Perl is for pwn

Perl is for pwn

Introduction talk on the CTF (Capture The Flag) challenge ‒ information security contest, which gained much popularity in last couple of years. I'll show that Perl can be used to the great extend both in participating and organizing such event.

Bd49192ad3601ffc5dfe0c530e7dec1e?s=128

sromanov

May 13, 2012
Tweet

Transcript

  1. 1.

    CTF Participant side Organizer side Perl is for pwn! Sergey

    Romanov YAPC::Russia 2012 Sergey Romanov Perl is for pwn!
  2. 2.

    CTF Participant side Organizer side Hello Sergey Romanov (sromanov on

    irc.perl.org) Do Perl for fun (also, for living) PeterPEN CTF team (SPbSU) Like alpacas Sergey Romanov Perl is for pwn!
  3. 3.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? What is CTF anyway? Capture the Flag (CTF) is a computer security wargame Sergey Romanov Perl is for pwn!
  4. 4.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? What is CTF anyway? Capture the Flag (CTF) is a computer security wargame CTF was popularized by DEFCON conference How many of you heard of DEFCON? Sergey Romanov Perl is for pwn!
  5. 5.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? What is CTF anyway? Capture the Flag (CTF) is a computer security wargame CTF was popularized by DEFCON conference How many of you heard of DEFCON? Two basic types of competition Sergey Romanov Perl is for pwn!
  6. 6.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? Type 1: Find the key Teams should solve tasks get points Different categories: web, reverse, packets, admin, ctb (crack-the-box), crypto, stegano etc It is common to do a qualification round as task-based CTF Sergey Romanov Perl is for pwn!
  7. 7.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? Type 2: Steal the flag Vulnerable box – vurtual machine with pre-installed services Service – (vulnerable) application, accessible via network Flag – unique string (eg, ”[a-z0-9]{32}=”) Sergey Romanov Perl is for pwn!
  8. 8.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? Network Sergey Romanov Perl is for pwn!
  9. 9.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? How about Perl? Perl can be used during CTF game heavily Sergey Romanov Perl is for pwn!
  10. 10.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? How about Perl? Perl can be used during CTF game heavily Just like any other modern, popular and convenient tool :) Sergey Romanov Perl is for pwn!
  11. 11.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? How about Perl? Perl can be used during CTF game heavily Just like any other modern, popular and convenient tool :) But we’ll concentrate on Perl for now Sergey Romanov Perl is for pwn!
  12. 12.

    CTF Participant side Organizer side What’s it all about Task-based

    CTF ”Classic” CTF Where is Perl? Where is Perl actually? Case 1: you’re a participant Case 2: you’re an organizer Sergey Romanov Perl is for pwn!
  13. 13.

    CTF Participant side Organizer side Tools Flag poster CPAN &

    beyond helper scripts: text parsing, glue language etc Sergey Romanov Perl is for pwn!
  14. 14.

    CTF Participant side Organizer side Tools Flag poster CPAN &

    beyond helper scripts: text parsing, glue language etc /usr/bin/lwp-* /usr/bin/md5pass Sergey Romanov Perl is for pwn!
  15. 15.

    CTF Participant side Organizer side Tools Flag poster CPAN &

    beyond helper scripts: text parsing, glue language etc /usr/bin/lwp-* /usr/bin/md5pass find out yours, eg: grep ’/usr/bin/perl’ /usr/bin/* Sergey Romanov Perl is for pwn!
  16. 16.

    CTF Participant side Organizer side Tools Flag poster Gort, Klaatu

    barada nikto Nikto2 Sergey Romanov Perl is for pwn!
  17. 17.

    CTF Participant side Organizer side Tools Flag poster Nikto2 Web

    server scanner Tests over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1200 servers and version specific problems on over 270 servers Based on libwhisker2 by rain forest puppy (rfp) Sergey Romanov Perl is for pwn!
  18. 18.

    CTF Participant side Organizer side Tools Flag poster Exploitfarm Written

    at Hackerdom (USU, Ekaterinburg) Accepts an exploit (eg, Perl script) and IP range of enemy teams Automates process of collecting flags and submitting them to jury check system Sergey Romanov Perl is for pwn!
  19. 19.

    CTF Participant side Organizer side Tasks Services Check system Organizing

    game Let’s make our own CTF Sergey Romanov Perl is for pwn!
  20. 20.

    CTF Participant side Organizer side Tasks Services Check system Task

    from RuCTF 2012 Quals sub f(@d){ return 0 unless @d; my $n = @d.elems; my @p; push @p, [0x100500 xx $n] for 0..^1+<$n; @p[0][0]=0; return [min]gather for 1,*+2...1+<$n-1 ->$x{ for (1..^$n).grep({$x+&1+<$x})X(0..^$n).grep({$x+&1+<$x}) ->$z,$c{ @p[$x][$z]=[min]@p[$x][$z],@p[$x+^1+<$z][$c],@d[$c][$z] } take @p[1+<$n-1][$_]+@d[$_][0] for ^$n } } Sergey Romanov Perl is for pwn!
  21. 21.

    CTF Participant side Organizer side Tasks Services Check system (not

    so) Simple web-services examples POP3 server (UralCTF 4) Dating site (RuCTFE 2010) Picture search engine (RuCTFE 2011) Sergey Romanov Perl is for pwn!
  22. 22.

    CTF Participant side Organizer side Tasks Services Check system (not

    so) Simple web-services examples POP3 server (UralCTF 4) Dating site (RuCTFE 2010) Picture search engine (RuCTFE 2011) All of the above were organized by Hackerdom Sergey Romanov Perl is for pwn!
  23. 23.

    CTF Participant side Organizer side Tasks Services Check system Complex

    system for CTF-style contests Written by Lexi Pimenidis, RWTH Aachen Gameserver, the Submitserver, and the Scoreserver Was used at CIPHER, op3n, UralCTF etc Sergey Romanov Perl is for pwn!
  24. 24.

    CTF Participant side Organizer side Tasks Services Check system Complex

    system for CTF-style contests Written by Lexi Pimenidis, RWTH Aachen Gameserver, the Submitserver, and the Scoreserver Was used at CIPHER, op3n, UralCTF etc There were no Ubic 6 years ago :) Sergey Romanov Perl is for pwn!
  25. 25.

    CTF Participant side Organizer side Tasks Services Check system Links

    DEFCON CTF: http://www.ddtek.biz RuCTF: http://ructf.org PeterPEN: http://peterpen-ctf.net BlackBox: http://blackbox.sibears.ru Nikto2: http://cirt.net/nikto2 Exploitfarm: http://code.google.com/p/exploitfarm CIPHER Gameserver: http://www.cipher-ctf.org/Gameserver.php Twitter: @SR0MAN0V (yes, zeros instead of ”O”s) Sergey Romanov Perl is for pwn!
  26. 26.

    CTF Participant side Organizer side Tasks Services Check system Thank

    you! PS: DEFCON XX Quals start 2 Jun 2012! Join! Sergey Romanov Perl is for pwn!