Psi Beta Rho Wiki

by members of Psi Beta Rho & ACM Cyber at UCLA

This wiki is a ongoing project run by Psi Beta Rho and ACM Cyber at UCLA. It is a collection of resources for learning about cybersecurity, particularly through CTFs. This is meant as both a starting point for beginners and a reference for more experienced players. While the content is primarily aimed at UCLA students who are part of the PBR team, it is also accessible to anyone who is interested in learning about cybersecurity.

Contributing

If you are interested in contributing to this wiki, please feel free to open a pull request or issue on the GitHub repository. The content of this site has been collected by a variety of people contributing their knowledge and resources. If you would like to contribute, please do so! We are always looking for more content to add to this wiki.

Introduction

If you are reading this page, you have probably been referenced here for one of a few reasons:

  1. You are a new/prospective member of ACM Cyber at UCLA / Psi Beta Rho.
  2. You are someone looking to get into playing CTFs.
  3. Someone interested in learning about cybersecurity.

This wiki is meant to be a collection of resources for learning about cybersecurity, particularly through CTFs. This is meant as both a starting point for beginners and a reference for more experienced players. This page is meant to explain some critical points when getting started with CTFs.

Where do I start?

This is probably one of the most popular questions the members of our club get. While this wiki was a project trying to solve this question, it by no means is a perfect solution. In fact, part of the beauty of cybersecurity / CTFs is that it is so interdisciplinary and that much of what you learn is from building experience. For that reason, the answer is to just start! The following video by LiveOverflow is also a great answer to this question that we highly recommend watching.

How to use this wiki?

In the current form of the wiki, it is not meant to be a text book but rather a collection of resources for people to explore. The order of the chapters is not to indicate any sort of importance or order of learning, but rather to group similar topics together. We recommend that you explore the wiki and find what interests you. A future goal of this project is to add a bit more context to each sort of field within cybersecurity, but for now we recommend looking at each chapter and seeing what interests you. The most important thing is to just start! Additionally, do not be afraid to ask questions! The members of our club are always happy to help.

What are CTFs?

CTF 101: https://ctf101.org/ CTF Field Guide: https://trailofbits.github.io/ctf/

Capture The Flag competitions (CTFs) are cybersecurity competitions where teams solve challenges to win points. These challenges generally involve exploiting some vulnerability in a target piece of code, which contains a secret "flag" (a unique string) that can only be accessed through exploiting said vulnerability. Once someone has figured out the exploit and captured the flag, they submit it for points, hence the name Capture The Flag.

Some common categories of challenges include Binary Exploitation (pwn), Reverse Engineering, Cryptography, and Web Exploitation, to name a few. Don't worry if you don't know what these mean yet, this repository should help with that!

Psi Beta Rho

This chapter contains resources and information specific to Psi Beta Rho. It is meant to act as a reference for members who are joining the team for the first time and contains information about the team's history, logistics, and resources. While this chapter can probably skipped by anyone who is not a member of our team, it is still publically available for anyone who is interested in learning about how we run our club and team.

What is PBR?

Psi Beta Rho (abbreviated as PBR) is cybersecurity club and UCLA's competitive CTF team. We have practices every week of the quarter (unless otherwise specified) and compete in CTFs. Our CTF schedule isn't particularly set, we kind of play this by ear, but do try to keep an open hour or two on the weekends in case we are competing.

We also run LA CTF, our own CTF competition that we write the challenges for! If you're interested in challenge writing, talk to a team captain.

Fall '24 Cyber Academy

Writeups/challenges for Cyber Academy Fall 2024.

Fundamentals 1: Intro to Linux

by Audrey Emis

Linux is an extremely important tool to know as someone involved in computer science. Linux is a very popular free and open source operating system, which means it manages the communication between the software and hardware on your computer. Different machines have different ways of accessing a linux terminal and there are tons of linux commands (along with their options/flags) to cover. We are going through some basic file system traversal using essential linux commands like pwd, cd, and ls. We are also learning how to add and remove files/directories and how to read man pages effectively. There is a lot to learn about the linux operating system and going through OverTheWire's Bandit wargame is a great first step!

Slides

Challenges

We are solving levels from OverTheWire: Bandit at overthewire.org/wargames/bandit to learn and practice various fundamental linux commands.

Resources

The following are great resources to learn and practice linux commands.

  • Interactive Linux Tutorial: Made by your own ACM Cyber and ACM Teach committees, this easy to follow tutorial will get you familiar with important linux commands, while also getting familiar with Linux's mascot, Tux.
  • Top 60 Essential Linux Commands: Website listing some must-know linux commands along with quick summaries of how to use them.
  • tldr: Man pages can be really confusing and dense. tldr is a great resource since it is a simpler help page that focuses on practical examples.

Fundamentals 1: Intro to Linux

by Audrey Emis

Linux is an extremely important tool to know as someone involved in computer science. Linux is a very popular free and open source operating system, which means it manages the communication between the software and hardware on your computer. Different machines have different ways of accessing a linux terminal and there are tons of linux commands (along with their options/flags) to cover. We are going through some basic file system traversal using essential linux commands like pwd, cd, and ls. We are also learning how to add and remove files/directories and how to read man pages effectively. There is a lot to learn about the linux operating system and going through OverTheWire's Bandit wargame is a great first step!

Slides

Challenges

We are solving levels from OverTheWire: Bandit at overthewire.org/wargames/bandit to learn and practice various fundamental linux commands.

Resources

The following are great resources to learn and practice linux commands.

  • Interactive Linux Tutorial: Made by your own ACM Cyber and ACM Teach committees, this easy to follow tutorial will get you familiar with important linux commands, while also getting familiar with Linux's mascot, Tux.
  • Top 60 Essential Linux Commands: Website listing some must-know linux commands along with quick summaries of how to use them.
  • tldr: Man pages can be really confusing and dense. tldr is a great resource since it is a simpler help page that focuses on practical examples.

