 So, here we are sitting in between a hardcore PRNG talk and next talk which is advanced malware campaigns. So this is kind of a break if you want. We'll talk about Montriac and what we're doing, why we're doing it, how the some lessons we've learned, tools and techniques and what's next. But first I'm Olivier Bilodeau. You might remember me from such talks such as how not to suck at CTF and being generally drunk at the high-fest. But more seriously, Pierre David presented me quite well so I guess I'll just skip but some things I want to say is I'm passionate about InfoSec, open source and the community. So for me you know Montriac and all of the speaking and the things I do is mostly for the people because I enjoy hanging out with them. I'll also be running if my voice permits the hacker jeopardy tomorrow at night. I think it's not that advertised but it's open to the public. So if you are not participating in the CTF you can still come and attend the hacker jeopardy. You need to register somewhere I think it was mentioned once on Twitter or something or ask an organizer. So it starts at what time do we start? 10 p.m. So yeah I didn't know when I finished my slides and it was late so no admin was available. So for the hacker jeopardy I write all the questions myself mostly like I get maybe 10 questions from friends and I run the show and I do the animation. I enjoy it a lot so I hope you guys will be there and enjoy it too. So what is Montriac? It's a monthly workshop where we solve capture the flag challenges. Thanksfully because of Guillaume's presentation yesterday I won't need to explain what a CTF is because it's kind of painful to explain so I'll just assume you know. We provide full archives of the past challenges on our website. We think it's important so we put a lot of effort into it and it's taking time and some of them are missing but so you can have a write up, you can have the files most of the time and redo the challenges if you couldn't attend Montriac. So for let's say specific things you are trying to accomplish for example at Nordsek maybe you'll remember oh we did this at XYZ Montriac and then you can go in the archive and fetch the write up. So it's another resource for CTF if you want. So we used to do Montriac back in the 70s it was a old-school thing no it's just a joke it was an Instagram filter sorry about that. So the archives here's the next example of the archive we keep them by date we have almost all of them like I said and we also have them by topic so android crack me crypto this is all stuff we already have in there forensic hardware iOS reverse engineering and so on and so forth. We also covered international and local CTFs so we've an advent calendar Boston key parties CIS SCA CSA several times hackfest a lot of challenges from the hackfest a lot of challenges from Nordsek plates tfnact.lu. We feature some of the web's gem in order to present our challenges so this is something I put a lot of effort in and I know it's stupid but I like it so I still do it but so we presented some challenges with pictures like this more serious pictures like this which we had a smart card presentation from Pierre David who did the smart card track at Nordsek we had stuff month where we would do only parties and no no challenges sometimes the people who produce the challenge send us a picture like this is how I felt when I was doing the challenge so here you go and we just like are generally having fun and doing things that are really sometimes inappropriate but Montreal is also a place to meet celebrities like our next speaker Jean Calvet was seen at the last Montreal which was this Monday so you could speak to him he was accessible like really really here why are we doing it we started doing it because we wanted to be better at CTF but mostly because we sucked at Defcon quals and by sucking I mean we were missing things and people and focus on the random and the pwnables this is pretty old it's like five six years ago but more on a serious note it's primarily to add the depth on on our team so that everyone can do web everyone can do the easy things and we have a few specialized guys who can go really really deep like rittorical and stuff like that so that is really something we can do if we do you know one challenge every month about topic that changes over time so we didn't really succeed at that so haven't qualified at Defcon quals but I'm not there anymore like the young people in our team will say well you you can you know complain but you're now we never see you it's true I'm old I have kids I don't do CTF anymore except north sec and a few of them so but still running Montreal is not as time-consuming as 48 hours in a full ab so I can I can do that so in fact what is it about it's more about a routine and doing so by routine what I mean is no matter what I spent three hours a month doing a CTF challenges so it's kind of mandatory work which is nice and then I get to hang out with some friends and have beer so this is this is good for me and doing it's the style that we've chosen so a lot of the hacking community and stuff there's a lot of talks and talks are good to learn stuff you write down the tool name but you never tried it you don't have it installed on your computer it's it's just you know getting you to the the state where you need to be so when we started the Montreal we decided like we don't need talks we need you know hands-on things we need to bring you know computers and and do the challenges together and even create teams ad hoc you know at some point after an hour and a half maybe you realize oh my code is like messy and I'm not doing anything towards the goal and you see that the guy besides you is actually doing good progress and so you sit together and abandon your old your own things and then get closer to the challenge and making a friend at the same time so it's really the the doing aspect for for us is key in Montréal and this way also your machine is already always ready to go to war because you checked out the tools you have them you know when I'm sure at Friday the internet everyone will be downloading Cali Linux and stuff like that and launching VMs it's like it's too late you should always have a war machine ready for you know legitimate hacking and Montriac so yeah how it's pretty simple someone proposes a challenge usually it's not even us the organizers which I'll