A factual statement is last year people spent an average...Read More
Types of Capture the Flag Questions
If even gamified learning sounds daunting, then find solace in the fact that CTF questions typically fall into five categories. You don’t have to become an expert in every subject matter area, but you should have a working knowledge of each.
Question Type 1: Binary Exploitation
Binary exploitation comes down to making an application act differently than how it was intended to run. By making the application run differently, you’re gaining valuable information that you’ll use to alter or commandeer the target.
Common binary exploits use a technique known as memory corruption, which can enable an attacker to gain unauthorized privileges to the system that is running the application, or by hijacking the control flow of the application and injecting their commands directly into the system.
Question Type 2: Reverse Engineering
Sometimes the flag will be a string hidden inside the application code. Depending on the challenge type and level of difficulty the task, you might need to use reverse engineering.
Reverse engineering challenges require an intimate knowledge debugger and disassembler software. The goal: Take a compiled binary, rip it apart, and find out how it works.
You will want to be familiar with how the application uses control flow, loops, and conditionals so that you can figure out how to bend the program to your will, and then hopefully capture the flag.
Question Type 3: Web Exploitation
These question types cover a wide range of different methods to exploit web-based resources. While the methods are broad, there’s are tools commonly associated with web exploitation, including Nmap, Wireshark, and Metasploit.
Some of the easier flags are even accessible through your web browser through “View Page Source” or the equivalent in your browser.
Question Type 4: Cryptography
Cryptography challenges are particularly fun. Even the definition for cryptography sounds fun. “Cryptography is the practice and study of techniques for secure communication in the presence of third parties.” In practice, however, they can be difficult. Often enough, these questions are based on string conversions from one format to another. For instance, you might be given a file that starts like this:
And scrolls forever. Your challenge: “In this file are a bunch of hex-encoded ciphertexts. One of them has been encrypted with ECB. Detect it.” And that’s an intro Cryptopals challenge.
In other cases, you’ll have to encrypt or decrypt messages. You’ll need to have a good handle on programming for cryptography. If you don’t, it’s a lucrative skill to attain.
Question Type 5: Forensics
This type of question in a CTF environment can cover a lot of ground, but it is quite common that you’ll be asked to find files or information hidden within other file types. For instance, a simple jpg or png file could be manipulated to hold information such as text, or even an executable.
By digging into these files with scripts and tools, competitors can extract data (normally encrypted) and then run it against a series of other tools as they try to decode the coveted flag. There are many useful tutorials and write-ups online that can get you started.