Afleveringen
-
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus do a live-from-DEF CON interview with clasm and honululu, the co-captains of the Shellphish AIxCC team.
They talk about their approach to the AIxCC qualification competition and their cyber reasoning system ARTIPHISHELL.
Finally, we finish with live footage of Shellphish when the seven $2M winning qualifying teams are announced.
Links AIxCC Shellphish Shellphish Support Syndicate Shellphish AIxCC Team -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus talk about the highs (winning $1 million in the AIxCC Small Business Track) and the lows (failing to qualify for DEF CON CTF 2024) of Shellphish.
Links AIxCC Shellphish Shellphish Support Syndicate Shellphish AIxCC Team pwn.college -
Zijn er afleveringen die ontbreken?
-
Youtube Video of podcast
Shownotes and LinksIn this unique episode of CTF Radiooo adamd and Zardus chronicle their adventures while playing Nautilus Institute’s DEF CON 31 CTF, all the way from the Friday night before the CTF to early Monday morning leaving to catch a flight.
Throughout this episode we talk about the CTF as we’re experiencing it (from a hot tub?!?!), and we catch up with several amazing people in the CTF community, including commentators, players, organizers, and winners (congrats Maple Mallard Magistrates on the win): ZetaTwo, clasm, zanardi, nafod, perribus, negasora, jay, mike_pizza, zaratec, and vie.
Unfortunately the sound on the interviews during the CTF after party is not the best, but that’s how recording in a closet in the middle of a party goes! We’ll try to bring on those folks in the future.
Special shoutout to our impromptu camerapeople zwad3 and f4c31e55.
Links LiveCTF LiveCTF Challenge Source AIxCC Maple Bacon -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus chat with psifertex, glenns, and negasora from LiveCTF!
We talk about LiveCTF competitions in DEF CON CTF Finals 2022 and DEF CON CTF Quals 2023! We also chat about the history of LiveCTF, spectating CTF, the difficulty in creating a challenge at the appropriate difficult level for a spectated CTF, and more!
Links psifertex’s sheet of DEF CON CTF pwnAdventure Pwny Racing RET2 Systems WarGames Cryptonomicon -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus chat about a challenging issue facing the CTF community: if someone finds or uses a 0-day vulnerability in a CTF, what happens?
We talk about 0-days, 0-days in CTF, and the complications that arise.
Links -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus chat with anciety, atum, mmmxny, and crazyman of r3kapig: one half of the CTF team P1G BuT S4D!
We talk about how the members got into CTFs, how the team gets new members, what is the culture of the team, why do we play CTFs, can we keepplaying CTFs?, what makes a good CTF challenge, and (what else) pwn.college!
Visit https://r3kapig.com/ to learn more about the team.
Links Tweet re: CTF team mergers r3kapig website Joint team C4T BuT S4D website -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus chat with q7, publicqi, Yuhang Wu, and shiki7 of the CTF team Straw Hat!
Links Tweet re: CTF team mergers Straw Hat website -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus chat about keyboards, DEF CON CTF Quals 2023, CTF team mergers, and how Shellphish has qualified for DEF CON CTF for 20 years!
Links Tweet re: CTF team mergers The infamous monitor -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus are joined by special guests: Dustin and Vito from Legitimate Business Syndicate, hosts of DEF CON CTF from 2013–2017.
We chat about how Dustin and Vito got into CTFs, their first CTF experience, how DEF CON CTF has changed, and their experiences hosting DEF CON CTF.
Links DEF CON Call for Organizers Legitimate Business Syndicate LegitBS AMA -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus talk about a major update: Order of the Overflow has retired from hosting DEF CON CTF, after four years at the helm. They talk about what it was like to host, and why YOU should consider hosting DEF CON CTF.
Links DEF CON Call for Organizers -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus kick off the secondseason of CTF Radiooo. We reflect on the progress of pwn.college andthe challenges of incentivizing students to find and exploit realbugs.
Links pwn.college -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus recap the first“season” of CTF Radiooo (yes, we’re calling them seasons now). Wereflect on a fun first season, discuss some of our favoritemoments/episodes, and talk about future plans for the pod.
Links CTF Player discord server, started by our friend ZetaTwo -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus explore the mistyorigins of thePlaid Parliament of Pwning aka PPP along withmany PPP captains: Tyler Nighswander,Tim Becker,Jay Bosamiya (our first repeat guest),and Samuel Kim.
We dive into how everyone got into CTFs, how to maintain a CTF team,how to continue in CTFs, the shadowy PPP cabal, how PPP approachesCTFs, imposter syndrome, and everyone’s favorite PPP moment.
At the end of the day, we learn that there are no secret tricks orshortcuts, and that everyone is human!
Links hacker.org hackthissite SoftICE -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus dive into the murky background of the Shellphish CTF Team along with special guests: Giovanni Vigna, Christopher Kruegel, and Davide Balzarotti, founding members of Shellphish.
We dive into how everyone got into CTFs, early DEF CON CTF and CTF memories, friendly rivalries with sk3wl 0f r00t, DEF CON CTF Rōnins, the myth of wkr, and why CTFs are important.
Links wkr -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus host a special guest: Fabian a.k.a. LiveOverflow to discuss the topic of Education and CTF.
You may know LiveOverflow from hisexcellent YouTube videos.We discuss how Fabian got into CTFs, the history of the LiveOverflowname, how he got into streaming/creating scripted videos, and thherole of CTFs in security education.
