After my previous CTF I thought about testing my skills again and DefCon happened to be the next conference I was attending. The challenges were scoped to a much more difficult level and I did struggle but made some progress. Overall I didn’t do as well as some groups and am firmly in the noob category but I still learnt quite a lot.
One set of challenges I attempted required hoping from server to server with various restrictions requiring you to be clever. This allowed me to learn quite a bit more about SSH tunnelling and in particular opening a proxy and using ProxyChains proved to be much more useful then opening each port one by one which is what I’ve been used to in the past.
The set of Tiger web challenges also proved to be difficult for me but I wasn’t on form that day as I forgot to do the simple stuff such as dirb which would of found robots.txt and other helpful things.