Kali Linux CTF Blueprints电子书

Kali Linux CTF Blueprints

Table of Contents

Kali Linux CTF Blueprints

Credits

About the Author

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Reading guide

A warning

Conventions

Reader feedback

Customer support

Downloading the example code

Errata

Piracy

Questions

1. Microsoft Environments

Creating a vulnerable machine

Securing a machine

Creating a secure network

Basic requirements

Setting up a Linux network

Setting up a Windows network

Hosting vulnerabilities

Scenario 1 – warming Adobe ColdFusion

Setup

Variations

Scenario 2 – making a mess with MSSQL

Setup

Variations

Scenario 3 – trivializing TFTP

Vulnerabilities

Flag placement and design

Testing your flags

Making the flag too easy

Making your finding too hard

Alternate ideas

Post-exploitation and pivoting

Exploitation guides

Scenario 1 – traverse the directories like it ain't no thing

Scenario 2 – your database is bad and you should feel bad

Scenario 3 – TFTP is holier than the Pope

Challenge modes

Summary

2. Linux Environments

Differences between Linux and Microsoft

The setup

Scenario 1 – learn Samba and other dance forms

Setup

Configuration

Testing

Variations

Information disclosure

File upload

Scenario 2 – turning on a LAMP

Setup

The PHP

Variations

Out-of-date versions

Login bypass

SQL injection

Dangerous PHP

PHPMyAdmin

Scenario 3 – destructible distros

Setup

Variations

Scenario 4 – tearing it up with Telnet

Setup

Variations

Default credentials

Buffer overflows

Flag placement and design

Exploitation guides

Scenario 1 – smashing Samba

Scenario 2 – exploiting XAMPP

Scenario 3 – like a privilege

Scenario 4 – tampering with Telnet

Summary

3. Wireless and Mobile

Wireless environment setup

Software

Hardware

Scenario 1 – WEP, that's me done for the day

Code setup

Network setup

Scenario 2 – WPA-2

Setup

Scenario 3 – pick up the phone

Setup

Important things to remember

Exploitation guides

Scenario 1 – rescue the WEP key

Scenario 2 – potentiating partial passwords

Scenario 3.1 – be a geodude with geotagging

Scenario 3.2 – ghost in the machine or man in the middle

Scenario 3.3 – DNS spoof your friends for fun and profit

Summary

4. Social Engineering

Scenario 1 – maxss your haxss

Code setup

Scenario 2 – social engineering: do no evil

Setup

Variations

Scenario 3 – hunting rabbits

Core principles

Potential avenues

Connecting methods

Creating an OSINT target

Scenario 4 – I am a Stegosaurus

Visual steganography

Exploitation guides

Scenario 1 – cookie theft for fun and profit

Scenario 2 – social engineering tips

Scenario 3 – exploitation guide

Scenario 4 – exploitation guide

Summary

5. Cryptographic Projects

Crypto jargon

Scenario 1 – encode-ageddon

Generic encoding types

Random encoding types

Scenario 2 – encode + Python = merry hell

Setup

Substitution cipher variations

Scenario 3 – RC4, my god, what are you doing?

Setup

Implementations

Scenario 4 – Hishashin

Setup

Hashing variations

Scenario 5 – because Heartbleed didn't get enough publicity as it is

Setup

Variations

Exploitation guides

Scenario 1 – decode-alypse now

Scenario 2 – trans subs and other things that look awkward in your history

Automatic methods

Scenario 3 – was that a 1 or a 0 or a 1?

Scenario 4 – hash outside of Colorado

Scenario 5 – bleeding hearts

Summary

6. Red Teaming

Chapter guide

Scoring systems

Setting scenarios

Reporting

Reporting example

Reporting explanation

CTF-style variations

DEFCON game

Physical components

Attack and defense

Jeopardy

Scenario 1 – ladders, why did it have to be ladders?

Network diagram

Brief

Setting up virtual machines

DMZ

missileman

secret1

secret2

secret3

Attack guide

Variations

Dummy devices

Combined OSINT trail

The missile base scenario summary

Scenario 2 – that's no network, it's a space station

Network diagram

Brief

Setting up a basic network

Attack of the clones

Customizing cloned VMs

Workstation1

Workstation2

Workstation3

Workstation4

Workstation5

Attack guide

Variations

The network base scenario summary

Summary

A. Appendix

Further reading

Recommended competitions

Existing vulnerable VMs

Index