Topher Timzen (@TTimzen) C# Malware is <3 Principle Vulnerability Enthusiast Red Team at Oracle Cloud Infrastructure Would rather be on 70000 Tons of Metal Whoami
CTF Increasingly popular at security conferences and inside of organizations Information Security Competitions in which players solve challenges in order to obtain a “flag” Demonstrates proficiency or excellence in an area ● Binary exploitation, web exploitation, reverse engineering, forensics, cryptography, programming, etc. ● Organizers choice which areas are stressed for a particular event
BSidesPDX CTF Unlike CTFs at other conferences ours is not meant to be intimidating and there are some challenges that any attendee should be able to solve! Come and learn some new skills or freshen up on some of the basics, which are easily forgotten.
BSidesPDX CTF 2016 CWE Top 25 - Single binaries targeting MITRE CWE Top 25 - Web excluded - 3 web challenges, full end to end boot2root scenarios Hosted on CTF Platform
BSidesPDX OMSI CTF 2018 Ran at OMSI Portland Mini Maker Faire 6 challenges across 3 domains ● Binary exploitation ● Reverse Engineering ● Web Hosted on BSidesPDX CTF Platform
BSidesPDX CTF Metrics 2017 - 62 players, 41 unique solves, 13 teams solved at least one challenge 2018 - 89 players, 70 unique solves, 26 teams solved at least one challenge
BSidesPDX CTF Infra Infrastructure overview ● Kubernetes in AWS via Amazon EKS ● Network policies to restrict pod network access ● kube2iam to provide restricted IAM roles to pods ● Disabled ServiceAccount token mount inside pods ● RBAC enabled
BSidesPDX Local CTF Infra Docker with compose! 1. sudo apt install gcc-multilib gcc-mipsel-linux-gnu gcc-arm-linux-gnueabi g++-multilib linux-libc-dev:i386 2. make 3. docker-compose build && docker-compose up -d 4. Containers are viewable at localhost:PORT (view with docker-compose ps) 5. docker-compose kill to stop the containers 6. make clean to clean the source folders
Creating You do not have to be a good developer, the intention is to hack your code! Write a challenge (boot2root, binary, web, more) you would want to solve and send it to friends, tweet it, etc See what other people write for challenges and get inspiration ● CTF content creators should open source their work! Write-ups are aplenty, not a lot of challenge source! ● Pwn 100 and Pwn 200 for the 2018 BSidesPDX CTF are spinoffs of other challenges ○ As well as the initial concept for infra! Thanks BSidesSF!
Creating Open sourcing challenge concepts and source is useful to move BSides and CTF forward Base reference implementation on building CTF and infra saves time ● Shout out to BSidesSF! Get involved with an organizer of a CTF! ● We open source ours!!! ● Talk to me about being involved next year!
CTF Thanks Could not have done the CTF any of these years without awesome people ● fdcarl ● aagallag ● dade ● Arinerron ● Jessemichael ● Pwnpnw ● Yalam96 ● Andrewkrug ● Many more . . . .
All challenges are open sourced!!!! ● https://github.com/BSidesPDX ○ https://github.com/BSidesPDX/CTF-2018 ○ https://github.com/BSidesPDX/OMSI-CTF-2018 ○ https://github.com/BSidesPDX/CTF-2017 Want to be involved next year? Planning? Challenge writing? Infra? ● @TTimzen BSidesPDX CTF