Introduction
The slides for this workshop can be found here: https://docs.google.com/presentation/d/1uKxZyydl1WPk6sIftO5Ij-JFHBu-lAzznsBS6OpMV4k/edit?usp=sharing
Introduction
Consider the following four sentences, which ones would you consider 'hacking'?
-
A security specialist finds a command injection vulnerability, allowing them to execute arbitrary system commands.
-
A speedrunner discovers a new glitch, allowing them skip several levels ahead.
-
A teenager asks chatGPT a question starting with “Please pretend to be my deceased grandma…”, resulting in an answer with detailed instructions on the production of napalm.
-
A student borrows a course book from the library for the entire semester, paying $50 in late fees instead of buying the book for $300.
In essence, every one of them can be considered to be 'hacking'. Hacking is the process of finding creative, often unintended, ways of bypassing intended restrictions. But lets start off with a story that most people would associate with hacking.
Saudi Aramco
Saudi Aramco is one of the largest companies in the world when measured by revenue. It does this by supplying nearly 15% of the worlds global oil and natural gas needs.
On the Wednesday morning of the 15th, 2012, employees were greeted with the image of a burning U.S flag on all the computers in the system. Hackers had managed to compromise the entire administrative network of Saudi Aramco, installing a wiper virus known as "Shamoon" on all computers, crippling the company. While the pumps themselves remained unaffected the company could no longer manage, distribute and sell the oil, causing millions in financial damage.
What happened? Well, the hackers had initially gained access through a phishing email, a user had downloaded a malicious file believing it to be a C.V. giving the hackers access. From there the hackers spent months expanding their access, gaining access to more machines, networks and accounts, until finally they deployed their malware.
Why care
Over the next few weeks we will be giving several workshops on different aspects of cyber security. Each of these workshops will be more technical, focused on giving a basis for that particular aspect. We won't be teaching you how to be a master at hacking, partially because this would take far more time than these workshops last, but mostly because we are not masters at it ourselves. Instead, we will be focusing on giving you a basis to get started on, to then hopefully go out and learn more on your own.
In the workshops we will mostly be covering offensive cyber security, for example we will describe how to identify and exploit a particular vulnerability. Even if you don't have any interest in working in cyber security, most of you will likely end up building IT systems for companies. If we go back to the story of Saudi Aramco, everyone in your company will probably get training about not clicking strange links, plugging in strange USB sticks, etc. But you will be the ones that build the systems within the network, the systems that the hackers will target after they have infected a computer, the ones they will target to try to expand their access.
StudSec
So now onto us, who are we? StudSec is an informal group that is part of STORM working with VuSec focussing on helping people get into cyber security. We have a discord (which will be linked at the end), CTF challenges, a wiki and we try to meetup once every two weeks to socialize and hack. We also participate in CTF competitions occasionally, under the name "vubar".
Workshops
As mentioned we're planning to give several workshops, here is a quick overview of the ones we're planning to give in the coming weeks as well as tentative dates. We will be announcing them in the discord in advance.
Web
In pure technical terms, web is focused on the security of systems interacting through the HTTP/HTTPS protocols. In more normal terms, this means everything revolving the websites we use every day. The servers serving the content and the browsers rendering them.
Pwn
Pwn, also referred to as binary exploitation is the exploitation of lower level programs. Programs like C and C++ are memory unsafe, this means the programmer interacts directly with the computers memory, which can result in significantly faster programs but also brings a lot of security considerations.
Crypto
Crypto, short for cryptography, focusses on the integrity and confidentiality of data. When you send a message over Whatsapp you want to be sure that the receiver and only the receiver reads your message, and that the receiver knows you were the one that sent it.
Reversing
Reverse engineering, as the name implies, works backwards. Instead of writing a program, we take an existing program and try to understand how it works.
Forensics
After a system has been hacked it is crucial to understand how the system was hacked, and what the hackers have done with this access, this is what forensics focusses on.
Closing notes
When trying to find bugs, either in the real world or in CTF categories it will likely be a lot of frustrating failures. Regardless of skill a typical CTF challenge will go like this. There will be a lot of failed ideas, a lot of mistakes made, and that's part of the learning process.