Fundamentals 2: Forensics

by Alec Machlis

At a very high level, Forensics is the science of extracting and preserving data from things. In a crime lab, this is extracting clues from physical evidence from a crime scene, but in Cybersecurity, this is the collection of data from various digital sources. Forensics can be applied to a wide variety of fields in Computer Science, but we will primarily focus on File Forensics, with some cursory Image Steganography and Network Forensics introductions.

Slides

Challenges

We are solving challenges from various sources at the beginner level, available on our platform: https://platform.acmcyber.com.

Once you have finished our challenges, check out the Forensic Challenges available at PicoCTF Gym: https://play.picoctf.org/practice?category=4&page=1

Resources

The following are great resources for Forensics challenges.

  • Stego Toolkit: Docker container with many steganography detectors and decoders pre-installed.
  • Aperisolve: Online image steganography detction tool.
  • Binwalk: Tool to extract files located within other files.
  • Hexed.it: Online browser-based file Hex Editor.
  • Wireshark: Used for Network Forensics, whenever you find a .pcap or .pcapng file.
  • Autopsy: Used for Disk Forensics, whenever you get a raw disk file.
  • Volatility: Used for Memory Dump Forensics.
  • aconvert file detection: Online tool for file format detection.

Fundamentals 3: Intro to Reverse Engineering

by Mark Epstein & Jason An

Reverse engineering is a field of cybersecurity that involves figuring out what a program, often compiled, does, in order to achieve some kind of goal, like bypassing a license check or finding a vulnerability in the software. From professional positions like vulnerability research and malware analysis, to hobbyist activities like game modding or DRM cracking, reverse engineering has a wide variety of interesting applications in cybersecurity. We'll start off by learning basic reverse engineering principles on programs with full to nearly-full source code access, and then move towards learning how to reverse engineer compiled executables later on.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 2" under "week". They are:

  • rev/Character Numbers
  • rev/just-dance
  • rev/brick-maze
  • rev/salsa69

Resources

The following resources are great tools for some of the reversing challenges:

  • Online Java Decompiler: An entirely online tool that can decompile Java jar/class files back to decent-quality source code.
  • repl.it: A website that lets you run many different programming languages online, which you can use to play around with programs if you don't want to install them locally.
  • CyberChef: An online tool that has a variety of different encoding and encryption schemes, which may be useful.

Fundamentals 4: Intro to Web & Client-Side Security

by Savannah

As you know, the Internet is a really cool and fun place! It follows the client-server model, where clients like your phone or laptop request information from servers, who provide this information. Pages on the Internet consist of HTML (providing the content of the webpage), CSS (styling for the content), and JavaScript (allowing for pages to be interactive).

Unfortunately for website creators, there exists many possibile website vulnerabilities accessible straight from your browser! This is client side security, which deals with vulnerabilites that can be exploited straight from the client. When looking into client side security, Chrome Dev Tools is your best friend. It allows you to look at the website sources, run JavaScript, see network requests, edit cookies, and more.

Slides

Challenges

We will be doing challenges web/control-you, web/sourcery, and web/cooking, web/acm-netsec, and web/terms-and-conditions, available on our platform: https://platform.acmcyber.com. These challenges are ordered by increasing difficulty, but feel free to jump around if you want.

There are more challenges available on our platform if you'd like to try them out.

Resources

The following resources are great to learn more about the topics covered in the slides.

  • Chrome DevTools Documentation: The comprehensive resource for various features of Chrome DevTools. Frequently, the Chrome DevTools Developer Advocacy team will put together blog posts and videos to help show off new features and how to use them.
  • MDN Web Docs: Document Object Model (DOM): The DOM API has a lot of features that are well documented by MDN. This is a great resource to figure out how to use different features of the DOM API when working on client-side web challenges.
  • How to hack the Chrome Dinosaur game: A great exercise in understanding why attempting to secure code on the client-side is a losing battle. This article goes through various tricks for how to hack the Chrome Dinosaur game!

Fundamentals 5: HTTP Requests

by Renuka Bhusari

An HTTP Request is a message sent by a client to a server asking for a resource or for an action to be performed. HTTP requests and responses are how clients and servers communicate and interact. We'll cover the main types of requests: GET, HEAD, and POST. We'll also teach how to send requests using curl on the command line and the requests library in python!

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - fundamentals/deez
  • Challenge 2 - fundamentals/post-office
  • Challenge 3 - web/getit
  • Challenge 4 - web/get-ahead
  • Challenge 5 - web/gameing-session
  • Challenge 6 - web/max-verstappen

Resources

The following are resources covering different request methods and how to use curl and python to send requests.

Fundamentals 6: Introduction to Cryptography

by Arnav Vora

Cryptography is the process of hiding information or communicating securely in an environment where everyone is trying to read the communication. Most cryptography examples involve Alice and Bob trying to communicate while Eve listens in. Today, we explored the basics of cryptography, starting with the most fundamental classical ciphers used before we had powerful computers. However, these ciphers are completely inadequate to hide data in today's age. We learn of ways that computers can break these ciphers, and then move to discussing more modern forms of encryption. A fundamental operation in modern cryptography is XOR. This can be used to create the One-time Pad, a mathematically perfectly secure cipher that reveals no information about the information being sent. However, this cipher isn't practical in most scenarios, and it has many conditions for it to actually achieve perfect security. We then discuss two main classes of symmetric ciphers that are widely used: block ciphers and stream ciphers.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - fundamentals/Caesar turns 47
  • Challenge 2 - fundamentals/vigenere is kill
  • Challenge 3 - fundamentals/XOR practice
  • Challenge 4 - fundamentals/Practice Run
  • Challenge 5 - fundamentals/Practice Run 2
  • Challenge 6 - fundamentals/bigram

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • dcode.fr: This website hosts many classical ciphers, and provides tools for encryption, decryption, and automatic cracking of ciphers. This is a staple for classical cryptography challenges.
  • guballa Substitution Solver: My personal favorite website to crack monoalphabetic substitution ciphers.
  • Cyberchef: This website also hosts many ciphers, and provides tools for encryption, decryption, and automatic cracking. It is very powerful at detecting the cipher used in encryption if is unknown, and is also a staple for classical cryptography challenges.
  • pycryptodome: A library that implements many modern-day cryptographic algorithms.

