I'm starting to find CTFs very repetitive. Anyone feeling the same?
#1
I've mainly dealt with tryhackme, picoCTF and hackthebox CTFs.

And they usually follow the following format:

1. Scan the box with nmap on all ports
2. Find OS and services running on those ports
3. If there is a webapp, most of the time, the solution lays on playing around with the local storage for a while (if you haven't found anything else with OWASP first of course)
4. If there isn't a webapp, there will be old services (outdated SMBs etc..) which you'll have to look into all of them in google to find an exploit. If you do, hooray, you've got a basic shell. If you don't, it's probably going to be password bruteforcing with the rockyou.txt passwordlist.
5. Once you have a basic shell, make it a stable shell with whatever method you find preferable.
6. Privilege escalation. Most commonly done with sudo -l and finding a suitable exploit with whatever permissions have been misset. If not, use LinPEAS and if still nothing, dig around for some info such as a private ssh key or a super coincidentally convenient .txt file containing the password for root.
7. Get the flag.

I'm pretty new to CTFs, only been doing them a year or so, but I find them awfully repetitive and most of the time boring. Idk if it's the sites I've been using but Im kinda burnt out. I really used to like them because I was learning new stuff but now it seems like a constant grind of google searches.

Please if you do have any suggestions leave them below. I don't want to abandon the beautiful world that I thought CTFs were.
Reply
#2
If you're looking for some more CTFs and reviews regarding this then I recommend you check out our old "Wargames/CTF" thread. Haven't tried them all but I recognize the pattern you're refering to. Seems to be the case for many sites these days sadly.
Reply
#3
(07-14-2021, 10:08 PM)Insider Wrote: If you're looking for some more CTFs and reviews regarding this then I recommend you check out our old "Wargames/CTF" thread. Haven't tried them all but I recognize the pattern you're refering to. Seems to be the case for many sites these days sadly.

I'll give it a look. Cheers!
Reply
#4
I will recommend you to play on CTFs with higher weight on ctftime so they will be more challenging.
Also, if you are from Europe you can at ECSC (European Cyber Security Challenge), which is an interesting event: https://ecsc.eu/.

TryHackMe is good for beginning, as a noob. You can use HTB for learning AD or to learn for OSCP (if you want to take it). Pico has a lot of challenges, but way too easy if you already have experience. I think you should continue to play at CTFs (I can recommend you to play at indians ctfs since those are easy and you can win an easy prize) and maybe get a certificate this way.
Reply
#5
Unfortunately, today it is difficult to find some interesting challenges.
You should try the hard boxes on THM, they should be more interesting. Sincerely, I don't like HTB, the new boxes are way too much CTF-ish imho.
At the moment, I'm focusing my free time on the Pentestit's lab "Who is the novichok?", I am finding it slightly different from the average "CTF" platform.

I found some interesting challenges in the Offensive Security Proving Grounds Practice on the boxes that are rated hard/very hard by OffSec or by the community. You just need to view them by the righ pov Wink

Please, let us know if you find something interesting, maybe by submitting it in the "Wargames/CTF thread" that Insider linked before.
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  How did you find GreySec? Insider 22 43,217 Yesterday, 08:07 PM
Last Post: Insider
  Does anyone know about greymarket for 0_day exploit ? setekh 1 3,955 08-10-2021, 07:14 PM
Last Post: Vector
  announcement: I am starting impromptu speech!!! QMark 4 11,986 07-20-2021, 02:32 PM
Last Post: Vector
  Does anyone know where to find the SHEIN data dump? InfinityDark 0 6,420 03-11-2021, 04:10 PM
Last Post: InfinityDark