# Security Setup ---- ## [交大網路安全策進會](https://bamboofox.github.io/)  FB: [交大網路安全策進會](https://www.facebook.com/NCTUCSC/?fref=ts) ---- ## 不要做壞事 ## 不要做壞事 ## 不要做壞事 ----  ---- <img src="https://i.imgur.com/Eo7cL8Y.png" style="width:200px;height:200px;border-radius:50%"/> #### [CA Lee](https://www.facebook.com/calee0219) calee@cs.nctu.edu.tw 交大資工 大三 交大 BambooFox 新手村成員 --- ## 社團資源 - 社窩 \* 1 - 大神學長同學 \* N - FB: [交大網路安全策進會](https://www.facebook.com/NCTUCSC/?fref=ts) - FB Group: [BambooFox CTF 討論區](https://www.facebook.com/groups/bamboofox/) - 社課錄影: [Youtube Bamboofox](https://www.youtube.com/channel/UCWIxPblsd5y4QGR1qhX3FGA) - Slack: https://bamboofox.herokuapp.com/ - 網站: https://bamboofox.github.io/ - 練習: https://bamboofox.cs.nctu.edu.tw/ --- ## CTF ---- ### What is CTF - Capture The Flag ，簡稱CTF - 由主辦單位設計帶有漏洞的程式或網站，讓參賽者進行解題或互相攻防 ---- ### Type of CTF - Jeopardy - Attack and Defense - King of the Hill ---- ### Category - Reverse - Pwnabl - Crypto - Forensics - Web - Misc ---- ### Practice - https://bamboofox.cs.nctu.edu.tw/ - http://overthewire.org/ - http://pwnable.kr/ - https://xss-game.appspot.com/ - http://captf.com/practice-ctf/ - ... --- ## Kali  ---- ### Why used - Debian-based Linux distribution - Penetration Testing and Security Auditing - Include 600 penetration testing tools - Single user, root access by design ---- ### Root - 最高權限 - 擁有系統(幾乎)一切讀寫執行功能 ---- ### Shell - 連接 OS 與你的指令(command)的程式 - <font style="font-size: 24px">`[user]@[host]$ [command] -[short opt] --[long opt] args`</font> - <font style="font-size: 24px">`root@[host]# [command] -[short opt] --[long opt] args`</font> ---- ### 32 / 64 bits - i386 / amd64 (x86_64) - [參考](https://goo.gl/dVoK3r) ```shell= sudo dpkg --add-architecture i386 udo apt-get update sudo apt-get install libc6:i386 libncurses5:i386 libstdc++6:i386 ``` ---- ### Sample #### ls - `ls`: 列出目前資料夾下的東西 - `ls -a`: 全部 - `ls -l`: 清單 - `ls -R`: 遞迴 ---- ### HELP!! - `man` - `--help` - google - stack overflow ----  ---- ### Commands  ---- ### Commands  ---- ### Commands  ---- ### Commands  ---- ### Commands  ----  ---- ### More - `rm -rf /*` - [codecademy](https://www.codecademy.com/learn/learn-the-command-line) - [鳥哥](http://linux.vbird.org/) --- ## Python  ---- ### Why python - easy - strong module support - script language - portable on many platform ---- ### Installation - Linux - apt-get install python (3) - macOS - brew install python(3) - [python3](https://www.python.org/ftp/python/3.6.2/python-3.6.2-macosx10.6.pkg) / [python2](https://www.python.org/ftp/python/2.7.14/python-2.7.14-macosx10.6.pkg) - Windows - [python3](https://www.python.org/ftp/python/3.6.2/python-3.6.2-amd64.exe) / [python2](https://www.python.org/ftp/python/2.7.14/python-2.7.14.amd64.msi) ---- ### Getting Start - python console - python script - comment ```python= #!/usr/bin/env python # single line comment ``` ---- ### I/O Output ```python= print('hahaha') print("%d %d" % (100, 20)) print("{1}{0}".format('hi', 'CA')) sys.stdout.write() ``` Input ```python= s = input() s = raw_input() ``` ---- ### Number Integer ```python= int() 0x00 int(x, 16) hex(23) #0x17 + - * / % ** // ``` Float ```python= 3.14... 