Fundamentals 6: Modern Cryptography Basics

by Rathul Anand

Cryptography is the process of hiding information or communicating securely in an environment where everyone is trying to read the communication. Most cryptography examples involve Alice and Bob trying to communicate while Eve listens in. Today, we explore modern cryptography, heavily rooted in modular arithmetic. Modular arihmetic the language underlying modern cryptosystems. Many cryptographic alogirhtms rely on this arithmetic, where numbers "wrap around" after reaching a certain modulus. For example, the Diffie-Hellman Key Exchange (DHKE), which we covered today, leverages modular exponentiation to enable two parties to share a secret over an insecure channel. By applying modular arithmetic, both parties can compute the same shared secret without revealing or sharing their private keys. This principle forms the basis for secure communication in many asymmetric encryption schemes. We also cover the RSA cryptosystem, what it is, and what calculations are needed. Finally, we will have time to write writeups for challenges we have solved this quarter in cyber academy or elsewhere.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. We recommend working in the order below, as the challenges build upon themselves.

  • Challenge 1 - fundamentals/Modular Practice
  • Challenge 2 - fundamentals/RSA Practice
  • Challenge 3 - fundamentals/rubiks-cube
  • Challenge 4 - fundamentals/prime-factory
  • Challenge 5 - fundamentals/lunchly-exchange

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • dcode.fr: This website hosts many classical ciphers, and provides tools for encryption, decryption, and automatic cracking of ciphers. This is a staple for classical cryptography challenges.
  • Alpertron: A fast online integer factorization calculator for large numbers
  • FactorDB: A large online database of integers and their factors.
  • pycryptodome: A library that implements many modern-day cryptographic algorithms.
  • cryptohack: A website with many challenges related to cryptography.
  • Cyberchef: This website also hosts many ciphers, and provides tools for encryption, decryption, and automatic cracking. It is very powerful at detecting the cipher used in encryption if is unknown, and is also a staple for classical cryptography challenges.
  • hackMD: A very useful markdown editor/publisher
  • Twin Prime: Gary's writeup for Twin Primes from Buckeye CTF 2023, a good example of a writeup for an easier challenge.
  • SHA256-CTR: Arnav's writeup for SHA256-CTR from SDCTF 2023, a good example of a writeup for a harder challenge.

Web 1: Intro to Web & Client-Side Security

by Benson Liu

The internet is one of the most powerful tools that we used today and is deeply integrated into our daily lives. As the history of the web envolved, the security of the internet has changed as well. As we begin our journey into web security, we will start by understanding the basics of the web and how to secure the client-side of web applications. Every page on the internet is composed of HTML, CSS, and JavaScript which is used to display content, add styling, and make the page interactive respectively. Most web apps take on the client-server model when desigining their systems and communicate with each other using the HTTP protocol. Web clients or frontends are targets for a variety of security vulnerabilities (we will cover these in later weeks) but for now, we will focus on getting familiar with interacting with the client-side of web applications using the Chrome Developer Tools, Document Object Model (DOM) APIs and more!

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - web/control-you (from angstromctf 2019)
  • Challenge 2 - web/sourcery
  • Challenge 3 - web/cooking
  • Challenge 4 - web/acm-netsec
  • Challenge 5 - web/terms-and-conditions (from lactf 2024)

Resources

The following resources are great to learn more about the topics covered in the slides.

  • Chrome DevTools Documentation: The comprehensive resource for various features of Chrome DevTools. Frequently, the Chrome DevTools Developer Advocacy team will put together blog posts and videos to help show off new features and how to use them.
  • MDN Web Docs: Document Object Model (DOM): The DOM API has a lot of features that are well documented by MDN. This is a great resource to figure out how to use different features of the DOM API when working on client-side web challenges.
  • How to hack the Chrome Dinosaur game: A great exercise in understanding why attempting to secure code on the client-side is a losing battle. This article goes through various tricks for how to hack the Chrome Dinosaur game!

Web 1: Intro to Web & Client-Side Security

by Benson Liu

The internet is one of the most powerful tools that we used today and is deeply integrated into our daily lives. As the history of the web envolved, the security of the internet has changed as well. As we begin our journey into web security, we will start by understanding the basics of the web and how to secure the client-side of web applications. Every page on the internet is composed of HTML, CSS, and JavaScript which is used to display content, add styling, and make the page interactive respectively. Most web apps take on the client-server model when desigining their systems and communicate with each other using the HTTP protocol. Web clients or frontends are targets for a variety of security vulnerabilities (we will cover these in later weeks) but for now, we will focus on getting familiar with interacting with the client-side of web applications using the Chrome Developer Tools, Document Object Model (DOM) APIs and more!

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - web/control-you (from angstromctf 2019)
  • Challenge 2 - web/sourcery
  • Challenge 3 - web/cooking
  • Challenge 4 - web/acm-netsec
  • Challenge 5 - web/terms-and-conditions (from lactf 2024)

Resources

The following resources are great to learn more about the topics covered in the slides.

