Overview
Codebreakers is a cybersecurity challenge put on by the NSA that includes a series of challenges progressing in difficulty from one to another. With each challenge requiring knowledge from the previous ones, it feels like a real investigation where analysts slowly unravel a problem starting from initial compromise on their system to full access on the attacker system.
My Role
Codebreakers is an individual challenge, so I did all of the challenge solving by myself
Skills
The challenges for this year focused on detecting malware and infiltrating a malware development circle. To do this, I drew upon my background in reverse engineering, cryptography, and forensics. The per-task skill breakdown is as follows:
- Task 1:
- Linux file system
- Host forensics
- Task 2:
- Packet analysis
- Network traffic analysis
- Router configuration analysis
- Task 3:
- Memory forensics
- Process analysis
- Reverse engineering
- Task 4:
- Reverse engineering
- Debugging
- Anti-anti-debugging techniques
- Task 5:
- Reverse engineering
- Meet in the middle attacks
- PKCS encryption standards
- Task 6:
- Static code security analysis
- Mattermost bot scripting
- Postgres SQL
- Task 7:
- Kotlin reverse engineering
- Android library dependency injection
- Path traversal
Tool
These challenges used a wide variety of tools and libraries specific to the programs and scenarios. Across all of them, a lot of python scripts were reqired for automation and interaction. Other than that, the task-specific tools used were:
- Task 1:
- mount
- vim
- bash
- Task 2:
- wireshark
- tshark
- Task 3:
- crash
- Ghidra
- strings
- Task 4:
- Ghidra
- gdb
- peda
- Task 5:
- Ghidra
- Python cryptography
- Cyberchef
- Task 6:
- Python
- Docker
- Task 7:
- Android Studio
- zip