EH-Net

Saw this on Joe McCray's twitter today: http://strategicsec.com/2012/10/04/your-first-ctf/

It's geared towards newbies, but it's not free. Thought I'd share for those interested in practicing.

Very cool. Although its not free, its so cheap that its nearly so.

Thanks.. really cool.

I am considering this, seems like it would be fun.  I like the idea of the training before the actual CTF.  I have yet to participate in one and when I have attempted, I am just at a loss (or just can't get on long enough to search because some a$$ is dropping the connections).  75 bucks for the training and CTF registration.

If I get a new Credit Card in time to sign up I will be. (Glaring at The Pub in Louisville, even if it is 350+  miles away).

Actually quick conversation with Joe on Twitter, if you're going ot be doing CCDC this year (I could but mentoring instead at school), he says this will help.

I was thinking about signing up to this last night since I found it. But my thing is I never done anything like that or played that. I heard it's lots of fun.

Last night and this morning I been trying to find out what skills you need or some kind of information on how to play..

You could say I'm a n00b to ctf thing.

Malachi,

I would assume if you sign up for the class... he'll teach you the skills to play. :)

From the site:
"From October 22nd – November 11th I’ll provide you with access to the Strategic Sec lab network that will be full of challenges with explanations and step-by-step walkthroughs for each challenge."

I'm going to sign up but just wanted to make sure it's not like advance or didn't want to be left in the dark ....lol...

It does say for newbies, and you get a month of training. During that time you should be able to evaluate your skillset and determine what your weaknesses are.

I just noticed too that the winners of the CTF get to take a Strategic Security course of their choosing for free. Seems like a good deal.

Signed up for both.  Mainly because I am interested in how a CTF is conducted.  Just seems like a fun activity to do and I am always intimidated by the ones that happen at the Cons and other events.

I'm signed up too. More interested in learning than winning anything.

If we don't care about winning, maybe we should set up an EH-Net team (we'd probably win anyway ;) ).

I'd be game for that, same thing, don't care so much about winning, but would love to get the skills down a little.

I am not a pro on pentesting nor an infosec gur yet. I have been doing network administration and some security. I have done my Sec+ , do you think this training on ctf will be helpful for someone newbie like me?? I know this question or sth similar to it has been asked but want to get more idea from you awesome professional guys to get me going :)

Way to butter us up. ;)

But yeah, you'll get clues. I'm not a pen-tester. I really only do CTFs to get an idea of some of the attack to make my defense better. Heck the talk I've been giving at Cons this year, came out of the RuCTFe last year.

Count me in, just signed up :)

So got the follow-up email about getting the class information on 10/23.  Looks like those taking the classes can team up for the CTF.  If you don't have a team he will put you in a group.  I assume you all are going to use your EH handles?

not sure what name I'll be using yet. probably my regular handle. (rattis)

I haven't seen the email on how to access yet, but did get 2 emails on welcome to the ctf. I also know one of the security rookies that was working on the CTF, he said it's going to be fun.

Yep, if I'm able to use lorddicranius, I'll use that.  If not, I'll let ya'll know what I end up using.

So, has anyone received the email detailing how to download the training material as yet?

Its well into the 23rd in the US now, 24th for me here in Oz.

Guess I'll shoot him an email and see whats happening.

He sent out an email with a link to the CTF Training and the virtual machine.  He had a static web link with a username and password, as well as a dropbox link.  The VM was deleted from the dropbox share though, not sure if that was on purpose.  So you will be better off copying the stuff out of that share if you are using Dropbox.

Hi 3xban

How long ago did you receive it?

I haven't received a copy as yet, so just want an idea.

Cheers

Actually got the emails last night.  The Ubuntu VM was there this morning but was removed, probably because the size was over 1GB and not everyone has the space for that.

Anyone else received the download details?

I sent Joe an email about 8 hours ago, and still haven't heard anything. (nothing in my Spam folder either)

Update: Finally received the emails, downloading now  ;D

I got mine, including all the links to download stuff, on the 22nd (US, late at night). I spent the night after doing home work drinking wine going through the materials until 1am.

hello all
I singed up for this course and got the download, but I might have missed or over looked something. I cant get into the the VM, I cant find the password for the strategicsec ubuntu user. Any help would be appreciated.
I emailed Joe the day I got the downloads but he has not returned my email yet. 

Thanks

Hi Lee

I had the same problem, but managed to find it by looking in one of the log files included in the download.

It is the same as the username, and the same password is used as your 'sudo' password.

Good luck
John

thank you for the help.

This sounds like a really good idea I wish I had more time to attempt this.

So do I, but that didn't stop me from trying anyway.