  • Chrome DevTools Documentation: The comprehensive resource for various features of Chrome DevTools. Frequently, the Chrome DevTools Developer Advocacy team will put together blog posts and videos to help show off new features and how to use them.
  • MDN Web Docs: Document Object Model (DOM): The DOM API has a lot of features that are well documented by MDN. This is a great resource to figure out how to use different features of the DOM API when working on client-side web challenges.
  • How to hack the Chrome Dinosaur game: A great exercise in understanding why attempting to secure code on the client-side is a losing battle. This article goes through various tricks for how to hack the Chrome Dinosaur game!

Web 2: HTTP Requests

by Renuka Bhusari

HTTP requests are essential for web communication, but they also serve as critical vectors for potential threats. HTTP (HyperText Transfer Protocol) is the protocol that governs the communication between a client (like a web browser) and a web server. When a user tries to access a website, their browser sends an HTTP request, and the server responds with the requested content, such as HTML, CSS, or images. This week's content covers how to send requests to web pages using curl and python, start request sessions, and more!

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - web/get-ahead
  • Challenge 2 - web/gameing-session
  • Challenge 3 - web/max-verstappen

Resources

The follow resource was not covered in the slides, but is also a very important tool. There are also additional resources linked on the slides.

  • Using nc to Send Requests: Netcat (commonly abbreviated as nc) is a simple network utility used for reading and writing data over network connections.

Web 3: Local File Inclusion

by Audrey Emis

The Linux File System has some built in directories that every directory (even seemingly empty ones) have! . represents the current directory and ../ represents the parent directory. Some web apps take file paths as inputs from users, which can lead to sensitive data being uncovered if the user puts in the right input. They can use "../" to get to parent directories, all the wayup to the root directory, where many more files are accessible. This vulnerability is caused by weak input sanitization or other interesting loopholes in the code. Today, we'll learn about LFI and work through some challenges that cover different LFI techniques!

Slides

Challenges

We'll be working on the following challenges on platform.acmcyber.com

  • Challenge 1 - web/happy-halloween
  • Challenge 2 - web/potluck
  • Challenge 3 - web/book-store
  • Challenge 4 - web/stealing-favorite-animal-flag
  • Challenge 5 - web/the-modern-file-explorer-1
  • Challenge 6 - web/the-modern-file-explorer-2
  • Challenge 7 - web/the-modern-file-explorer-3
  • Challenge 8 - web/the-modern-file-explorer-4
  • Challenge 9 - web/the-modern-file-explorer-5

Resources

The following are great resources for learning about LFI, mitigations, and bypasses.

Web 4: Advanced Local File Inclusion

by Ronak Badhe

Last week, we covered why local file inclusion is possible and some basic LFI techniques. This week, we'll dive into more advanced techniques that can be used to bypass certain mitigations. Oftentimes, different languages have different quirks when handling file paths. Unintuitive behavior is the basis for security vulnerabilities. There are special linux files that contain more information for exploitation, like /proc/self and /dev/fd. When coming up with LFI exploits, you should research the app's language/framework (especially if the framework is not super common or "normal") and do a lot of experimenting! We'll work through some advanced LFI challenges today and learn about various strange behaviors in web apps.

Slides

Challenges

We'll be continuting on challenges from last week along with two new challenges, all deployed on platform.acmcyber.com

  • Challenge 1 - web/happy-halloween
  • Challenge 2 - web/potluck
  • Challenge 3 - web/book-store
  • Challenge 4 - web/stealing-favorite-animal-flag
  • Challenge 5 - web/the-modern-file-explorer-1
  • Challenge 6 - web/the-modern-file-explorer-2
  • Challenge 7 - web/the-modern-file-explorer-3
  • Challenge 8 - web/the-modern-file-explorer-4
  • Challenge 9 - web/the-modern-file-explorer-5
  • NEW Challenge 10 - web/nginkoid
  • NEW Challenge 11 - web/buns

Resources

The following resources cover various techniques for advanced local file inclusion.

Web 5: XSS

by Stewart Kwok

XSS stands for Cross Site Scripting and it's a web attack where the attacker injects code to be run on the website. It requires the victim to visit the webpage with the malicious code. There are many techniques for injecting JavaScript code into a webpage. We'll go through stored, reflected, and DOM-based XSS and their common payloads. URLs, form fields, cookies, and HTTP headers are all common injection points. Input sanitization can be used to mitigate these attacks, but there are also ways to bypass these mitigations!

Slides

Challenges

The following XSS challenges are deployed to platform.acmcyber.com

  • Challenge 1 - web/acm-picks
  • Challenge 2 - web/hello-my-name-is
  • Challenge 3 - web/brainrot-xss
  • Challenge 4 - web/bananas
  • Challenge 5 - web/hptla
  • Challenge 6 - web/xtra-salty-sardines

Resources

The following are resources for different kinds of XSS attacks.

Web 6: XSS Revisited

by Stewart Kwok

Cross-Site Scripting (XSS) is a web vulnerability that allows attackers to inject malicious scripts into websites, which are then executed in a victim's browser. This type of attack can lead to the theft of sensitive data such as cookies or session tokens, and is a significant threat to web security.

Today, we explored various methods of injecting JavaScript, including the use of <script> tags and event attributes. We also covered how attackers simulate victim interactions with admin bots to steal sensitive data like cookies or flags. We discussed advanced exploitation techniques, such as the double-fetch trick, to bypass HTTPOnly cookie protections. Finally, we examined defenses like input sanitization and the challenges of bypassing these security measures.

Slides

Challenges

The following XSS challenges are deployed to platform.acmcyber.com

  • Challenge 1 - web/homework
  • Challenge 2 - web/among-us
  • Challenge 3 - web/among-us-extra-sus
  • Challenge 4 - web/hello-my-name-is
  • Challenge 5 - web/acm-picks
  • Challenge 6 - web/xtra-salty-sardines
  • Challenge 7 - web/brainrot-xss
  • Challenge 8 - web/hptla

Resources

The following are resources for different kinds of XSS attacks.

