WesleyWong420/iHack-Attack-Defense

Preparation of Attack & Defense CTF for iHack 2022

iHack 2022 Attack & Defense CTF

Overview

• USEFUL: HackTheBox - CyberMayhem by Ippsec
• IMPORTANT: Defcamp finals 2022: Feedback on our first Attack/Defense CTF
• VERY IMPORTANT: CISCO SECCON AD-CTF 2020
• VERY IMPORTANT: Pre-CTF Training Session - Day 1
• VERY IMPORTANT: Pre-CTF Training Session - Day 2

Vuln Services

• CJ2018 CTF [Solution]
• ICC2022-AD-CTF
• HITB SECCCONF EDU CTF 2021
• HITB SECCONF CTF 2022
• HITB SECCONF CTF 2023

Attacking

Tools

• S4DFarm

Network Monitor & Detection

Tools

• Caronte [Documentation]
• Tulip

Strategy

• Incident Response
  • w
  • ps -aef --forest
  • ss -anp {PID}
  • kill -9 {PID}
  • cd /proc/{PID}; ls -al | grep cwd
  • tail /var/log/apache2/access.log
  • nohup tcpdump -i eth0 -w tcpdump.cap -s 0 &

Patching

Strategy

• Rollout Patched Services
  • sudo docker-compose down
  • sudo docker-compose build
  • docker-compose up --force-recreate -d