/hax/ - Hacking & Pentesting

>>1039

Woot woot another Cyberpatriot fag in the house! Awesome to see some interest anon. I torrented some books on Windows 7, Windows Server 2008, and Ubuntu for Cyberpatriot this year. If I can find the PDFs I'd be happy to get copies to you.

>>1040

Awesome, man! That would be great. My garbage collection is a fairly great one. If you have a file you're looking for or a file to sauce, I can see what I can do.

Also, what are the competitions like? Are the other teams generally just ignorant? Do the Chinese competitors end up beating everyone else every year?

>>1041

>this is my phone

Learn Olly and X86 if you're looking to actually find exploits and patch them.

However I have a sneaking suspicion that this will be more along the lines of "look someone left the default password enabled let me patch that" and "look someone trusted a certificate from a rogue CA!"

I would split your time 70/30 on it. 70% actually exploit hunting, 30% 'securing' windows per books you find at barnes and nobles.

>disclaimer: I never did any of these.

>>1043

>>disclaimer: I never did any of these.

And how did you do? Were you the 'head' of your team, or did you just contribute occasionally?

I currently use Parrot because I'm still in my tinfoilhat phase, and I thought the assortment of scriptkiddie-grade penetration testing tools would prove handy.

Will using Parrot complicate things? Should I just kill my beloved parrot and dual-boot Ubuntu and Arch? (Ubuntu for the testing w/o virtualbäks of course)

I'm a stressing over the fact that the time We have before competition is small, and most of the team members know no more about windows and Linux than "they're operating systems" which isn't even technically true.

Thanks for being so based, anon-kun, but I need guidance if you can provide it.

>>1039

Hey OP, sorry it's taken me so long to get the files to you. I have them all zipped up and ready to go but I'm too tired to get on my computer and upload them tonight .

Eheheh, AFAIK the only time you actually see other teams is when and if you get to nationals, and my team sucked too badly to get anywhere near there. There were only two people on my team who knew anything about computers (myself included), but even the most tech illiterate person on the team knew more than pur mentor. We managed to get about 80 points in the first round so don't worry about that. The second round is where it gets harder, we managed to get about fifty points there before giving up. The THIRD round is where shit gets ugly, especially the Cisco routing portion. We had absolutely no idea what to expect for it. We got a whopping eight points on it because I miraculously managed to assign one of the routers an IP. After that we gave up and I loaded Doom on to everyone's computers and we deathmatched the rest of the competition.

I've been studying Cisco like a madman and I suggest you do the same. It's hard, and I'n sure other teams will be struggling with it. I'm not planning on letting my team do that.

Again, I have about eight E-books packaged up for you but I'm too tired to upload them right now. Hopefully I'll have them up by tomorrow.

>>1046

Meh. I'll stay up a bit longer and elaborate. The competition is pretty much like >>1043 described where they just have shitty passwords, group policies, and the firewall diaabled. The Air Force Association emphasizes the hell out of it not being a hacking competition bevause they're so scared that they'll turn the special snowflakes into government-hating anomoloose members. Last year, they had a cron job in the Ubuntu image that would pop up a terninal saying "You've been hacked" every thirty seconds. It also had a netcat backdoor. Nothing too scary. What makes it so hard is trying to find what the scoring system is actually looking for. It's pretty picky about things like password policies and the like.

If your team isn't exactly up to spec then you're going to have to work extra hard to get them at least a bit closer to tech savy. You're going to have to take on some extra studying for yourself at the end of the day though because there has to be at least one person who has a really in depth understanding of what's going on. That person will more thank likely have to be you.

My team this year is filled with people who know what they're doing, unlike my old team. And while there are four other people who are probably going to study at least a little, we have two guys who while they know a lot, are too arrogant to study at all.

And to answer your other question, there are some very very good teams. Some schools even have dedicated classes for this competition.

>>1047

I'm just as surprised as you are. I just started trying to find boards other than /tech/ to lurk in, jumped in here, and your thread was at the top. I'm going to be getting on IRC a lot more, I go by Chrono on it right now but that's just because I couldn't think of anything else to use

>>1050

Man, I wish I had that much time. Senior year and all. That's a big part of the reason why I've been studying it so hard. It's now or never.

>>1051

I'm rooting for you anon.

Keep to your resources and don't get too distracted by social media.

Your being here is proof enough that you will do at least remotely well.

You've got this.

Good luck.

>>1052

Thanks, I'm rooting for you too. It'd be funny if we both got to nationals and didn't even realize we were there at the same time. Oh and again, sorry it took me so long to get the files online. My old router died and I had to use a temporary shit router as a replacement which would overheat if I ever tried uploading anything remotely large. Here's the link:

https://i.pantsu.cat/ptlfjo.zip

If you need anything else don't hesitate to ask.

You have no idea how tempted I am to axe this thread b/e begging for answers, but I am turning a blind eye here.

plot twist, I know the people who make this piece of shit

>>1056

Sorry for being a dumbass, BO-kun.

I appreciate the understanding.

The board was made in a frantic scurry to catch up to those in the competition who start with a subjectively unfair advantage, and sharing resources to any other anons who may be in a similar situation.

Should I just start a new thread?

I don't mind either way, for this poor board tends towards stagnancy =3=

Sorry for Op's faggotry,

"~Archimedes la Douxieme."

>>1061

>>1061

I really don't care, keep shitposting if you want.

not like im going to say anything.

>>1056

give unfair advantage pls

What is the point of it? Is there any money that you could win from it?

>>1039

>fixing windows vulnerabilities

Good luck. Windows is basically one big vulnerability. As for Ubuntu, just take out Unity and implement RSBAC and nobody will care about the vulnerabilities.