Web 7: Catchup + Writeups

by Ronak Badhe and Stewart Kwok

Revisiting and completing unfinished challenges is an essential part of building your skills and deepening your understanding of key concepts. Today, we’ll take the opportunity to catch up on any unsolved challenges while exploring the elements of a strong writeup. A well-crafted writeup not only explains the challenge but also walks through your thought process, details the tools or techniques you used, and outlines the steps you took to reach a solution. It’s a valuable resource for both sharing knowledge with others and reflecting on your own learning journey.

Slides

Challenges

The following challenges are deployed to platform.acmcyber.com

  • Challenge 1 - web/max-verstappen
  • Challenge 2 - web/xtra-salty-sardines
  • Challenge 3 - web/brainrot-xss
  • Challenge 4 - web/bearg
  • Challenge 5 - web/hptla

Resources

The following are examples of good writeups!

Crypto 1: Intro to cryptography

by Arnav Vora

Cryptography is the process of hiding information or communicating securely in an environment where everyone is trying to read the communication. Most cryptography examples involve Alice and Bob trying to communicate while Eve listens in. Today, we explored the basics of cryptography, starting with the most fundamental classical ciphers used before we had powerful computers. However, these ciphers are completely inadequate to hide data in today's age. We learn of ways that computers can break these ciphers, and then move to discussing more modern forms of encryption. A fundamental operation in modern cryptography is XOR. This can be used to create the One-time Pad, a mathematically perfectly secure cipher that reveals no information about the information being sent. However, this cipher isn't practical in most scenarios, and it has many conditions for it to actually achieve perfect security.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - crypto/caesar-turns-47
  • Challenge 2 - crypto/substitute
  • Challenge 3 - crypto/vigenere-is-kill
  • Challenge 4 - crypto/xor-practice
  • Challenge 5 - crypto/practice-run

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • dcode.fr: This website hosts many classical ciphers, and provides tools for encryption, decryption, and automatic cracking of ciphers. This is a staple for classical cryptography challenges.
  • guballa Substitution Solver: My personal favorite website to crack monoalphabetic substitution ciphers.
  • Cyberchef: This website also hosts many ciphers, and provides tools for encryption, decryption, and automatic cracking. It is very powerful at detecting the cipher used in encryption if is unknown, and is also a staple for classical cryptography challenges.

Crypto 1: Intro to cryptography

by Arnav Vora

Cryptography is the process of hiding information or communicating securely in an environment where everyone is trying to read the communication. Most cryptography examples involve Alice and Bob trying to communicate while Eve listens in. Today, we explored the basics of cryptography, starting with the most fundamental classical ciphers used before we had powerful computers. However, these ciphers are completely inadequate to hide data in today's age. We learn of ways that computers can break these ciphers, and then move to discussing more modern forms of encryption. A fundamental operation in modern cryptography is XOR. This can be used to create the One-time Pad, a mathematically perfectly secure cipher that reveals no information about the information being sent. However, this cipher isn't practical in most scenarios, and it has many conditions for it to actually achieve perfect security.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - crypto/caesar-turns-47
  • Challenge 2 - crypto/substitute
  • Challenge 3 - crypto/vigenere-is-kill
  • Challenge 4 - crypto/xor-practice
  • Challenge 5 - crypto/practice-run

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • dcode.fr: This website hosts many classical ciphers, and provides tools for encryption, decryption, and automatic cracking of ciphers. This is a staple for classical cryptography challenges.
  • guballa Substitution Solver: My personal favorite website to crack monoalphabetic substitution ciphers.
  • Cyberchef: This website also hosts many ciphers, and provides tools for encryption, decryption, and automatic cracking. It is very powerful at detecting the cipher used in encryption if is unknown, and is also a staple for classical cryptography challenges.

Crypto 2: Block Ciphers

by Arnav Vora

When discussing modern-day ciphers, we have two desireable properties: confusion and diffusion. A type of symmetric cipher (meaning the encryption and decryption key are the same) that achieves both of these goals is a block cipher. These ciphers divide up the plaintext into fixed-size blocks, and then encrypt them with the same key. Two commonly-used block ciphers are DES and AES. DES has fallen out of favor due to its variety of security flaws. However, AES is now very commonplace and is the modern standard for encryption. When implementing a block cipher, you must consider how different blocks are encrypted with the same key; this mechanism is called the mode of operation and influences a lot about the cipher's security.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - crypto/practice-run
  • Challenge 2 - crypto/bigram
  • Challenge 3 - crypto/filter-ciphertext
  • Challenge 4 - crypto/filter-plaintext
  • Challenge 5 - crypto/desfunctional
  • Challenge 6 - crypto/be-fast

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • pycryptodome: A library that implements many modern-day cryptographic algorithms.
  • Modes of Operation A good article about the different modes of operation of block ciphers.

Crypto 2: Stream Ciphers

by Arnav Vora

For perfect security, OTP has very restrictive conditions. Instead, we want to design ciphers that need a smaller key and are easy to work with. Symmetric encryption is when the same key is used for encryption and decryption, and there are two types of commonly-used ciphers. Stream ciphers generate a "keystream" similar to OTP's key, but instead from a single fixed-size key. On the other hand, block ciphers divide up the ciphertext into "blocks" and apply an encryption function to each block using the key. There are many standard commonly-used stream and block ciphers.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - crypto/practice-run-2
  • Challenge 2 - crypto/count-the-counter

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • pycryptodome: A library that implements many modern-day cryptographic algorithms.

