Book Image

Kali Linux CTF Blueprints

By : Cameron Buchanan
Book Image

Kali Linux CTF Blueprints

By: Cameron Buchanan

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Kali Linux CTF Blueprints
Cameron Buchanan
Jul, 2014 | 190 pages
No titles found
Table of Contents (14 chapters)
Kali Linux CTF Blueprints
Kali Linux CTF Blueprints
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Microsoft Environments
Microsoft Environments
Creating a vulnerable machine
Creating a secure network
Hosting vulnerabilities
Scenario 1 – warming Adobe ColdFusion
Scenario 2 – making a mess with MSSQL
Scenario 3 – trivializing TFTP
Flag placement and design
Post-exploitation and pivoting
Exploitation guides
Challenge modes
Summary
2
Linux Environments
Linux Environments
Differences between Linux and Microsoft
Scenario 1 – learn Samba and other dance forms
Scenario 2 – turning on a LAMP
Scenario 3 – destructible distros
Scenario 4 – tearing it up with Telnet
Flag placement and design
Exploitation guides
Summary
3
Wireless and Mobile
Wireless and Mobile
Wireless environment setup
Scenario 1 – WEP, that's me done for the day
Scenario 2 – WPA-2
Scenario 3 – pick up the phone
Exploitation guides
Summary
4
Social Engineering
Social Engineering
Scenario 1 – maxss your haxss
Scenario 2 – social engineering: do no evil
Scenario 3 – hunting rabbits
Scenario 4 – I am a Stegosaurus
Exploitation guides
Summary
5
Cryptographic Projects
Cryptographic Projects
Crypto jargon
Scenario 1 – encode-ageddon
Scenario 2 – encode + Python = merry hell
Scenario 3 – RC4, my god, what are you doing?
Scenario 4 – Hishashin
Scenario 5 – because Heartbleed didn't get enough publicity as it is
Exploitation guides
Summary
6
Red Teaming
Red Teaming
Chapter guide
Scoring systems
Setting scenarios
Reporting
CTF-style variations
Scenario 1 – ladders, why did it have to be ladders?
Scenario 2 – that's no network, it's a space station
Summary
Appendix
Appendix
Further reading
Index
Index

Summary

In this chapter, we've covered Microsoft environments and the vulnerabilities inherent within them. The focus has largely been on third-party applications for this chapter due to the difficulty in finding out-of-date Microsoft operating systems and services on the Internet. If you own copies of Microsoft OSs or services, these are goldmines for the creation of vulnerable boxes to attack as they can present multiple exploits in one installation. Alas, I cannot guarantee that you have one or more outdated Microsoft installation(s).

We have gone through three scenarios covering Adobe ColdFusion, MSSQL, and TFTP. These vulnerabilities will allow new testers to get used to the Windows architecture, hone those well-needed Nmap and Metasploit skills, and also get a handle on regular services, SQL and TFTP, which have their own nuances to master. Also, this chapter has provided the framework for the later chapters to capitalize on. The sections on flag placement and design, post-exploitation and pivoting, and secure network creation will be referenced heavily throughout the rest of the book. In order to save time later, become comfortable with these ideas now.

The next chapter is Chapter 2, Linux Environments, a chapter which I'm sure you'll enjoy as we plumb the depths of SMB, tear up Telnet, and poke fun at Apache.

Previous Section
End of Chapter 1
Next Chapter