2019-10-24, 13:15–16:15, Fischbach
This workshop will introduce the participants to the world of CTF contests as a way to learn real-world security skills. Providing them with the basic knowledge for playing CTF and how to get started with solving hands-on challenges in the domains of Cryptography, Reverse Engineering and Binary Exploitation. The workshop will consist of hands-on sessions for each domain as mentioned above to help participants get familiarised with the tools and libraries for each corresponding domains.
Cryptography is the art of disguising confidential data from eavesdroppers and making it accessible only to the authorized parties. It is built from the Number theory, a branch of pure mathematics devoted primarily to the study of integers.
Reverse Engineering, mainly includes understanding assembly language and reversing obfuscated Linux binaries. The attendees will get to learn about the usage of tools such as GDB and GHIDRA for dynamic analysis and IDA for static analysis.
Binary Exploitation is the art of ripping the binaries apart in order to find vulnerabilities and exploit them to spawn a shell on the server. The session will cover topics ranging from basic buffer overflow to learning overwriting return addresses and defeating ASLR.
Key workshop takeaways:
The participants will be able to walk away with the following takeaways from this class:
Understand how CTFs can help getting started with security
An overview of a jeopardy style CTF and basic tactics and techniques to solve them
How to be fluent with scripting for sending exploits to the challenge server
Practise challenges to help in applying learned concepts and deepen the understanding
Insight into RSA cryptosystem and learn how to implement basic attacks
Reversing and Pwning Labs will help in getting a better understanding of binaries and exploiting them