Kali Linux CTF Blueprints

Table of Contents
Preface 1
Chapter 1: Microsoft Environments 7
Creating a vulnerable machine 8
Securing a machine 8
Creating a secure network 9
Basic requirements 9
Setting up a Linux network 9
Setting up a Windows network 9
Hosting vulnerabilities 10
Scenario 1 – warming Adobe ColdFusion 11
Setup 11
Variations 14
Scenario 2 – making a mess with MSSQL 15
Setup 15
Variations 19
Scenario 3 – trivializing TFTP 20
Vulnerabilities 21
Flag placement and design 22
Testing your flags 22
Making the flag too easy 23
Making your finding too hard 24
Alternate ideas 24
Post exploitation and pivoting 25
Exploitation guides 26
Scenario 1 – traverse the directories like it ain't no thing 26
Scenario 2 – your database is bad and you should feel bad 29
Scenario 3 – TFTP is holier than the Pope 33
Challenge modes 34
Summary 35
Table of Contents
[ ii ]
Chapter 2: Linux Environments 37
Differences between Linux and Microsoft 38
Setup 38
Scenario 1 – learn Samba and other dance forms 38
Setup 39
Configuration 40
Testing 41
Variations 42
Information disclosure 42
File upload 42
Scenario 2 – turning on a LAMP 42
Setup 43
The PHP 43
Variations 45
Out-of-date versions 45
Login bypass 45
SQL injection 46
Dangerous PHP 46
PHPMyAdmin 47
Scenario 3 – destructible distros 47
Setup 47
Variations 48
Scenario 4 – tearing it up with Telnet 48
Setup 49
Variations 50
Default credentials 50
Buffer overflows 51
Flag placement and design 51
Exploitation guides 51
Scenario 1 – smashing Samba 51
Scenario 2 – exploiting XAMPP 53
Scenario 3 – liking a privilege 57
Scenario 4 – tampering with Telnet 57
Summary 59
Chapter 3: Wireless and Mobile 61
Wireless environment setup 62
Software 62
Hardware 63
Scenario 1 – WEP, that's me done for the day 64
Code setup 64
Network setup 67
Table of Contents
[ iii ]
Scenario 2 – WPA-2 69
Setup 69
Scenario 3 – pick up the phone 71
Setup 71
Important things to remember 72
Exploitation guides 72
Scenario 1 – rescue the WEP key 72
Scenario 2 – potentiating partial passwords 73
Scenario 3.1 – be a geodude with geotagging 74
Scenario 3.2 – ghost in the machine or man in the middle 76
Scenario 3.3 – DNS spoof your friends for fun and profit 78
Summary 80
Chapter 4: Social Engineering 81
Scenario 1 – maxss your haxss 82
Code setup 82
Scenario 2 – social engineering: do no evil 86
Setup 86
Variations 87
Scenario 3 – hunting rabbits 88
Core principles 88
Potential avenues 90
Connecting methods 91
Creating an OSINT target 93
Scenario 4 – I am a Stegosaurus 94
Visual steganography 94
Exploitation guides 96
Scenario 1 – cookie theft for fun and profit 96
Scenario 2 – social engineering tips 97
Scenario 3 – exploitation guide 98
Scenario 4 – exploitation guide 100
Summary 101
Chapter 5: Cryptographic Projects 103
Crypto jargon 104
Scenario 1 – encode-ageddon 104
Generic encoding types 104
Random encoding types 105
Scenario 2 – encode + Python = merry hell 106
Setup 106
Substitution cipher variations 107
Table of Contents
[ iv ]
Scenario 3 – RC4, my god, what are you doing? 108
Setup 108
Implementations 110
Scenario 4 – Hishashin 111
Setup 111
Hashing variations 112
Scenario 5 – because Heartbleed didn't get enough publicity as it is 113
Setup 113
Variations 116
Exploitation guides 117
Scenario 1 – decode-alypse now 117
Scenario 2 – trans subs and other things that look awkward in
your history 118
Automatic methods 119
Scenario 3 – was that a 1 or a 0 or a 1? 119
Scenario 4 – hash outside of Colorado 120
Scenario 5 – bleeding hearts 122
Summary 123
Chapter 6: Red Teaming 125
Chapter guide 125
Scoring systems 126
Setting scenarios 127
Reporting 128
Reporting example 129
Reporting explanation 130
CTF-style variations 131
DEFCON game 131
Physical components 131
Attack and defense 132
Jeopardy 133
Scenario 1 – ladders, why did it have to be ladders? 133
Network diagram 134
Brief 135
Setting up virtual machines 136
DMZ 138
missileman 140
secret1 142
secret2 143
secret3 145
Attack guide 147
Variations 153
Table of Contents
[ v ]
Dummy devices 153
Combined OSINT trail 153
The missile base scenario summary 154
Scenario 2 – that's no network, it's a space station 154
Network diagram 154
Brief 156
Setting up a basic network 156
Attack of the clones 157
Customizing cloned VMs 158
Workstation1 158
Workstation2 159
Workstation3 159
Workstation4 159
Workstation5 160
Attack guide 160
Variations 161
The network base scenario summary 162
Summary 162
Appendix 163
Further reading 163
Recommended competitions 165
Existing vulnerable VMs 165
Index

Descargar:

http://www.mediafire.com/download/jiymbiych5dk8k5/Kali_Linux_CTF_Blueprints.rar