ctf Preliminaries:
Video: https://www.bilibili.com/video/av62214776?from=search&seid=1436604431801225989
CTF game: "Capture the Flag Contest"
Competitions:
Mining vulnerabilities, exploits into the other computer, get key documents:
/home/www/flag
/home/www/flag
....
content:
ctf online game:
web binary Miscellaneous
ctf Line game:
mining and the use of web vulnerabilities - - - - -
pwn vulnerability and exploit - - - - -
Offensive and defensive style
Knowledge base:
Exploit:
Binary code - - - Trojans shellcode powershell
python pwntools
web mechanism php js html
web vulnerability mining capabilities:
Code audit
Debugging environment
pwn Vulnerability Mining:
Reverse analysis
Linux system knowledge
Scripting exploits
Remote trigger vulnerability
Server security operation and maintenance personnel
shell
python
operation and maintenance of linux knowledge
Traffic analysis capabilities
Protocol Analysis
("cheat")
CTF game Artifact:
Kali System:
nmap - - - - - port scanning - - - - - - - - For example: nmap [ip / segment])
139 443 445 514 912 .....
searchsploit - - - - - - - Vulnerability query - - - - - - - - (for example: searchsploit [service / common port or has produced a vulnerability])
- - - - - - - (example: 445 port: searchsploit smb) - - - - - - Display and exploit possible exploits - - - - - - - - - exploit Dictionary
metasploit exploit framework - - - - - - - (start mode: msfconsole) - - - - - - (for example: use exploit / windows / smb / ms17_010_eternalblue (show view))
sqlmap - - - - - - - - - sql injection batch scanning
hydra - - - - - - - - ssh brute force
burpsuite - - - - - - - - - sql injection batch scanning
Vulnerability:
pwn environment installation: pwntools
Reverse: ida pro - - - - - - -kpathch plug (patch plug-in)
gdb and plug-ins - - - - - - gef, gdb-peda, gdbdg, gdbsever
notepad++
ue
winhex
Traffic Analysis:
wireshark
pcap python lib
// The following video file to the teacher issue, has not identified relevant documents:
Secret Weapon
O & M:
File monitoring arms
Permissions retrieve weapons
Trojan killing weapon
Attack personnel:
Batch framework attack
Trojan: tly (Troy)
kitchen knife