Capture the flag hacking exercise

We want more, more, more! This course picks up where v1 left off using all new capture the flag exercises, all new step-by-step video tutorials and hands on labs. Over the span of the course, you will learn the different attack vectors used to exploit a target. This is not a course for beginners, bug hunters or wanna-be script kiddies. Anyone enrolling should have a good command of the Linux terminal and be able to follow written step-by-step instructions.

Some popular areas of focus are:. What I would recommend you use at your first CTF, in order of easiest to most difficult, would be one of the following:.

We can look more closely at this event to give you a better idea of what capture the flag is all about. Please note that the winner won with 6,, points while the next closest player had 5,, points. Here is a list of the different tasks that were available in this CTF event:. As you can see, there are different types of tasks and some of them overlap in terms of the skills required to solve them.

This section can make for some very interesting reading and can also help you along if you are trying the challenge for yourself and need a nudge down the right path.

ZIP file provided that provides a hint. Rather than go over the entire write up here, feel free to browse through the URL and the step-by-step solution. In the real world, ideally, accomplishing a task like this would give you unfettered access to the target machine.

Here are the details about goodluck:. To solve this, we need to figure out how to utilize a string format vulnerability to give us a flag. There are a lot resources across the web that you can utilize to determine how to how to play a CTF or how to host a CTF. Query Google and YouTube for details on various upcoming events that you can get involved with. This URL gives you access to a wide range of tools all involving vulnerable applications, web applications, operating systems, etc.

These resources are a great place to start. You can contact me on Twitter CerebralMisjif. I hope you have found this article to be useful, and educational. Benchmark your cybersecurity maturity. We use cookies to provide you with a great user experience.

December 23, Eric Brown.