Crypto 4: Math for Crypto, DHKE

by Rathul Anand

Modular arihmetic is an important language underlying modern cryptosystems. Many cryptographic alogirhtms rely on this arithmetic, where numbers "wrap around" after reaching a certain modulus. For example, the Diffie-Hellman Key Exchange (DHKE), which we cover in these slides, leverages modular exponentiation to enable tow parties to share a secret over an insecure channel. By applying modular arithmetic, both parties can compute the same shared secret without revealing or sharing their private keys. This principle forms the basis for secure communication in many asymmetric encryption schemes.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - crypto/chinese-lazy-theorem-1
  • Challenge 2 - crypto/modular-practice
  • Challenge 3 - crypto/lunchly-exchange
  • Challenge 4 - crypto/chinese-lazy-theorem-2
  • Challenge 5 - crypto/golden-ticket
  • Challenge 6 - crypto/lazy-lagrange

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • pycryptodome: A library that implements many modern-day cryptographic algorithms.
  • alperton: Has a discrete logarithm solver that works fast for small n.
  • SageMath: An open-source mathematical software tool. Works with Python and has many constructs that are very useful in modular arithmetic/cryptography.

Crypto 5: RSA

by Gary Song

RSA has a huge cultural signifigance for being the first pratical asymmetric cryptosystem, for which it was warded a turning award. For that reason, it is an important foundation for any aspiring cryptographer to study about. We cover the RSA cryptosystem, what it is, what calculations are needed, and a short proof on why it works. Later, we will discuss common attacks on the RSA cryptosystem

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - crypto/rsa-practice
  • Challenge 2 - crypto/rubiks-cube
  • Challenge 3 - crypto/prime-factory
  • Challenge 4 - crypto/rubiks-cube-2

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • pycryptodome: A library that implements many modern-day cryptographic algorithms.
  • cryptohack: A website with many challenges related to cryptography
  • Alpertron: A fast online integer factorization calculator for large numbers
  • FactorDB: A large online database of integers and their factors

Crypto 6: RSA Attacks

by Gary Song

Over the many years since RSA was presented to the world, an enormous amount of research has been put into find different vulnerabilities. While nothing has been found for standard padded RSA, there are several cases of misuse that lead to vulnerabilties being present. These can range from poor parameter generation causing easy factoring to information leakage through auxillary means.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - crypto/rsa-practice
  • Challenge 2 - crypto/rubiks-cube
  • Challenge 3 - crypto/prime-factory
  • Challenge 4 - crypto/rubiks-cube-2
  • Challenge 4 - crypto/mitm

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • pycryptodome: A library that implements many modern-day cryptographic algorithms.
  • cryptohack: A website with many challenges related to cryptography
  • Alpertron: A fast online integer factorization calculator for large numbers
  • FactorDB: A large online database of integers and their factors
  • DanBoneh: A paper by a Stanford professor on RSA attacks

Crypto 7: Digital Signatures and Writeups

by Arnav Vora

Aside from just encrypting data, we also need a cryptographic mechanism to verify the identity of users. This is done through digital signatures. First, we discuss cryptograhic hashing functions, which act as one-way functions with the added benefit of collision resistance. Then, we discuss how we can construct a digital signature scheme using the same RSA primitives. Finally, we will have time to write writeups for challenges we have solved this quarter in cyber academy or elsewhere.

Slides

Challenges

The following challenges in increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides.

  • Challenge 1 - crypto/rubiks-cube
  • Challenge 2 - crypto/prime-factory
  • Challenge 3 - crypto/rubiks-cube-2
  • Challenge 4 - crypto/mitm

Resources

The following resources are great to practice/learn about the ciphers covered in the slides.

  • pycryptodome: A library that implements many modern-day cryptographic algorithms.
  • cryptohack: A website with many challenges related to cryptography
  • Alpertron: A fast online integer factorization calculator for large numbers
  • FactorDB: A large online database of integers and their factors
  • DanBoneh: A paper by a Stanford professor on RSA attacks
  • hackMD: A very useful markdown editor/publisher
  • Twin Prime: Gary's writeup for Twin Primes from Buckeye CTF 2023, a good example of a writeup for an easier challenge.
  • SHA256-CTR: Arnav's writeup for SHA256-CTR from SDCTF 2023, a good example of a writeup for a harder challenge.

Reverse Engineering 1: Intro to Reverse Engineering

by Jason An

Reverse engineering is a field of cybersecurity that involves figuring out what a program, often compiled, does, in order to achieve some kind of goal, like bypassing a license check or finding a vulnerability in the software. From professional positions like vulnerability research and malware analysis, to hobbyist activities like game modding or DRM cracking, reverse engineering has a wide variety of interesting applications in cybersecurity. We'll start off by learning basic reverse engineering principles on programs with full to nearly-full source code access, and then move towards learning how to reverse engineer compiled executables later on.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 2" under "week". They are:

  • rev/Character Numbers
  • rev/just-dance
  • rev/brick-maze
  • rev/salsa69

Resources

The following resources are great tools for some of the reversing challenges:

  • Online Java Decompiler: An entirely online tool that can decompile Java jar/class files back to decent-quality source code.
  • repl.it: A website that lets you run many different programming languages online, which you can use to play around with programs if you don't want to install them locally.
  • CyberChef: An online tool that has a variety of different encoding and encryption schemes, which may be useful.

Reverse Engineering 1: Intro to Reverse Engineering

by Jason An

Reverse engineering is a field of cybersecurity that involves figuring out what a program, often compiled, does, in order to achieve some kind of goal, like bypassing a license check or finding a vulnerability in the software. From professional positions like vulnerability research and malware analysis, to hobbyist activities like game modding or DRM cracking, reverse engineering has a wide variety of interesting applications in cybersecurity. We'll start off by learning basic reverse engineering principles on programs with full to nearly-full source code access, and then move towards learning how to reverse engineer compiled executables later on.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 2" under "week". They are:

  • rev/Character Numbers
  • rev/just-dance
  • rev/brick-maze
  • rev/salsa69

Resources

The following resources are great tools for some of the reversing challenges:

  • Online Java Decompiler: An entirely online tool that can decompile Java jar/class files back to decent-quality source code.
  • repl.it: A website that lets you run many different programming languages online, which you can use to play around with programs if you don't want to install them locally.
  • CyberChef: An online tool that has a variety of different encoding and encryption schemes, which may be useful.

