BSDCan2019 - 1.8

BSDCan 2019
The Technical BSD Conference

Jason Testart
Day Talks #1 - 17 May - 2019-05-17
Room DMS 1110
Start time 16:00
Duration 01:00
ID 1061
Event type Lecture
Track Security
Language used for presentation English

Hack the Puffy

OpenBSD advocacy through CTF

A story about building a capture-the-flag (CTF) penetration testing challenge using OpenBSD for the Hack The Box platform, where most of the challenges are either based on Linux or Windows.

Hack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly updated. Some of them simulating real world scenarios and some of them leaning more towards a CTF style of challenge.

After joining Hack The Box and completing several challenges, I noticed some technologies missing or underrepresented among the challenges available. In this talk, I will go over the process of developing a CTF challenge, the learning objectives for participants, what went well, what did not go well, and the virtues of OpenBSD as an OS for a CTF challenge. I will also walk through the challenge itself, what I learned building it, share feedback, and identify other OpenBSD features for future challenges.