It’s June again and that means CTF time! This weekend are the quals for the DEFCON CTF, an event that agglutinate together the best security guys in Las Vegas.
This year the event is organised by new group of people, called “Legitimate Business Syndicate” that, as they proclaim, are going to change the way the DEFCON CTF is played. So far they have announced the new categories for the trials:
- “3dub”, web-based challenges
- “0x41414141”, exploitation
- “xffxe4xcc”, shellcode
- “OMGACM”, guerilla programming
- “gnireenigne”, reverse engineering
This is a significant change from previous years, where forensic was a category by his own and web was relegated to some “misc” trials. Explotation and shellcode should be the same as previous years, where an exploitable bin is provided and you need to retrieve a flag from a remote server. Finally, guerrilla programming is the uncanny one.
Usual recommendations for this kind of events are always the same:
- review past events write ups to learn new tricks and tools
- create virtual machines for different arch and OSes and get familiarised with them
- shake the dust of your crypto knowledge!!
- get that raspberri pi you bought up and running, you might need it!
- update tools and review new exploitation techniques
A few of us will be playing this weekend, looking forward for some fun!