Inspired from the novel “Stewed Squid with honey.”!
Hi, hope everyone are doing good. This time I come up with an interesting topic, “CTF competition.” Because of this lock down, we are all trying to kill our time by watching movies and series; playing games; chit chat; and so on. I prefer watching series to get rid of this lock down. While watching multiple series, I came to know about CTF competition which is quite rare topic to be known by all. So i decided to share my views about CTF. Scroll down to read in detail.
The term CTF is an acronym of Capture the flag/Claim to Fame. It is the cyber security competition designed to challenge the contestants to solve computer related problems; capture their data; and defend their system from being hacked. The duration period of this competition may involve few hours; entire day or even multiple days.
The first competition of CTF was held on 1996 in Las Vegas at DEF CON (largest cyber security conference in the United States). Now this competition is held globally without any borders and everyone can take part in it via internet.
Every online game involves PWN. The method of PWN (defined as the process of defeating or controlling or owning other’s belongings) followed in CTF are the participants need to control or compromise the PC; gateway; websites; and other applications of the opponent. Finally own the rights to access it without any security blocks.
The skills required for the contestants to take part in CTF are, they must be well trained in solving tasks (ranging from scavenger hunt and basic programming skills); must have their unique ways to hack opponent system PC and steal their data.
CTF involves three major challenges listed as follows:
Jeopardy style in CTF involves couple of questions (based on Web, Forensic, Crypto, Binary or something else) to be solved by the contestants. For each question solved, the team will gain points. Points added will be low or high based on the complexity level of task solved.
Attack-Defense style is the method of identifying the vulnerable/ easily accessible host of the opponent. This host might be created by the organizer purposely to get defeated or else by mistake.
The contestants will try to find out the vulnerable host further apply codes to own the access of the host. This stage has no limit where the contestants keep on owning the access of the host as much as they can. This reflects in gaining points and reward.
Mixed style is the most challenging stage for the participants, where the contestants of the team need to carry out both the Jeopardy and Attack-Defense style on same time.
Players will divide task among themselves (team members). Based on the division, some contestants will spend time on solving the tasks; where the other will try to figure out the vulnerable target zone to own access rights and defend their host from being hacked.
Does CTF helps the youngsters?
YES! CTF competition takes place between professionals from hacking/ cyber security department and student who pursue their UG/PG with hacking as their major subject. This competition will be held by various organizers and the sponsor head will try to choose the perfect hacker (winner). Further award them with career opportunity/ job offer and so on. As per the survey TCS will chose the perfect hacker from the competition and offer them 6L per annum as basic pay.
Like all other sports, the prizes will be awarded as first, second, and third. Before taking part in the competition the basic ground platform rules of CTF will be clearly explained to the participants. If any of the rules are violated, the entire team or the individual will be eliminated or disqualified permanently.
Advantages we gain while participating in CTF are: helps in gaining knowledge about cyber security environment and take part in real time hacking. Increases/ develop path to learn about networking and makes our resume look awesome comparing to others. Even we get an opportunity to join as a staff of CTF industry in future.
CTF generally focuses on the following skills:
Reverse Engineering – concentrate on IDA pro (acts as dissembler/ debuggers, which helps in generating assembly language code from machine language code).
Web vulnerabilities – popular language CTF regularly uses PHP and SQL. Spare some time in learning about python and solve Web Application Hacker’s Handbook.
Binary exercises - to identify the basic vulnerable host of the opponent using stack overflow (private site, used as memory space to store programming); heap overflow (acts as a buffer); and format string (helps to format the language and attack the opponent.)
Forensics - involves method of editing binary files (0‘s and 1’s) by hex editor.
Cryptography - involves the method of encrypting/ cracking password.
I conclude here, this article is purely meant for the person who was good in programming and willing to become a hacker. Check on about this competition and make yourself benefited. Train yourself, form a team and shine as a player in CTF. GOOD LUCK!
Commentaires