1 / 49

root@labla/# whoami

root@labla/# whoami. Nahidul Kibria Co-Leader, OWASP Bangladesh, Senior Software Engineer, KAZ Software Ltd.   Writing code for fun and food. And security enthusiastic Twitter:@nahidupa. What is the event all about?. Computer security? Information security ? Cyber Security?

mindy
Download Presentation

root@labla/# whoami

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. root@labla/# whoami

  2. Nahidul Kibria Co-Leader, OWASP Bangladesh,Senior Software Engineer, KAZ Software Ltd.   Writing code for fun and food. And security enthusiastic Twitter:@nahidupa

  3. What is the event all about? • Computer security? • Information security? • Cyber Security? • Is it a game? • Are we going to learn hacking?

  4. Capture The Flag(CTF) • In computer security, Capture the Flag (CTF) is a computer security wargame. Each team is given a machine (or small network) to defend on an isolated network.--wikipedia

  5. Its not just a competition… more than it… • HOW?

  6. The domain is giant

  7. If you want to be a Penetration Tester A penetration test, occasionally pentest, is a method of evaluating the security of a computer system or network by simulating an attack from malicious outsiders with authorize by the owner of that system.

  8. Prerequisites • 1. Good understanding network architecture. • 2. How modern operating system work and system administration. • 3. Application/Database/Service how they designed and work.

  9. Penetration testing • Penetration testing methodology • Information Gathering/Reconnaissance • Scanning/Enumeration • Vulnerability Identification • Exploitation • Report

  10. Tools and tactics • Do not reinvent the wheel…Use existing tools • But do not just depends on Tools/Scripts…In some case you have to write your own

  11. Books

  12. If you want to be a Malware Analyst

  13. Kick start • Basic Static Analysis • Basic Dynamic Analysis

  14. Lab Setup

  15. Collect sample • Hashing: A Fingerprint for Malware • Look like--373e7a863a1a345c60edb9e20ec3231 • http://www.kernelmode.info/forum/viewtopic.php?f=16&t=308

  16. Procmon.exe Sysinternalstools Procexp.exe Tcpview.exe

  17. Reverse engineering • ollydbg • Immunity debugger • Ida Pro

  18. Books

  19. If you want to be a Vulnerability Researcher

  20. Common techniques • Fuzzing • Code review • Disassemblers • Debuggers

  21. Books

  22. If you want to be a Exploit Developer

  23. Prerequisites • Programming • Assembly • Memory management • Windows/*nix internal • Kernel

  24. Books

  25. If you want to be a Forensic Analyst

  26. Books

  27. Coolest Jobs in Information Security #1 Information Security Crime Investigator/Forensics Expert #2 System, Network, and/or Web Penetration Tester #3 Forensic Analyst #4 Incident Responder #5 Security Architect #6 Malware Analyst #7 Network Security Engineer #8 Security Analyst #9 Computer Crime Investigator #10 CISO/ISO or Director of Security #11 Application Penetration Tester #12 Security Operations Center Analyst #13 Prosecutor Specializing in Information Security Crime #14 Technical Director and Deputy CISO #15 Intrusion Analyst #16 Vulnerability Researcher/ Exploit Developer #17 Security Auditor #18 Security-savvy Software Developer #19 Security Maven in an Application Developer Organization #20 Disaster Recovery/Business Continuity Analyst/Manager

  28. But you have only one life

  29. Just become a learning machine

  30. Here comes communityCollaborative learning

  31. About OWASP • OWASP’s mission is “to make application security visible, so that people and organizations can make informed decisions about true application” Attacker not use black art to exploit your application

  32. OWASP Bangladesh Bangladeshi community of Security professional Globally recognized Open for all Free for all What do we have to offer? Monthly Meetings Mailing List Presentations & Groups Open Forums for Discussion Vendor Neutral Environments

  33. 220 Chapters

  34. Our Successes • OWASP Tools and Documentation: • ~15,000 downloads (per month) • ~30,000 unique visitors (per month) • ~2 million website hits (per month) • OWASP Chapters are blossoming worldwide • 1500+ OWASP Members in active chapters worldwide • 20,000+ participants • OWASP AppSecConferences: • Chicago, New York, London, Washington D.C, Brazil, China, Germany, more… • Distributed content portal • 100+ authors for tools, projects, and chapters • OWASP and its materials are used, recommended and referenced by many government, standards and industry organizations.

  35. Conferences

  36. Download Get OWASP Books

  37. Ok enough ! Can you please tell me what I need to do today?

  38. We do not have any preparation

  39. Questions. • A question from cryptography.  (300 points) • A question from malware analysis. (not that much hardcore as it sound) (150 points)  • A forensic analysis ( The easiest question of the contest) (50 points)

  40. Final Questions. • 1. A server named GetRoot_v00t  will be given. (500 points)2. Another server named GetRoot_Drag0n will be given. (1000 points) • Both server is taken down from live, because it is suspected as compromised by attacker and the attacker changed its root password. So your job is to recover the root access of those server as well as create a report of what venerability those server has to the judges.

  41. Rules • You must run the given Virtual machine only in NATed mode. • Take Screenshots in each success steps include them to a document. • You can ask judge for clue to solve a problem with sacrificing some point(s). It's will be totally depending on judge how much point he will deduct for the clue before he give the clue he will tell you how much point will be deducted. This rule because this type contest is new will not be available in future. •  You are suppose to work with given machine(vmware), Any type of activity that might be destructive for lab setup or host machine or any type of  destructive activity using lab internet is strictly forbidden. If any team do such activity, the team  cannot continue the contest anymore also IUT will take legal action about such activity. • You should stay around your work station until it not require to move.

  42. We select the winner according the following criteria (We will do partial marking.) • 1.How many points the participants has (scoring). • 2.How complete the solutions are (quality). • 3. Creativity, Geek Factor.

  43. Not End! Open question hands on

More Related