An Introduction to Cybersecurity, Capture the Flag Contests, and Basic Security Concepts

Learning web security can feel scary. Start here.

Featured image

Cybersecurity is important, there’s no dodging that fact. It is also nothing like the hacking that is shown in most popular media.

However, that does not mean it isn’t interesting, it is undoubtedly so. Due to this intrigue, lots of people want to dip their feet into cybersecurity, myself included, and I have found capture the flag events (CTFs) to be a wonderful way to get a taste of the field.

Now, by no means are CTFs completely accurate in the day-to-day work of a cybersecurity professional but they are very educational and they do help people develop their cybersecurity skillsets, as well as just being fun to participate in.

In addition, if you are a programmer, these will give you an insight into the way you should design your programs so that they are not vulnerable to malevolent users. You don’t want to be the person that stored all their passwords in plain text.

What Is a CTF?

At this point, you may be asking yourself: “Cool, but what is a CTF?”

Essentially, it is a team cybersecurity competition of which there are three main types:

In this article, I will be mainly focusing on the jeopardy-type CTF. In the future, I may write another article on attack-defense competitions.

What Are All Those Categories?

Before you get into all of the cool categories in jeopardy contests that I mentioned earlier, you need to learn the basics. Most importantly, you need to familiarize yourself with the Linux terminal.

Here are a couple of commands that you will use over, and over, and over again:

ls: This command lists out all the files and subdirectories that you are currently in.

pwd: This prints your current working directory. If you are in the documents directory, this will return documents.

cd: This command changes the directory into any of the subdirectories of the current directory. Eg: If you have an essays folder in your documents folder and your current directory is documents, cd essays, will take you to your essays folder.

These are the absolute basics for the Linux terminal and there are a lot more commands that we will cover in the rest of this article.

To succeed in CTFs, it is also important to know:

Time to start digging into some heavier stuff.

Cryptography

Cryptography challenges consist of exactly what you think they would, codebreaking. Given a ciphertext, can you decode it into the original message? Can you do the opposite?

These types of problems include an encrypted message that you have to decrypt. To prepare for these, it is best to learn different types of ciphers and how to decrypt them.

Here are some common methods of encryption in these challenges: Caesar Ciphers, Vigenère Ciphers, and RSA. For more info on how to decrypt these, check out this link.

Steganography

Steganography is not cryptography by definition but it does involve hiding messages in plain sight. As a result, many CTF organizers will include steganography challenges in the cryptography section.

Steganography consists of hiding messages in media files, typically audio and images. It is important to note that there aren’t a lot of real applications in the field of cybersecurity with steganography, other than just increasing your knowledge.

There is a multitude of ways to do this and not enough space in this general-purpose article to cover them all, so here is an in-depth article about steganography: CTF Tidbits: Part 1 — Steganography I have been asked by a few folks what tools I use for CTF’s. What I use all depends on what the CTF is. There are all…medium.com

Binary Exploitation

Binary exploitation involves finding vulnerabilities in a program, typically Linux executables, and then exploiting these vulnerabilities to obtain the flag.

These exploitations usually involve either using the program to gain control of a shell or just modifying the program to yield the flag. This is an extremely broad field and some helpful tips can be found here.

Forensics

Forensics challenges in CTFs typically have the following aspects:

Here is something that goes into a lot of detail on this topic.

Web Exploitation

Web exploitation challenges have the contestant retrieve the flag from exploiting websites and web apps. There are a couple of ways to do this:

For more in-depth information on the above topics, take a look at this wonderful resource.

Reverse Engineering

As the name suggests, these types of challenges are based around reverse-engineering a program to figure out how to properly exploit it. The product of a successful exploit is the flag, as desired.

These could be given in many programming languages but the following, especially the first two, tend to show up more than others:

It is to be noted that there are a lot of times where you are not given the actual source code of the program and are just given the executable.

To overcome this hurdle, we use *decompilers. *These programs try to convert the executable back into source code.

A great example of a decompiler is Ghidra which was created by the NSA. It is a very powerful tool and very good at it what it does. It would be advisable to have set this up on your computer.

For a more in-depth explanation of reverse engineering, take a look at this wonderful resource.

Beginner-Friendly CTFs

Alright, these CTF things seem cool, how do I participate in one?

Well, future pwner, here’s a list of CTFs that are great for beginners. Note, not all of them are available right now:

Now, get out there and capture those flags. Trust me, it is an incredible experience.

A Giant List of Resources