From 30c86d4185e0f13d03327aca8ddbb3e4f44ae608 Mon Sep 17 00:00:00 2001 From: Neale Pickett Date: Sun, 31 Jan 2016 20:46:27 -0700 Subject: [PATCH] Rename for github --- doc/ideas.txt | 34 --------- doc/summary.txt | 76 ------------------- doc/{tokens.txt => tokens.md} | 0 ...writing-puzzles.txt => writing-puzzles.md} | 0 4 files changed, 110 deletions(-) delete mode 100644 doc/ideas.txt delete mode 100644 doc/summary.txt rename doc/{tokens.txt => tokens.md} (100%) rename doc/{writing-puzzles.txt => writing-puzzles.md} (100%) diff --git a/doc/ideas.txt b/doc/ideas.txt deleted file mode 100644 index 5c411f0..0000000 --- a/doc/ideas.txt +++ /dev/null @@ -1,34 +0,0 @@ -Ideas for puzzles -================= -* Bootable image with FreeDOS, Linux, Inferno? HURD? - * Bury puzzles in various weird locations within each OS - * Maybe put some in the boot loader, too - * Perhaps have some sort of network puzzle as well -* Network treasure hunt - * DHCP option - * Single TCP RST with token in payload - * Multiple TCP RST with different payloads - * http://10.0.0.2/token -* PXE boot some sort of points-gathering client - * Init asks for a team hash, and starts awarding points - * Broken startup scripts, when fixed award more points - * Lots of remote exploits -* "qemu -net socket" vpn thingy and then... -* sfxrar packed with upx. Change an instruction so it won't actually - execute. -* pwnables: have scp log passwords somewhere - -Capture the Packet ------------------- - -* Jim Meilander could teach a class about Bro -* Use qemu -net socket,connect=10.0.0.2:5399 for capture the packet - - -From Jed Crandell ------------------ - -* Have password easily read, must determine username with stack - examination (like in printf category) -* Use %600000u%n to write an arbitrary value to a location in - stack, then jump to that location somehow. diff --git a/doc/summary.txt b/doc/summary.txt deleted file mode 100644 index bfed796..0000000 --- a/doc/summary.txt +++ /dev/null @@ -1,76 +0,0 @@ -LANL Capture The Flag -===================== - -The LANL CTF training and exercise is designed to train novice to expert -analysts in new techniques and tools. Course material is in a tutorial -format, which is bundled into the exercise. - -The class portion proceeds as a lecture style, although participants are -encouraged to work at their own pace, soliciting assistance from -instructors during the lab sections of the lecture. A Capture-The-Flag -style exercise follows the training as a mechanism to reinforce concepts -the participants have just learned, as well as introduce new concepts, -and to help participants learn how to deal with an actual security -incident. In the exercise portion, participants form into teams which -compete against each other to gain points in a broad spectrum of -categories. - -Event categories and training topics are easily customized to better -meet each site's requirements for training. - - -Key Features ------------- - -Portable: Hardware for up to 80 participants fits into a single -suitcase, and the exercise portion can be conducted by a single -organizer for up to 100 participants. - -Flexible: Exercise or Training can be run standalone, and can last -anywhere from 2 hours to 5 days. - -Lasting: Exercise portion reinforces concepts learned during training. - -Modular: Categories can be cherry-picked from an ever-growing list, -creating a custom-tailored training and exercise. - -Extensible: New modules can be added quickly. - - -Categories currently available: (September 2010) ------------------------------------------------- - -* Base arithmetic -* Introductory computer programming / logical thinking -* Host forensics -* Malware reverse-engineering -* Network reverse-engineering - * Packet capture and analysis tools - * Reconstruction of session data - * Protocol reverse-engineering - * Custom tool development skills -* Linux systems programming - * Using strace, ltrace, gdb - * Understanding race conditions - * Programming securely -* Web application development - * Cross-site scripting attacks - * Input validation - * SQL Injection - * Security vs. obscurity -* Cryptography and codebreaking -* Steganography detection and extraction -* Social engineering -* Binary file formats -* General puzzle-solving skills - - -Categories in development -------------------------- - -* Securing SCADA devices -* Network traffic monitoring -* Log file analysis -* HTML / Javascript reverse-engineering -* Your request goes here! - diff --git a/doc/tokens.txt b/doc/tokens.md similarity index 100% rename from doc/tokens.txt rename to doc/tokens.md diff --git a/doc/writing-puzzles.txt b/doc/writing-puzzles.md similarity index 100% rename from doc/writing-puzzles.txt rename to doc/writing-puzzles.md