S2G CTF

Resources

This is a collection of resources to prepare for the S2G CTF. The first section are learning resources where you get hands on experience. The second section is a set of different tools that might come in handy during the CTF grouped into CTF categories. The third section is a guide on how to install Kali Linux.

Learning resources

Hack The Box (HTB) is an excellent resource for learning CTF. Try the challenges, and you will gradually notice your skills improving. You may find writeups for all of their challenges on Youtube. Although watching writeups are usually not recommended as they deminish the learning outcome compared to solving it entirely independently, it can be very insightful if you are not experienced, as it provides a quick way into the mind of a professional, and can help you learn faster by teaching you where to look.

PicoCTF is a resource of the same type as HTB. They provide challenges which are solved by people all over the world, and ensure high quality. Use this resouce the same way as described for HTB.

Tools and guides

If you use some tools not mentioned in this list and want to contribute, please send us a message in our discord channel: https://discord.gg/mcGgsgvJdC

General

A website that covers many different hacking techniques: https://book.hacktricks.xyz/
Converting between different data formats: https://gchq.github.io/CyberChef/
A collection of tools and commands for use in CTF: https://github.com/JohnHammond/ctf-katana

OSINT

Overview of different OSINT sites: https://osintframework.com/

Crypto

Powerful crypto tools:
https://www.dcode.fr/en
https://gchq.github.io/CyberChef/

Buffer overflow exploitation

A guide on how to perform a stack overflow exploit: http://hackingarena.com/pwn/stack_overflow.pdf

Installing Kali Linux

This guide assumes you are using Windows 10 64 bit operating system. If you are using macOS or Linux some of these steps will not be similar. If you have any problems please contact us before or during the CTF so we can assist you in installing the recommended setup. Installing Virtualbox
alt text

Head to https://www.virtualbox.org/ and click the large button "Download VirtualBox 6.1"
Then click "Windows hosts"

alt text

Save file
Open Windows file explorer and navigate to your Downloads folder and execute the file
Go through the installer and click "Yes" when presented with: "Warning: Network interfaces". Also install additional drivers if available

Download and run Kali Linux

Head to https://www.kali.org/get-kali/#kali-virtual-machines and click the button marked in red
Either open in VirtualBox Manager, or save file. If you chose to save file you can import the file to Virtualbox later
After the download is finished, this windows should open. Press Import and access agreements etc

4. Press Start

5. The username/password is kali/kali

Change Keymap

Change the keyboard layout to Norwegian

Steps:

Click "Layout"
Disable "Use system defaults"
Add Norwegian
Remove US

Install tools not pre-installed in Kali

Kali Linux is a great distro as there are many programs already installed that is useful in CTF competitions. Sometimes we want to add additional tools that is not already installed. This guide uses terminal commands to install various packages. Open a terminal and paste the commands in the code blocks

example command

Open a terminal
Example installation of a program (Enter password 'kali' when prompted)

 sudo apt-get install cowsay

Two frequent programs that are used in PWN challenges are GDB and Pwntools. These can be installed with the following commands:

Install gdb and gdb-peta

sudo apt-get update && sudo apt-get install gdb
git clone https://github.com/longld/peda.git ~/peda
echo "source ~/peda/peda.py" >> ~/.gdbinit

Pwntools

sudo apt-get update && sudo apt-get install python3 python3-pip python3-dev git
libssl-dev libffi-dev build-essential
python3 -m pip install --upgrade pip
python3 -m pip install --upgrade pwntools

Add to path

echo "PATH=/home/kali/.local/bin:$PATH" >> ~/.bashrc