CodeX's Terminal Window
  • root@codex
  • 🐙Red Team
    • Red Team OPSEC
      • Initial Recon
      • Weaponization
      • Infrastructure
        • Example Red Team Infra
        • Cobalt Strike Redirectors
        • Using SSH Tunneling to secure C2 infra
      • Phishing
      • Internal Recon
      • Lateral Movement
      • Post-Exploitation
      • Exfiltration
      • Cleanup
    • Red Team TTPs
      • Active Directory
      • Persistence
      • Exfiltration
      • Phishing
      • Windows Bypasses
    • Red Team Dev
      • Extending Havoc C2
        • Third Party Agents
          • 1: Understanding the interface
          • 2: Writing the agent
          • 3: Writing the agent handler
          • 4: Testing the agent
      • Loader Dev
        • In Memory OPSEC
          • PE Structures
          • Memory Permissions and Allocation Types
          • In Memory Signatures
          • Thread Stack
          • Windows Events
          • Userland Hooks
          • AMSI & ETW
        • Evasion Adventures
        • Loader basics
        • Sleep masking
        • Mimikatz vs Windows Defender
        • Indirect syscalls
    • Cobalt Strike
      • Modifying the Sleep Mask Kit
      • Discord Beacon Notifications
      • Evading Hunt-Sleeping-Beacons
      • Beacon Object Files
    • Misc. Interesting Stuff
  • 🛡️Blue Team
    • Detecting Cobalt Strike
      • Sleep Mask Kit IOCs
      • Hunting Beacon in the heap
      • Decrypting C2 traffic with known key
  • 🚩CTF Solutions
    • Cyber Defenders Discovery Camp 2021
      • 👁️‍🗨️Lets Go Hunting
      • 🐧Linux Rules The World!
      • 📻Going active
      • 🗄️File it away
      • 😷Behind the mask
  • Box challenges
    • 📦Box Writeups
  • Me myself and I
    • root@codex #
Powered by GitBook
On this page

Cyber Defenders Discovery Camp 2021

This CTF was problematic...to say the least :/

PreviousDecrypting C2 traffic with known keyNextLets Go Hunting

Last updated 2 years ago

Team Name: Pogtopia

Final placement: 2nd runner up

This was a CTF hosted by DSTA in 2021. The challenge categories in the CTF were:

1. Lets Go Hunting - OSINT

2. Linux Rules The World! - Linux

3. Going Active - Active reconnaissance

4. Web Takedown 1 - Web (day 1)

5. Web Takedown 2 - Web (day 2)

6. File it Away - Pwn

7. Post Mortem - Forensics

8. Break It Down - Crypto

9. Behind The Mask - Windows/Active Directory

I focused mostly on the OSINT, Linux, active recon, web and Windows AD categories due to their offensive nature, so the other categories may not be as well documented in this page.

Probably the least stable CTF infrastructure I've ever encountered. This CTF had technical difficulties from start to end, with the CTF being delayed a whole day, boxes being constantly down, challenges being able to be tampered with, an unstable CTF platform and lack of technical support, especially near the end.

In the final hours of the CTF, not just the linux challenges, but the pwn, web and other linux hosts were griefed and rendered unusable. While tampering with challenges is not permitted according to CTF rules, there should have been a reset system for the boxes, like in other CTFs.

With that said, I enjoyed playing with the Active Directory challenges, and learnt some new OSINT techniques along the way that might help with offensive operations in the future.

Challenge Writeups

👁️‍🗨️Lets Go Hunting🐧Linux Rules The World!📻Going active🗄️File it away😷Behind the mask

Some challenges we solved could not be properly documented due to challenge hosts being taken offline shortly after the CTF ended.

Final Placement
Challenges solved
Page cover image