Reverse Engineering 2: Assembly

by Jason An

We'll be diving into x86_64/amd64 assembly this week. Being the dominant architecture in laptops, being able to reverse x86 executables is a crucial skill in reverse engineering, and still has many transferrable skills to reversing other architectures. For this week, we'll cover basic x86 instructions, and how to read and work with assembly.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 3" under "week". They are:

  • rev/bomb
  • rev/bobomb
  • rev/bomb2
  • rev/jabeglnz
  • rev/galfrekcehc

Resources

The following resources are great tools for some of the reversing challenges:

  • objdump command: A command that lets you disassemble an executable to extract the assembly
  • x86 reference: An HTML rendering of the Intel handbook containing details on every x86 instruction

Reverse Engineering 3: Assembly Part 2

by Jason An

We'll be continuing our dive into x86 assembly this week. We'll finish the slides we didn't cover last week, and then move onto learning about how memory works.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 4" under "week". They are:

  • rev/bomb2
  • rev/bobomb
  • rev/jabeglnz
  • rev/galfrekcehc

Resources

The following resources are great tools for some of the reversing challenges:

  • objdump command: A command that lets you disassemble an executable to extract the assembly
  • x86 reference: An HTML rendering of the Intel handbook containing details on every x86 instruction

Reverse Engineering 4: GDB

by Alexander Zhang

This week's topic is GDB, a tool that allows us to control the execution of processes and inspect their state. This is useful for debugging, reverse engineering, and exploit development. We will also learn about GEF, a GDB extension with lots of useful features for CTFs.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 5" under "week". They are: You can practice using GDB on the challenges from previous weeks:

  • rev/bomb
  • rev/bomb2
  • rev/bomb3
  • rev/bobomb
  • rev/flow
  • rev/galfrekcehc
  • rev/salsa69
  • rev/jabeglnz
  • rev/nested

We've also added some new challenges that are designed to be much easier to solve with GDB than with static analysis alone:

  • rev/dancing
  • rev/boxing

Resources

The following resources are great tools for some of the reversing challenges:

Reverse Engineering 5: Decompilers

by Enzo Saracen

This week's topic is decompilers: tools that lift machine code from executables into higher-level source-like representations. This is useful for static analysis of binaries when source code is not provided. We will be demonstrating the features of decompilers using Binary Ninja, a proprietary decompiler that provides both a local and cloud-based free version.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 6" under "week". They are:

You can also practice using decompilers on some of the challenges from previous weeks that involve a binary:

  • rev/flow
  • rev/galfrekcehc
  • rev/jabeglnz
  • rev/nested
  • rev/dancing
  • rev/boxing

Resources

The following resources are great tools for some of the reversing challenges:

Binary Exploitation 1: Intro to Pwn

by Alexander Zhang

Binary exploitation, also known as pwn, is a category of challenges where we gain control over vulnerable programs by exploiting memory safety vulnerabilities. We will learn about basic pwn concepts today and exploit buffer overflow vulnerabilities, where a program can be tricked into writing data past the end of a buffer in memory.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 8" under "week". They are:

  • pwn/pwn0
  • pwn/ret2win
  • pwn/bot
  • pwn/aplet123

Resources

The following resources are great tools for some of the pwn challenges:

  • GEF: A GDB extension with lots of useful features for pwn.
  • pwntools: A Python library useful for writing solve scripts.
  • pwninit: A tool for setting up pwn challenges locally.

Binary Exploitation 1: Intro to Pwn

by Alexander Zhang

Binary exploitation, also known as pwn, is a category of challenges where we gain control over vulnerable programs by exploiting memory safety vulnerabilities. We will learn about basic pwn concepts today and exploit buffer overflow vulnerabilities, where a program can be tricked into writing data past the end of a buffer in memory.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 8" under "week". They are:

  • pwn/pwn0
  • pwn/ret2win
  • pwn/bot
  • pwn/aplet123

Resources

The following resources are great tools for some of the pwn challenges:

  • GEF: A GDB extension with lots of useful features for pwn.
  • pwntools: A Python library useful for writing solve scripts.
  • pwninit: A tool for setting up pwn challenges locally.

Binary Exploitation 1: Return-Oriented Programming

by Alexander Zhang

Modern systems have exploit mitigations such as the NX bit that prevent writable memory from being executed. This prevents shellcode injection attacks, where a vulnerability causes the program to execute malicious code that is injected into the program's memory. Return-oriented programming is a powerful technique that bypasses these mitigations by taking advantage of the x86 ret instruction to chain together bits of existing code in the target program instead of injecting new code.

Slides

Challenges

A set of challenges with increasing difficulty are deployed to platform.acmcyber.com to practice the concepts covered in the slides. You can filter for them on the platform by checking "rev" under "Categories", and "week 9" under "week". They are:

  • pwn/ret2libc
  • pwn/ret2libc2
  • pwn/sus

Resources

The following resources are great tools for some of the pwn challenges:

  • xgadget: A tool for finding ROP gadgets.
  • GEF: A GDB extension with lots of useful features for pwn.
  • pwntools: A Python library useful for writing solve scripts.
  • pwninit: A tool for setting up pwn challenges locally.

Resources

Resources linked for various CTF categories that our team participates in.

General

General CTF resources and tools

This chapter contains resources that train you for CTFs in general. These include past CTFs, general tools that you might use during a CTF, and other things too broad to fit into one category. For category-specific tools and resources, make sure to check out the appropriate chapters!

General resources

picoCTF

https://picoctf.org/

picoCTF is a CTF competition run by people at Carnegie Mellon University. Their website also contains resources for getting into CTFs, as well as previous years' competitions that you can tackle. Highly recommended for beginners.

