Hello our dear reader!
I would like to introduce myself: my name is Stanislav ( @clevergod ), I am the vice-captain of the Codeby.net team, and with this article we begin a series of 3-4 articles dedicated to our participation in The Standoff cyber polygon .
According to our old habit, we will try to emotionally describe all the pain, tears and joy of the amazing 123-hour marathon called The Standoff 2020 that has passed for our team .
In this article, we'll explain why competent training - more than half of the success and why it is so important to organize interaction never not Pentest team within one individual project.
Let's try to convey the atmosphere step by step, but believe me 5 days of unrestrained fun can be described in an endless cycle of articles or even shoot an action series ...
Who are Codeby - a forum of enthusiasts, caring guys living in different countries and regions, who are united by the desire for self-development and free training of the young generation of specialists in various areas of both IT and information security.
PS - I want to say that we with the cap (BadBlackHat) walked for a very long time to this victory, overcoming one barrier after another, giving all our strength and resources to make our common dream come true.
Attention, the article contains many screenshots!
The Standoff β , IT-, , . The Standoff , . , , , , , , ( ), , , , , , , .
The Standoff (blue teams β 6 ) (red teams β 29 ) , .
, The Standoff, , «», Positive Hack Days, ( 2019-). , , 5- 12- - .
, : - β , :
-;
;
;
;
, ;
;
;
... , . , ( bug bounty).
#
, , , ββ , 15 , " ".
( , ) β¦ , , NitroTeam Spectre, (@b4trjan) , .
, , , , (11 ) 2020 .
" ", .
(@clevergod) OSCP , (@BadBlackHat) CTF-, HackTheBox, priviahub, TryHackMe.
, , , , , , , , . β , - ββ, .
, , , ?! , - . , , , .
18 , - "" , " " (Arkady Samsonov, ).
, , . , , - , , , , - . .
7 . , 5 !
, , "", , ( King of the Hill (KoTH).
2019 , 1-Day , , , , , , - , .
, (r0hack) " DeteAct", , - 30 , 5 6 VPN- , .
β β? β . 15 , () , ββ , , , - VPN-.
, , -, VPN-. -, , OSI.
, , . , - . ( ): (@undefi) , (@tgrmofficial), (@K1R0Byte) (@manfromkz) , Magick , (Mister_Bert0ni) , . . 2 2- - ( ), , . .
. - , , . β Discord?β - , , , . , , , - ( , ).
, , 2-6 . - :
#
2 , , " " " " ( ., ):
" " ( );
;
- , . ;
IP- ( ., );
.
1 - , .
, , VLAN-, Ethernet ESXi, .
, , - . , , . , - 6 ""β¦ , , :)
, " " - , PenTera Pcysys(Citum Axxtel ), . 98% L2, VLanβ, !
#
VPN- , , L2tp + IPSEC. , 21 β¦
, - , OpenVPN - CTF-.
, , -7 GMT +10 GMT, , PFSence , - ( ), , , , CTF- . , - PFSence OpenSence, , ( , - MikrotikOS, , , ), , - .
# 12.11.2020
, , . , . , , , .
, , RCE , . β¦
120 , "" RDG Microsoft, ( "" ), - Mimikatz, .
2-3 SOC , , "" . , , , 80 (BBG.GQS 4), "". .
:
:
:
, , Attack Detect! :
, , :
β¦ . -, " " ( ) 2 , , . - , , , , :
247 40 135 20 - , , , , .
, , , , - - , , - RCE, LFI - . , .
, , , "".
, , , , , . , , , , .
, , . : 6- 10 , 60- . , , , read-only , wsus, db, backup, fileserver, exchange, rdg, sharepoint , , , !
, , . , 8 ! β - 116 16 β¦
, - . - . , β¦ , The Standoff:
, , , 123 , :
Joan Agusti Martinez Carbonell
Stanislav Istyagin
Timur Moldaliev