A History of the BSidesPDX CTF

3f6d5df0335e9904e588f10c50295597?s=47 Topher Timzen
April 24, 2019
56

A History of the BSidesPDX CTF

This presentation summarizes the BSidesPDX CTF over the last 4 years. This presentation was given on the first PDX Hack Boat!

3f6d5df0335e9904e588f10c50295597?s=128

Topher Timzen

April 24, 2019
Tweet

Transcript

  1. 2.

    Agenda • Whoami • Intro to CTF • A walk

    down memory lane • New ideas and inspiration • CTF Infrastructure • DEMO • Call to action • EOF
  2. 3.

    Topher Timzen (@TTimzen) C# Malware is <3 Principle Vulnerability Enthusiast

    Red Team at Oracle Cloud Infrastructure Would rather be on 70000 Tons of Metal Whoami
  3. 5.

    CTF Increasingly popular at security conferences and inside of organizations

    Information Security Competitions in which players solve challenges in order to obtain a “flag” Demonstrates proficiency or excellence in an area • Binary exploitation, web exploitation, reverse engineering, forensics, cryptography, programming, etc. • Organizers choice which areas are stressed for a particular event
  4. 6.

    Types Jeopardy • You’ve seen the show ◦ BSidesPDX CTF

    this year! Attack & Defense • Teams attack each other's services in a contained environment
  5. 7.

    BSidesPDX CTF Unlike CTFs at other conferences ours is not

    meant to be intimidating and there are some challenges that any attendee should be able to solve! Come and learn some new skills or freshen up on some of the basics, which are easily forgotten.
  6. 9.

    Sasquatch CTF! Live deployment of a web store was hacked

    and much $ cat flag BSidesPDX CTF 2015
  7. 10.

    BSidesPDX CTF 2016 CWE Top 25 - Single binaries targeting

    MITRE CWE Top 25 - Web excluded - 3 web challenges, full end to end boot2root scenarios Hosted on <REDACTED> CTF Platform
  8. 11.

    BSidesPDX CTF 2017 16 challenges across 4 domains • Web

    exploitation • Binary exploitation • Shellcoding • Reverse Engineering Hosted on BSidesPDX CTF Platform
  9. 12.

    BSidesPDX OMSI CTF 2018 Ran at OMSI Portland Mini Maker

    Faire 6 challenges across 3 domains • Binary exploitation • Reverse Engineering • Web Hosted on BSidesPDX CTF Platform
  10. 13.

    BSidesPDX CTF 2018 12 challenges across 4 domains • Web

    exploitation • Binary exploitation/Reverse Engineering • OSINT • Forensics Hosted on BSidesPDX CTF Platform
  11. 15.

    BSidesPDX CTF Metrics 2017 - 62 players, 41 unique solves,

    13 teams solved at least one challenge 2018 - 89 players, 70 unique solves, 26 teams solved at least one challenge
  12. 18.

    BSidesPDX CTF Infra Infrastructure overview • Kubernetes in AWS via

    Amazon EKS • Network policies to restrict pod network access • kube2iam to provide restricted IAM roles to pods • Disabled ServiceAccount token mount inside pods • RBAC enabled
  13. 19.

    BSidesPDX Local CTF Infra Docker with compose! 1. sudo apt

    install gcc-multilib gcc-mipsel-linux-gnu gcc-arm-linux-gnueabi g++-multilib linux-libc-dev:i386 2. make 3. docker-compose build && docker-compose up -d 4. Containers are viewable at localhost:PORT (view with docker-compose ps) 5. docker-compose kill to stop the containers 6. make clean to clean the source folders
  14. 20.
  15. 22.

    Creating You do not have to be a good developer,

    the intention is to hack your code! Write a challenge (boot2root, binary, web, more) you would want to solve and send it to friends, tweet it, etc See what other people write for challenges and get inspiration • CTF content creators should open source their work! Write-ups are aplenty, not a lot of challenge source! • Pwn 100 and Pwn 200 for the 2018 BSidesPDX CTF are spinoffs of other challenges ◦ As well as the initial concept for infra! Thanks BSidesSF!
  16. 23.

    Creating Open sourcing challenge concepts and source is useful to

    move BSides and CTF forward Base reference implementation on building CTF and infra saves time • Shout out to BSidesSF! Get involved with an organizer of a CTF! • We open source ours!!! • Talk to me about being involved next year!
  17. 24.

    CTF Thanks Could not have done the CTF any of

    these years without awesome people • fdcarl • aagallag • dade • Arinerron • Jessemichael • Pwnpnw • Yalam96 • Andrewkrug • Many more . . . .
  18. 25.

    All challenges are open sourced!!!! • https://github.com/BSidesPDX ◦ https://github.com/BSidesPDX/CTF-2018 ◦

    https://github.com/BSidesPDX/OMSI-CTF-2018 ◦ https://github.com/BSidesPDX/CTF-2017 Want to be involved next year? Planning? Challenge writing? Infra? • @TTimzen BSidesPDX CTF
  19. 26.