We kicked off the day with a news segment and a quick Kahoot to review ethical hacking concepts. After that warm-up, we dove into Security Engineering.
The first lab was mostly theory and an introduction to the role of a security engineer. We covered core responsibilities, asset inventory, security policies, the “secure by design” principle, raising security awareness, and managing risks. I learned that a security engineer’s duties can vary a lot depending on the company.
After some theory on trend analysis and Gartner’s reports, we moved on to a lab focused on network security solutions.
I learned how attackers use evasion techniques to bypass IDS/IPS systems. One method involved payload manipulation like obfuscating or encoding the command. Another trick was encrypting traffic with OpenSSL so IDS/IPS tools can’t inspect it.
One thing I really enjoyed learning was that inspecting the payload for ncat – can be evaded by adding an extra white space, such as ncat – which would still run correctly on the target system.
After the mandatory labs, I joined Adil, Mathieu, and Simon for some CTF challenges. We tackled two rooms: Corridor and Epoch.
Corridor was simple but fun. Clicking a door gave us a hash of the door number. Simon had the clever idea to try the MD5 hash of “elevator” which was smart thinking, but unfortunately not the right answer.
Epoch was all about command injection. I started by pinging 127.0.0.1 and then tried 127.0.0.1; whoami to get the current user. Later, I was trying to dig around for the database when Simon used the command env — and that was it.
After class, I teamed up again with Mathieu and Adil for one more CTF – mKingdom. My brain is still fried with this one.
Everything went fine until the last part, where we spent forever trying to get root access. Eventually, we gave in and checked the write-up. Turns out, the user we were in could write to /etc/hosts, which was linked to a cronjob we could manipulate. It was hell but very rewarding in the end.
