, responsible for the security protection of some servers of the enterprise, in order to better find various problems and loopholes that may exist in the enterprise network. You try to use various attack methods to attack specific target drones, so as to understand the latest attack methods and technologies, and understand the mentality of network hackers, so as to improve your defense strategy.
Please log in to the answering platform using the Google browser on the client side according to the information provided in the "Competition Parameter Table".
2. Description of operating system environment:
client operating system: Windows 10/Windows7 target machine server operating system: Linux/Windows
3. Vulnerability description:
1. The vulnerability in the server may be a conventional vulnerability or a system vulnerability;
2. The website on the target machine server may have a command injection vulnerability. Players are required to find the relevant vulnerability of command injection and use this vulnerability to obtain Certain permissions;
3. There may be a file upload vulnerability on the website on the target machine server. Players are required to find the relevant loopholes in file uploading and use this vulnerability to obtain certain permissions; 4. There may
be file inclusion vulnerabilities on the website on the target machine server. Players are required to find The relevant vulnerabilities contained in the file are combined with other vulnerabilities to obtain certain permissions and elevate privileges;
5. The services provided by the operating system may contain remote code execution vulnerabilities, requiring users to find remote code execution services and use this vulnerability to obtain System permissions;
6. The services provided by the operating system may contain buffer overflow vulnerabilities, requiring users to find services with buffer overflow vulnerabilities, and use this vulnerability to obtain system permissions; 7. There
may be some system backdoors in the operating system, which players can find Backdoor, and use the reserved backdoor to directly obtain system permissions.
4. Precautions:
1. Do not attack the referee server. If you continue to attack after a warning, the team will be ordered to leave the field;
2. The flag value is the unique identifier of each target server, and each target server only There is 1;
3. After hacking into the target machine, players are not allowed to close the port, change the password, restart or shut down the target machine, delete or modify the flag, create unnecessary files, etc.; 4. After logging in to the automatic scoring
system , submit the flag value of the target machine server, and also need to specify the IP address of the target machine server
; The team will add points on top of the basic points. The total points of each team in this stage will be included in the stage score. The specific rules for adding points refer to the field scoring standards; 6. There will be no extra time in this
session.
Module D CTF Capture the Flag - Defense (200 points for this module)
1. Project and task description:
Assume that each contestant is a network security engineer of a security company, responsible for the penetration testing and security protection of several servers. These servers may have various problems and loopholes. You need to penetration test and secure these servers as soon as possible. Each participating team has its own bastion host server, which cannot be accessed by other teams. Contestants detect the security flaws in their bastion servers through scanning, penetration testing and other means, and carry out targeted reinforcement to improve the security defense performance of the system.
Please log in to the answering platform using the Google browser on the client side according to the information provided in the "Competition Parameter Table".
2. Operating system environment description:
client operating system: Windows 10/Windows7 bastion server operating system: Linux/Windows
3. Vulnerability description:
1. The vulnerability in the bastion server may be a conventional vulnerability or a system vulnerability;
2. The website on the bastion server may have a command injection vulnerability. Players are required to find the relevant vulnerability of command injection and use this vulnerability to obtain Certain permissions;
3. The website on the fortress server may have a file upload vulnerability. Players are required to find the file upload related vulnerability and use this vulnerability to obtain certain permissions; 4. The
website on the fortress server may have a file inclusion vulnerability. Players are required to find the file inclusion vulnerability. 5. The
service provided by the operating system may contain a remote code execution vulnerability, requiring the user to find the remote code execution service and use this vulnerability to obtain system privileges ;
6. The services provided by the operating system may contain buffer overflow vulnerabilities, requiring users to find the services with buffer overflow vulnerabilities, and use this vulnerability to obtain system privileges;
7. There may be some system backdoors in the operating system, and contestants can find the backdoors , and use the reserved back door to directly obtain system permissions.
4. Precautions:
1. Each player needs to take screenshots of the reinforcement points and the reinforcement process, and make a system defense implementation report by himself. The final score is based on the implementation report; 2.
When the system is reinforced, it is necessary to ensure the availability of the services provided by the fortress server;
3. The referee server cannot be attacked. If the attack continues after one warning, the team will be ordered to leave the field;
4. There will be no extra time in this session. 2. Instructions:
1. All screenshots require a screenshot interface and clear fonts;
2. File name and save: network security module D-XX (XX is the station number), save in PDF format;
3. Save the file to a U disk for submission.