Has anyone received information on week 2 of the training?

No, I haven't as yet. But then again, I didn't get the first week details until 7 hours from now, this day last week.

Also, don't know if he has been caught up in the problems on the east coast of US.

Joe sent out a note this morning or so, he is delayed on the week 2 material.  He should have it out by the weekend, which is fine because I am still working on Week 1 :-p  Stupid work and hurricanes keep getting in the way :D 

Same (sans the hurricane - west coast here).  Started a new job last week, so I haven't been able to get through week one yet either.

I don't feel as bad then. My university workload has kept me pretty buried this term, hoping to work on this and my python study group stuff tonight.

Anyone received the information for week 2 yet?

Not yet.

It appears he is delayed.  I am still working on the week 1  stuff.  I'm slow :D  or maybe I get side tracked, like I got annoyed because I had to fix the time on the VM he gave us, took me a while to find out I could just install ntp and run that.  GUI wouldn't allow you to change without the root pw, and the "strategicsec" pw wasn't working.  Did some command line changes but the time zone wouldn't take, used NTP and no problem. 

Then got down to the Fedora server and used my internal domain name which after I got down to the BIND setup realized that it might not work.  Still pretty sure the setup isn't going to work because the external IP range doesn't have anything available to point back to the VM.  Thinking I may have to just setup a 2nd virtual adapter and configure for Bridge.  I find I am spending more time adjusting the instructions to fit my lab.  It isn't a bad thing but the timing will be off.  Thinking of scrapping the current install and starting from scratch.  Question though, is the external settings even needed?

Okay, Joe has sent the week 2 details.

I was able to download the small rar file, but both the VM links fail, anyone had any luck downloading them?

@ 3xBan: Ubuntu creates a random root password that no one knows. Way around that in the future (so you can use the gui),
sudo su -
passwd

Set the password to what you want. Also VM usually ignore time, including ntp (been my experience), instead taking it from a "WALL CLOCK" on the host.

I haven't gotten to the Fedora set up section yet. However I would be conserned about putting any box related to a CTF on the internet. It might be better (once I read the stuff on Fedora I'll know for sure), to set everything to HOST based networking (prevent from talking to anything off the host server) and set up DNS at that level. Or at the very least the /etc/hosts file.

Thanks Chrisj, yeah not putting these on the internet directly.  Just enough to get the apps installed and once all is good, I will switch them to a Host Only or create a new VM network for this. 

I am just wondering if these are being built just for the learning factor or if we will be using them later on in the training. 

I downloaded the new virtual images for the week two assignment, but I am having issues with the windows image. I was just wondering If it is the image and others are having problems. The issue I am having is after I mount the virtual disk to virtual box and lunch the os it just hangs and never boots up. I haven't had any problems with the Linux ones.

Thanks

I haven't been able to dive into the VM's yet, but the file extension on the Windows one is "vmwarevm."  Have you tried using VMWare Player?  I think I remember seeing something about mounting VMWare VM's in VirtualBox in newer versions, but I haven't messed with that ability yet.

ok yea virtual box seems to be ok with the vmware images but the windows one might have some issues. I will download vmware and try it with that. thanks

I'm doing this also .. still working on week one, but getting there.

Has anybody gotten though building the Fedora server?  I'm building it on a VM and DNS is giving me a hell of a time.  Pretty sure my files are right, but I don't know if theirs are :)

from everything I've heard and seen, everyone is having problems with the fedora build and dns. but I haven't gotten there yet.

I think the building of the OS and such is strictly a learning exercise.  I've gone ahead and looked through the rest of the notes and didn't find any reference to it. 

Testing out the VPN at the moment and not having any luck with the authentication.  Anyone else having that problem?  Sent an email to Joe to see if there is an issue.

In case anyone is having a problem with the VPN connecting, you will want to change the last octet of the host server to "162."  For those that don't know, open the OpenVPN config file on the strategic sec ubuntu VM and make the change there.  Works like a champ.

This was as of today (11/11), the 161 may get used at a later date.

Anyone else have issues running the SQLiX script?  Looks like it can't seem to find WWW/CheckSite/Spider.pm


Checked around found some issues around reinstalling the CheckSite piece but that failed and then I got tired.  I'm behind so I've just been noting it and moving on but I get annoyed about things I can't resolve.

Also since this was a CTF for "newbs" I was hoping for a bit more interaction from Joe and the team.  The training has really just been "here have these docs and follow them" but they all seem to just have run this, use this and boom you get results.  They seem to be docs from some of the training they may have done. 

I am also wondering how the CTF teams will be setup.  Anyway back to this thing.