For those of you that enjoy CTF’s here are a few tips on how you can go about testing non HTTP network services.
There are plenty of different services out there to test with, and this is by no means an exhaustive tutorial, but gives you a few tips to get started testing non HTTP based services.
So how could we approach attacking these services?
In CTF challenges where you are given the binary it can make like alot easier as you can decompile the software to understand its structure and how the binary operates.
Initially you may start with:
- running
stringsto identify readable text within the binary. - Extracting the binary (depending on its format) using tools such as
objdump, NSA's Ghindra framework, OllyDbg etc.
Then use the insights you gain from debugging the code locally to understand how the software is operating.
Typically in the case of CTF’s these binaries won’t contain the flag you want to capture, but have the same program structure so that you can build a network based attack.
Once you have an initial understanding run the binary and debug with GDB. ExploitDB has a quick primer
- Examine the behaviour with different inputs
- Walk through the logical functionality of the program