Cyber FastTrack and CyberStart

https://www.cyber-fasttrack.org/

https://play.cyberstart.com/dashboard

Possibly the most beginner friendly cybersecurity resource on this list. Some of the skills learned here are too basic to show up on CTFs, but they're still worth learning. Contact a team captain to join the PBR group on CyberStart.

John Hammond

https://youtube.com/c/JohnHammond010

LiveOverflow

https://www.youtube.com/c/LiveOverflow/videos

ACM at UCLA Youtube Channel

https://www.youtube.com/@ACMUCLA/videos

UCSD Cyber Discord

https://acmurl.com/cyberdiscord

Awesome CTF

https://github.com/apsdehal/awesome-ctf

b0ilers welcome to CTF

https://github.com/b01lers/welcome-to-ctf

CTF 101

https://ctf101.org/

Over The Wire

https://overthewire.org/wargames/

Imaginary CTF

https://imaginaryctf.org/

Tools

pwntools

https://docs.pwntools.com/en/stable/

A Python library that helps with writing CTF scripts. You'll be using this a lot.

Installing Pwntools on M1 Macs. A common installation problem with pwntools on M1 Macs is because capstone, a dependency of pwntools, fails to build. The fix for this is the following.

brew install cmake
pip install pwntools

Source: https://www.reddit.com/r/ExploitDev/comments/13ixkoy/unable_to_install_pwntools_on_mac_m1/

CyberChef

https://gchq.github.io/CyberChef/

CyberChef describes itself as "The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis". Very useful.

WSL

https://ubuntu.com/wsl

Lets you use the Ubuntu terminal on Windows.

ipython

https://ipython.org/

An interactive shell for Python that offers enhanced features for code execution and display.

Cryptography

Resources

Cryptohack

https://cryptohack.org/

Cryptopals

https://cryptopals.com/

RSA Attacks

https://crypto.stanford.edu/~dabo/papers/RSA-survey.pdf

Standard Curve Database

https://neuromancer.sk/std/

Ben Lynn's Website

https://crypto.stanford.edu/pbc/notes/

Dan Boneh and Victor Shoup's Textbook

https://toc.cryptobook.us/

A Gentle Tutorial for Lattice-Based Cryptoanalysis

https://eprint.iacr.org/2023/032.pdf

Cryptology ePrint Archive

https://eprint.iacr.org/

Tools

Boxentriq

https://www.boxentriq.com/

dCode

https://www.dcode.fr/en

Sagemath

https://www.sagemath.org/

Alpertron Integer Factorization Calculator

https://www.alpertron.com.ar/ECM.HTM

Z3 Python Tutorial

https://ericpony.github.io/z3py-tutorial/guide-examples.htm

Ciphey

https://github.com/Ciphey/Ciphey

Web Exploitation

Resources

Natas - Over The Wire

https://overthewire.org/wargames/natas/

Pwnfunction - XSS

https://xss.pwnfunction.com/

Tools

Burp Suite

https://portswigger.net/burp/communitydownload

Reverse Engineering

Resources

Introduction to Reverse Engineering: https://0xinfection.github.io/reversing/

Microcorruption

https://microcorruption.com/

Nightmare

https://guyinatuxedo.github.io/index.html

crackmes

https://crackmes.one/

Ghidra Golf

https://ghidra.golf/

Reverse Engineering For Beginners

https://www.begin.re/

Linux syscall table

https://chromium.googlesource.com/chromiumos/docs/+/master/constants/syscalls.md

Tools

Binary Ninja

https://binary.ninja/

Binary Ninja Cloud

https://cloud.binary.ninja/

Ghidra

https://ghidra-sre.org/

gef

https://github.com/hugsy/gef

Articles

https://blog.akenofu.me/security-arch/

Binary Exploitation / Pwn

Resources

how2heap

https://github.com/shellphish/how2heap

pwn roadmap

https://www.hoppersroppers.org/roadmap/training/pwning.html

roppers

https://www.roppers.org/

Nightmare

https://guyinatuxedo.github.io/index.html

pwn college

https://pwn.college/

pwnable.kr

http://pwnable.kr/

pwnable.tw

https://pwnable.tw/

Exploit Education

https://exploit.education/

Tools

Binary Ninja

https://binary.ninja/

Binary Ninja Cloud

https://cloud.binary.ninja/

Ghidra

https://ghidra-sre.org/

gef

https://github.com/hugsy/gef

pwninit

https://github.com/io12/pwninit

Miscellaneous

This chapters under this chapter contain resources for categories such as forensics, osint, and blockchain.

Forensics

Resources

Tools

Binwalk

https://github.com/ReFirmLabs/binwalk

Steganography

Resources

Tools

Stego Toolkit

https://github.com/DominicBreuker/stego-toolkit

Boxentriq

https://www.boxentriq.com/

zsteg

https://github.com/zed-0xff/zsteg

Stegsolve

https://github.com/zardus/ctf-tools/blob/master/stegsolve/install

Aperi'Solve

https://www.aperisolve.com/

Stegseek

https://github.com/RickdeJager/stegseek

Open Source INTelligence (OSINT)

Resources

OSINT Dojo

https://www.osintdojo.com/

Searchlight - IMINT

https://tryhackme.com/room/searchlightosint

Tools

Blockchain

Resources

Tools

Resources

https://github.com/coder/code-server

https://shell.cloud.google.com/

https://book.hacktricks.xyz/welcome/readme

https://github.com/carlospolop/PEASS-ng

https://github.com/swisskyrepo/PayloadsAllTheThings

https://tryhackme.com/

https://codered.eccouncil.org/course/ethical-hacking-essentials?logged=false

https://my.ine.com/CyberSecurity/learning-paths/61f88d91-79ff-4d8f-af68-873883dbbd8c/penetration-testing-student

https://pwnagotchi.ai/