Security Setup


交大網路安全策進會

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

FB: 交大網路安全策進會


不要做壞事

不要做壞事

不要做壞事


Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →

CA Lee

calee@cs.nctu.edu.tw
交大資工 大三
交大 BambooFox 新手村成員


社團資源


CTF


What is CTF

  • Capture The Flag ,簡稱CTF
  • 由主辦單位設計帶有漏洞的程式或網站,讓參賽者進行解題或互相攻防

Type of CTF

  • Jeopardy
  • Attack and Defense
  • King of the Hill

Category

  • Reverse
  • Pwnabl
  • Crypto
  • Forensics
  • Web
  • Misc

Practice


Kali

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Why used

  • Debian-based Linux distribution
  • Penetration Testing and Security Auditing
  • Include 600 penetration testing tools
  • Single user, root access by design

Root

  • 最高權限
  • 擁有系統(幾乎)一切讀寫執行功能

Shell

  • 連接 OS 與你的指令(command)的程式
  • [user]@[host]$ [command] -[short opt] --[long opt] args
  • root@[host]# [command] -[short opt] --[long opt] args

32 / 64 bits

  • i386 / amd64 (x86_64)
  • 參考
sudo dpkg --add-architecture i386 udo apt-get update sudo apt-get install libc6:i386 libncurses5:i386 libstdc++6:i386

Sample

ls

  • ls: 列出目前資料夾下的東西
  • ls -a: 全部
  • ls -l: 清單
  • ls -R: 遞迴

HELP!!

  • man
  • --help
  • google
  • stack overflow

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Commands

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Commands

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Commands

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Commands

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Commands

Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


Image Not Showing Possible Reasons
  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported
Learn More →


More


Python


Why python

  • easy
  • strong module support
  • script language
  • portable on many platform

Installation


Getting Start

  • python console
  • python script
  • comment
#!/usr/bin/env python # single line comment

I/O

Output

print('hahaha') print("%d %d" % (100, 20)) print("{1}{0}".format('hi', 'CA')) sys.stdout.write()

Input

s = input() s = raw_input()

Number

Integer

int() 0x00 int(x, 16) hex(23) #0x17 + - * / % ** //

Float

3.14... 2.12e-3 小數不精確性質

String

'single line string' ''' multi line string also comment ''' len('abcdefg1234567') s[3] s[:-2:3] 'a'.join(['b', 'c', 'd'])

ascii table

ord('a') chr(0x61) "7061756c".decode("hex") 'zzZ'.encode('hex')

List / Tuple

List

li = ['b', 1, 2, 'a'] li.append('abc') li.remove(2) li.sort() li.reverse() s.split('/')

Tuple

a = (2, 3, 5) zip('abc', '123')

Branch

if a == b and c == 0: print('a==b') elif a < b or c == 0: print('a<b') else: print('a>b')

Loop

for i in range(10): print i for x in 'abc123': print(x) while True: print('hi')

Function

def function_name(parameter): statement return (None)

Module

  • import
  • from
  • as
  • pip: apt install python(3)-pip
import requests from bs4 import BeautifulSoup import os as hi hi.system('echo $PATH')

Pwntools

Install

apt-get update apt-get install python2.7 python-pip python-dev git libssl-dev libffi-dev build-essential pip install --upgrade pip pip install --upgrade pwntools
from pwn import * context(arch = 'i386', os = 'linux') # 32bits context(arch = 'amd64', os = 'linux') # 64bits r = remote('exploitme.example.com', 31337) r.recv() r.sendline() r.senduntil() r.interactive() p32() p64()

Requests & BeautifulSoup

requests

import requests r = requests.get('https://cs.nctu.edu.tw') r.status_code r.text

beautiful soup

import requests from bs4 import BeautifulSoup soup = BeautifulSoup(html_doc, 'lxml') soup.prettify() soup.find_all('a')

Practice


Other Tips


SSH client


Tmux

tmux attach tmux list Ctrl-B % Ctrl-B & Ctrl-B c Ctrl-B s Ctrl-B d Ctrl-B ${Number} ...

Regex

https://regexcrossword.com/


CTF-tools

https://github.com/zardus/ctf-tools


CVE / 0days


Tor


https://www.torproject.org/

import requests proxies = { 'http': 'http://127.0.0.1:9050', 'https': 'http://127.0.0.1:9050', } requests.get('http://www.president.gov.tw/', proxies=proxies)

Resouce


Reference