Links Stripe CTF 2012, Fabian’s first CTF Smash the Stack Wargames Cybersecurity Challenge Germany ALLES CTF team and the ALLES! CTF Geohot livestreaming overthewire solves Matt Might’s illustrated guide to a Ph.D propaganda CTF challenge from RIPSEC’s HackTheVote pwn.college, does Zardus talk about anything else? Hacktober CTF DownUnderCTF securitycreators.video from our friend ZetaTwo -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus host a special guest: ZetaTwo a.k.a. Carl to discuss Pwny Racing and NorseCode.
We discuss how Carl got into CTFs, the history of Pwny Racing, the history of NorseCode, tips on casting a CTF, and how to create a superteam.
Links Hackceler8 Rapid Fire Finals from 2016 b0bb, Pwny Racing challenge author Murmus, who challenged people to solve a CTF challenge on camera pwny racing at CSAW -
Youtube Video of podcast
Shownotes and LinksIn this LIVE episode of CTF Radiooo, adamd and Zardus go over listener comments and questions.
Follow us on twitter and twitch to know about next live event.
Links to Listener Comments/Questions BobF (aka Sensor Lock) on kenshoto creating Jeopardy-style CTF potetisensei on where king-of-the-hill orginated “Did you guys ever get a black badge?” - Trevor “What kind of modifications / changes to the world of CTFs are you expecting in the future?” - @HanEmile “Where do you see the future of automation in CTFing? Do you see automated analysis and exploitation taking a bigger part?” - GH0S1_R33P0R “What’s the most craziest CTF challenge you guys made/solved (In Reverse Engineering or Binary Exploitation)” - @X3eRo0 “If I don’t have any local CTF teams in my city or country, what’s the best way to start a team or join a team somewhere else?” - @eigenhell -
Youtube Video of podcast
Shownotes and LinksIn this extra-special episode of CTF Radiooo, adamd and Zardus host the WINNERS of DC 28 CTF: A*0*E.
From A*0*E we’re joined by Captain Gengming aka dmxcsnsbh, Vice-Captain Hui Shin aka septyem, Founder Tianyi aka Jackyxty, and DevOps silver!
We discuss how everyone got into CTFs, the history of A*0*E (the short version is A*0*E = EEE ∪ AAA ∪ 0ops ∪ ******), DC 28 CTF, DC 26 madness (on adamd and Zardus’ side, including social engineering a parking spot), and how to succeed at CTFs.
Silver’s amazing diagram of their networking setup:
+---------------------------------------------------------------------------+ | | | >Other players in our team< | | | +-----------------+----------------------------------+----------------------+ | | | | | OpenVPN | OpenVPN | | The `dc28-redir-controller` +--------+------+ +------+--------+ is deployed here | | | | | VPN Endpoint | | VPN Endpoint | | | for CHN users | | for USA users | | | | | | v +-------+-------+ +-------+-------+ | | +---------------------------+ +--------------------+ | bandwidth and ACL limited! | | | | | | save some money ;) | | Jumpbox, config copied +-----+ OOO's WG endpoint | | | | +-----+ from OOO's machine | | | | | | | | | | |+---------------------------------+ | v | | +---------------------------+ +--------------------+| | +-----+-----+ +-----+-----+ || CPU-intensive applications | | | QoS Promised | | || since EPYC servers are only +------+ Gateway +------------------------+ Gateway +------+ +------------------------------------+| available in CHN available zone | | China | MPLS VPN? not sure. | U.S West | | || | | | 110-130ms, <0.1% loss | +------------+ Latency-aware programs |+---------------------------------+ +-----------+ +-----------+ | & | | Traffic-heavy programs (like pcap) | | Reduce costs under the ocean | | | +------------------------------------+ - All connections are using WireGuard unless specified. - Netdata is installed on all machines so we can do remote telemetry and receive alarms.Links A*0*E redirection controller 0CTF/TCTF finals (which was last month, sorry the recording happened before) -
Youtube Video of podcast
Shownotes and LinksIn this episode of CTF Radiooo adamd and Zardus host a special guest: sirdarckcat a.k.a. Eduardo Vela to discuss Google CTF 2020.
We discuss how sirdarckcat got into CTFs, the history of Google CTF, how Google CTF 2020 went, what happens behind the scenes of hosting a CTF, how to respond to issues in a CTF, and the need for organizers to share information.
Links CSAW CTF ESPR (Eat Sleep pwn Repeat) iCTF WCTF: teams write challenges Google CTF 2020 Challenge Source pwnyracing by our friend ZetaTwo c2w2m2, one of the fastest hackers in DC 27 CTF quals speedrun. palli palli! 🍊’s CTF challenges (we are all fans) Google barges All the little things walkthough pt. 1 and pt. 2 by our friend LiveOverflow A CTF Organizer’s nightmare: flag leaks CTF Organizers’ Slack created by our friend psifertex sirdarckcat would like you to save the whales -
Youtube Video of podcast
In this episode of CTF Radiooo, adamd and Zardus host a special guest: Antonio from the Order of the Overflow to talk about his DC 28 CTF challenge ropshipai!
In addition, Jay, Corwin, and Matt from PPP join to talk about ropshipai and ropship from a player’s perspective!
Together adamd, Zardus, Antonio, Jay, Corwin, and Matt discuss how they got into CTFs, Return-Oriented Programming, the ropships, DC 28 CTF, and how PPP prepares and plays in DC 28 CTF.
Shownotes and Links ropship source ropshipai source Two hours and 42 minutes of all ropshipai rounds Hack this site (mentioned by Jay) Jay’s homepage, cite his papers! Garbage Truck from plaidCTF (written by Corwin) PlaidCTF PicoCTF adamd’s blog post on how to get ready for PicoCTF - Laat meer zien