W4500 Cyber Security

Within these castle walls be forged Mavens of Computer Science ...

— Merlin, The Coder

What is Cyber Security?[edit]

Cyber Security is the protection and hardening of computers and their software from attacks from malicious individuals called hackers. Cybersecurity is extremely important, now more than ever, because of the growing influence of global computing and internet access.

Capture the Flag[edit]

A Capture the Flag (CTF) competition requires individuals or teams to complete a series of cybersecurity-related problems in the allotted time. These problems will each consist of a hidden flag (a string of text) that must be found using hacking techniques. CTF's are useful for learning about vulnerabilities that hackers can exploit. There are different kinds of problems one may encounter in a CTF:

Cryptography: In a cryptography problem, one must decode a hidden message.
Forensics: Forensics problems offer a wide range of tasks but often require one to use basic computer knowledge to find information hidden in a file or directory.
Reverse Engineering: Reverse engineering problems require one to understand how a given code works in order to exploit it.
Web Exploitation: In a web exploitation problem, one must exploit a website using a wide variety of methods.
Binary Exploitation: This category challenges one to exploit an executable file.

Helpful Hint

The following Wikis in the W4500 Pathway correspond to CTF challenges. These pages will contain specific information about various exploits found in these challenges.

Set Up[edit]

It's very useful to have access to a Linux machine when competing in a CTF, as the Linux terminal has many useful built-in tools that allow one to solve problems very quickly.

The Coder Merlin shell has many CTF related tools, and is a great Linux terminal to begin with.

If you would like more tools and the ability to use a GUI as well as command-line tools, Kali Linux is regarded as the best Linux OS to use for cybersecurity because of its vast quantity of built-in CTF specific tools. It's recommended that you run Kali Linux on a virtual machine.

Links for these resources:

VMware Virtual Machine: https://www.vmware.com/products/workstation-player/workstation-player-evaluation.html
Kali Linux Image: https://www.kali.org/downloads/

Common Tools[edit]

General[edit]

wget is a useful command to download files from the internet into a shell. Note that you have to right-click the download link and copy the address:

john-williams@codermerlin:~$ wget [URL]

Cryptography[edit]

There are many online encryptors and decryptors specific to certain encoding techniques. Often, the best way to solve a cryptography problem is to look up the encryption technique on Google.

Forensics[edit]

Forensics problems typically hide information inside of a given file. Some of the tools you can use to extract this information are shown below. Note that some of these tools may need to be installed.

Exiftool is useful for viewing file metadata:

john-williams@codermerlin:~$ exiftool [filename]

Binwalk can extract files from inside other files:

john-williams@codermerlin:~$ binwalk [filename]

HxD is a hex editor program that can edit a file's raw hex: https://mh-nexus.de/en/downloads.php?product=HxD20

grep is a Linux command that searches for a specified string within files.

Reverse Engineering[edit]

Ghidra is a useful tool used for decompiling executable files and viewing their source code. The download link can be found here: https://ghidra-sre.org/

Binary Exploitation[edit]

gdb is a command-line debugging tool that can be used to view the stack, registers, and code of an executable.

PwnTools is a library that contains a variety of Python tools related to binary exploitation. Use the pwn -h command to see all the included command-line tools.