2.12e-3 小數不精確性質 ``` ---- ### String ```python= 'single line string' ''' multi line string also comment ''' len('abcdefg1234567') s[3] s[:-2:3] 'a'.join(['b', 'c', 'd']) ``` ascii table ```python= ord('a') chr(0x61) "7061756c".decode("hex") 'zzZ'.encode('hex') ``` ---- ### List / Tuple List ```python= li = ['b', 1, 2, 'a'] li.append('abc') li.remove(2) li.sort() li.reverse() s.split('/') ``` Tuple ```python= a = (2, 3, 5) zip('abc', '123') ``` ---- ### Branch ```python= if a == b and c == 0: print('a==b') elif a < b or c == 0: print('a<b') else: print('a>b') ``` ---- ### Loop ```python= for i in range(10): print i for x in 'abc123': print(x) while True: print('hi') ``` ---- ### Function ```python= def function_name(parameter): statement return (None) ``` ---- ### Module - import - from - as - pip: apt install python(3)-pip ```python= import requests from bs4 import BeautifulSoup import os as hi hi.system('echo $PATH') ``` ---- ### Pwntools Install ```shell= apt-get update apt-get install python2.7 python-pip python-dev git libssl-dev libffi-dev build-essential pip install --upgrade pip pip install --upgrade pwntools ``` ```python= from pwn import * context(arch = 'i386', os = 'linux') # 32bits context(arch = 'amd64', os = 'linux') # 64bits r = remote('exploitme.example.com', 31337) r.recv() r.sendline() r.senduntil() r.interactive() p32() p64() ``` ---- ### Requests & BeautifulSoup [requests](http://docs.python-requests.org/en/master/) ```python= import requests r = requests.get('https://cs.nctu.edu.tw') r.status_code r.text ``` [beautiful soup](https://www.crummy.com/software/BeautifulSoup/bs4/doc/) ```python= import requests from bs4 import BeautifulSoup soup = BeautifulSoup(html_doc, 'lxml') soup.prettify() soup.find_all('a') ``` ---- ### Practice - [HackerRank](https://www.hackerrank.com/domains/python/py-introduction) - [CodeCodemy](https://www.codecademy.com/learn/learn-python) --- ## Other Tips ---- ### SSH client - [putty](http://www.putty.org/) - [MobaXterm](http://mobaxterm.mobatek.net/) - Terminal ---- ### Tmux ```shell= tmux attach tmux list Ctrl-B % Ctrl-B & Ctrl-B c Ctrl-B s Ctrl-B d Ctrl-B ${Number} ... ``` ---- ### Regex https://regexcrossword.com/ ---- ### CTF-tools https://github.com/zardus/ctf-tools ---- ### CVE / 0days - [CVE](https://cve.mitre.org/index.html) - [0days](https://zeroday.hitcon.org/) - POC, github - [Awesome Hacking](https://github.com/Hack-with-Github/Awesome-Hacking) - Web, PoC - [Web](https://github.com/qazbnm456/awesome-web-security) ---- ### Tor  https://www.torproject.org/ ```python= import requests proxies = { 'http': 'http://127.0.0.1:9050', 'https': 'http://127.0.0.1:9050', } requests.get('http://www.president.gov.tw/', proxies=proxies) ``` --- ### Resouce - https://bamboofox.github.io/ - http://kb.hitcon.org/ - http://www.shiyanbar.com/ --- ## Reference - 以前投影片 - SAP, NAP (http://nasa.cs.nctu.edu.tw/) - https://goo.gl/frviqr - http://www.ithome.com.tw/news/102969 - https://goo.gl/SgE6WL