So my university decided to pay for me and my friend to compete at the CTF portion of the National Cyber Summit (https://www.nationalcybersummit.com/cyber-cup-competition/), the problem is, my friend and I have never done a CTF. So /g/, where can I learn to do a CTF in a month, given that my primary skill is programming in C++?
Also, CTF thread.
That's like asking how to study for a Jeopardy challenge. The knowledge needed for a CTF is usually random trivia mixed with basic problem solving skills
There's something magical about being far out at sea in the deepest night. The stars shining, the blue endless water
>>60168481
>learning everything you need to do a ctf
Lmao good luck faggot. If you actually want to try to do this, start doing other ctfs. PicoCTF is super basic to intermediate, well explained, and has a lot of content.
>>60170992
I remember doing this for my high school long ago. My school had no fucking tech nerds at my level so I had to solo.
Ended up in the upper 100s. I really enjoyed their challenges.
If you really want to learn, do picoCTF First.
>>60170380
Memories of childhood come back. The times when dad would to take me out on his sail boat, and we'd sail out, wearing warm sweaters and drinking hot, too-sweet tea.
>>60168481
https://www.endgame.com/blog/how-get-started-ctf
ctftime dot org
Read write ups on old ctf challenges.
For reverse engineering and pwn challenges you'll have to be fluent in C and assembly. You'll almost certainly need IDA pro. See if your university has licenses. Otherwise you'll have to go through the asspain of installing a cracked version. Alternatives include angr and binary ninja(binja).
For crypto challenges you'll need to know RSA inside and out. In my (limited) experience, it's one of the most frequently occurring crypto topics. Read up on basic attacks on it (moduli with common factors, Weiner's attack, Coppersmith's attack). Git gud at Python. Often crypto challenges aren't about reversing some black box binary, so they give you the source code and you need to spot the vuln. For pwn and crypto you should install the Python library pwntools.
I know fuckall about webshit, but you'll want to read up on SQL injections and blind SQL injections. Install BurpSuite and always check the attack site's cookies. Install WireShark for examining web traffic (or even other kinds of traffic like USB).
Look up ctftools. There's a GitHub repo with a fuckload of tools written for ctfs.
Most ctfs will have an IRC channel. Can't hurt to hang around there. Admins might be nice and field your questions, but don't expect handouts.
Pirate a copy of IDA with Hexrays. Preferably with at least 64-bit support. Learn how to teach it about structs.
Check out pwntools. It's a python library for various reversing and pwning problems. If not, at least learn how to use sockets.
Oh, and unless stated otherwise, ASLR is always on.