April 2017 - How to Prepare for a CTF - Part 1


Forming a team: How to create and manage a CTF team? The main roles (team lead, crypto, Web, reverse engineering, lost causes) will be presented with a brief description and the qualities required for each role.

Why participate in CTFs? Why do CTFs? What are the various types that can be encountered (jeopardy, attack/defense, others), what are the recurring problems and a plethora of interesting anecdotes based on our experience playing CTF (which are also funny… well, we think so anyway).

Mr. Un1k0d3r’s tips: Charles Frédéric (a.k.a. Mr Un1k0d3r) runs the site RingZer0 Team CTF, one of the biggest site to practice online CTF-style puzzles. Come learn from one of the best on how to approach a Web, a binary and a crypto challenge with real-life tips.

The "Strudel Maker" Challenge: We will complete this journey with a deep dive into one of NorthSec 2016’s complex challenges. The Markus Madison Bakery (an Ashley Madison parody) asked teams to perform code review on cryptographic code protecting the integrity of the "Strudel Maker" device. This challenge combines WebApp Security and an MD5 collision attack similar to the recently performed SHA-ttered attack. We will walk through the challenge and its solution.

April 2017 - How to Prepare for a CTF - Part 1 April 2017 - How to Prepare for a CTF - Part 1 Reviewed by Unknown on January 17, 2018 Rating: 5