Lesson Learned From Dragos CTF 2023
Dragos held a CTF in 2023 that focusing in ICS/OT Defensive Security and DFIR. This CTF event is very interesting, since we can learn a lot of use case in ICS/OT industry, such as the common protocols used in ICS/Scada environment, and a lot of new things that i just knew during the event.
Some of the challenges includes Packet Analysis in CIS Protocols (Modbus, DNP3, etc), Memory Forensic challenges, ICS Softwares and Log Analysis, Even some of the exploitation challenges such as Buffer Overflow.
I can feel the adrenaline rushing, the prospect of delving into the intricate complexities of Dragos CTF on ICS and OT Defensive Security and DFIR sends a thrill down my spine. Imagining the challenges that await, from dissecting industrial control systems to uncovering elusive threats, my mind races with anticipation. With each flag captured and each puzzle solved, the satisfaction of fortifying critical infrastructure against potential breaches ignites a fervor for the art of defensive security and digital forensics. Because every challenges solved, there will be some another challenges unlocked. The chance to navigate through the labyrinth of cyber threats in the industrial landscape sparks an insatiable curiosity, propelling me into a world where every keystroke matters, and each successful maneuver secures the heart of modern society.
A lot of things we just learned from the CTF. Spending hours in reading the modbus protocols, reading the documentation about DNP3 protocol implementation. Reading packets from the pcap of the ICS devices which sometimes make my heads dizzy (LOLOLOL). Thanks to my colleague who also contributing in this CTF Megi Pramesti who helped in Memory Forensics, Linuz Tri Erianto who focus on Exploitation challenges. Faishol Hakim who solves packet capture (Thanks for the insight on modbus, DNP3, and USB Protocol!). In the end we sat in 19th Position from 700+ participant. Not bad. Considering this is kinda a new thing for us. In the beginning even we sat in 3rd Position, but not long after that we drown to the bottom again (LOLOLOLOL).
Thank you to Dragos team and also The Support team who helped a lot during the CTF, even in some challenges we need some clarification on the flag format, or the Server, they really really support us on Discord (Thank you very much!!!)
