Capturethe Flag CTFWrite-Up PDF

Title Capturethe Flag CTFWrite-Up
Author Mariuxi Guambana
Course Ethical Hacking
Institution University of Maryland Global Campus
Pages 5
File Size 152.1 KB
File Type PDF
Total Downloads 106
Total Views 164
Preview
CLICK TO PREVIEW PDF
Summary

CMIT 321 - Ethical Hacking...

Description

Capture the Flag (CTF) Write-Up

Section I: The Solves List the 10 CTF challenges you attempted. For Example: 

Category 1 Challenge 2



Category 3 Challenge 1



Category 3 Challenge 9



and so on…

Section II: Strategies Employed Explain how you approached two of the 10 CTF challenges you attempted and solved. For example, what techniques, tools, websites, or other resources did you use? Section III: Lessons Learned 

What are your strengths/How would your skills benefit a CTF team?



Which challenge banks did you find easy?



What areas do you need more practice in?



Which challenge banks did you struggle with or avoid?



Were there challenges you attempted but did not complete or challenges that you did not attempt?



How can you improve your skills in that area (strategies, tools, websites, etc.)?

Section I: Solves

I have attempted different challenges, including some that were out of my confer zone. The categories I have attempted and was successful in were; category 1, category 3, category 4, and category 8. This is the list of the CTF categories and challenges.



Category 1 challenge 1



UMGC-18335 

Category 1 challenge 2

7.19.7 

192.168.20.254 

Category 1 challenge 3

Category 1 challenge 4



Category 1 challenge 5



Category 1 challenge 6



Category 1 challenge 7



Category 3 challenge 1



216.5.1.200 Category 3 challenge 2



07/08/2013 Category 3 challenge 3



student Category 3 challenge 4 9.20





Category 8 challenge 2 mycat



Category 8 challenge 3 gooddog



Category 8 challenge 4 barkeep



Category 8 challenge 5 green



Category 3 challenge 5 8.1.2

Category 8 challenge 1 bartman

Ethical Hacking 

Category 4 challenge 5 12,088

UMGC Cyber Team 

Category 4 challenge 4 12,155

adelphi maryland 

Category 4 challenge 3 1.12+

199.201.204.34 

Category 4 challenge 2 2.1.6

UMCG-8080 

Category 4 challenge 1

Category 8 challenge 6 cookies



Category 8 challenge 7 52



Category 3 challenge 6 3.1.3.2



Category 8 challenge 8 eight

Section II: Strategies Employed The approaches for category 1 vary depending on the challenge for challenge 1 as I did not know the specification of the coding used to encode the phrase. So, I opted for a decoding site called base64. This site gives you the ability to auto-detect the coded text to decode it with the correct source. I also used Encoder / Decoder site for double-checking the answer of the first site. Challenge 2 was to convert a binary IPv4 into a decimal notation. This challenge was fun and interesting as I like to convert the binary to a decimal manually. I used a website source that was a binary to decimal converter, but it was just to double-check my work. I did look at different converters as the first one used. I notice that the converter will only convert one octet at a time instead of the entire binary IPv4. The same was the case for all other sites that I checked. If you do not separate the octets, it will give you a different outcome. It will provide a large number instead of the individual octet separated by a dot. Challenge 3 was to convert a string from hex to ASCII, and it was my first time doing this conversion. For this conversion, I also use a website called hex to ASCII text converter. The last challenge I attempted in this category was challenge 5, using substitution cipher to plain text. For this final conversion, I also used a website called encoder/decoder. The next category I will like to talk about will be category 3 is about forensics hard disk. For this category, I used a program called AccessData Registry Viewer Demo. It was a free program, and it was a little tedious to get the information that was quested by the challenges. But once you got the hang of it got a little bit easy. There were also some resources available. For example, there is a video available and instruction with a screenshot with the step by step to help you. The last category I will like to talk about will be category 8, which is password hashing. The challenges in category 8 were all straightforward, but you have to realize that each password was given two different hashing options, but it gave you the same answer. For password hash cracking, I used a website called crackstation.net; this a free site. Section III: Lessons Learned I believe that my strengths will be in researching for different sources. Also, the skills I can bring to the CTF team will be double-checking, making sure we are doing our best. Using different methods which whatever challenges are given to us. I think being able to adapt to any challenge will benefit the team in many ways. I did enjoy the following categories in the CTF

encoding and encryption, Password Hashing, and Log Analysis. I consider these CTF categories easy for me, but I will emit some challenges for some of the categories. I do think I need more practice with the same categories, so I won’t hesitate with the results. There are other categories that I need more attention to like, Malware Analysis-Reverse Engineering Interzer Analyze, and Network Captures Wireless, Open-Source Intelligence, and Scanning exploitation. These are the categories that I struggle with or avoided. There is a specific category that I try, but for some reason, when I checked the answers, I would get them all wrong. The category that I am speaking of is category 2 file analysis. I downloaded a program to get the file to analyze; the name of the program is File viewer Plus, it is free for Microsoft. I also attempted category 6, which is Network capture wireless. The program I use for this was Wireshark, but I believe I need more practice as most of the questions I was not able to get the answer and the answers I got I was not sure if was correct. I believe the best way to improve my skills is to practice with the program and learn how to use them properly. By exploring, I am can get more comfortable and confident using the program.

References: Base64 decode and encode - online. (n.d.). Retrieved April 02, 2021, from https://www.base64decode.org/ Binary to Decimal converter. (n.d.). Retrieved April 02, 2021, from https://www.binaryhexconverter.com/binary-to-decimal-converter Hex to ascii text converter. (n.d.). Retrieved April 02, 2021, from https://www.rapidtables.com/convert/number/hex-to-ascii.html Convert hex to an ip address - online hex tools. (n.d.). Retrieved April 02, 2021, from https://onlinehextools.com/convert-hex-to-ip Encoder / decoder. (n.d.). Retrieved April 02, 2021, from https://tech.pookey.co.uk/nonwp/encoder-decoder.php Free password hash cracker. (n.d.). Retrieved April 02, 2021, from https://crackstation.net/...

Similar Free PDFs
Capturethe Flag CTFWrite-Up
  • 5 Pages
Capture the Flag Lab
  • 5 Pages
The American Flag- poetry analysis
  • 1 Pages
Chapter 04 - Flag Quiz App
  • 60 Pages
Capture the flag challenges 1
  • 5 Pages
mod 7 graphic organizer - confederate flag
  • 1 Pages
THE FLAG Heraldic CODE OF THE Philippines
  • 9 Pages
The March of the Flag by Albert Beveridge,1898
  • 5 Pages
Module 2 The National Flag Law (R.A. 8491)
  • 6 Pages
Flag Hoisting CG project using Open GL Report
  • 37 Pages
Penerapan Supply Chain Management pada PT. Frisian Flag Indonesia
  • 15 Pages
Popular Institutions