tell it's who later we work on it like for three hours like I said he presents a solution and then we go and have beer but sometimes like this week this Monday we just had beer no no challenges but especially before North Sec and sometimes during the summer we just do more community hangout participant must bring laptops hack and had a team pretty obvious so when we've decided early on that it should be a fixed date so that people wouldn't have to remember like going and had it to the agenda stuff like that so it's the third Monday of every month and it's almost always the same venue but you still need to check sometimes because we not manhouse was ready to go undergoing renovation so we actually did go to the Google's office for that time and now we pretty much like the Google venue so we now us the eight between Google's offices and not manhouse and so for this you need to check but it's always the third Monday of every month who is behind this Pierre-Marc Viro I'll ask the guys that are here to stand up so we are four stand up I said I see is not there oh so that's a stand up so that's a and so the other guy the fourth guy Marquette Sien is on vacation so he's not here so the four of us what we do is we take each a month during the you know the next semester if you want and then we handle the whole organization for the month in question so last month it was me actually that covered for Pierre-Marc he was away in a conference next month is Sebastian who is taking responsibility and we have opportunities for people who want to participate to step in if we are six people or twelve people who would have only one month to organize per year which would be great you know because we can we could spend time instead of presenting challenges because now we do mostly you know meta stuff anyway so I want to give it also a few shoutouts to the the presenter because it's about them you know more that's you hiding you had hair back then so it's it's the people who actually make the thing work you know because presenting takes more time than only running the show so first thanks to rim tongue to give up to have found the name which is really cool I we really all stand behind it in a nice name and all of these guys listed here I won't read them because it's boring but these guys are I think like 80% is probably in this room so thanks guys and it's because of you that we've been successful now let's have a little cheesy award ceremony a few awards should go to so the most Montriac attended without working actually on any of the challenges and the award goes to I don't think is here our very old north sec president mr. Gabriel Tremblay he's still there that's good longest challenge explanation going more than three times over the allocated time slot and that the award goes to north sec logistic monsieur Francois Proulx was good though it was a complex forensic iOS forensic challenge so he wanted to show us everything that was in there and making us secretly exploit a zero-day vulnerability in a library mr. Philip artel so he like when I was doing the archive he sent me an email like oh this Montriac we did we worked on this cv which was not released at the time we worked on it and so it's a xxc injection and apache abatic so now the lessons that we've learned lesson zero co-maintenorship doesn't work at first we tried to have like core volunteers and then you know you do Facebook you do emails I do Google plus and you do Twitter and stuff and you the bookings and I call Benelux to do to say how many will be and it just didn't work so this is something that like naively you can think you can share a load like that but I guess we can work it out so we have this new you know preassigned guys thing that I talked about earlier lesson one we act we accidentally offended several communities and for that we're sorry we I would have loved to share some of the details of this but it could offend again you know the people so so we'll just keep this for you know side the all-way conversations but so now we're more careful and Gabriel doesn't do images let's just say it that way lesson number two even though presenting takes a long time only organizing the monthly runs takes time to so this is a average time spent on the typical Montriac as you can see finding the right funny picture is very important to me and I put a lot of effort in it so maybe I'm doing some things wrong lessons three we started recently having checkpoints so like after half an hour or an hour where is everyone and then looking okay you should have this and we can move on so for complex challenges it's a good thing because most of the time like the I presented up a challenge where it was a pro interpreter who has been compiled into an elf binary and to solve it it took me like eight hours so how am I supposed to present this and have people you know who doesn't know maybe the pearls internal as much as I do and reverse engineering solve it in three so we decided okay let's do checkpoints and then skip some steps and provide code to move further along and we did tired did this also last month and it proved to be really good because everyone is like focusing and learning new things and installing the tools for the right steps so it's really key and also people tend to regroup at these stages like okay so if let's say four people were like following really closely then oh I can help you and I'll go sit besides you instead of continuing my stuff so and and then this is again the making friends thing over so tools and techniques there are no single tools or techniques the end that's what I did at my how not to suck at CTF talk and I kind of regretted it so joking aside what I want to say by this is that they are various tools and I decided to highlight a few of them but this is my personal choice my personal choices it's not I'm not imposing them they're not like the dead thing to use or anything so just take take this with a grain of salt so of course learn a scripting language it's all like most of the time we we write some code so try to keep snippets of code and build you know I call it my scratch pad I have a folder where all my all's Python snippets is and then when I need to XOR things I have XOR that XOR is like everything and I reuse it I said to choose a scripting language but of course preferably Python 3 and not to 3 use ipython and ipython notebook if you've never used ipython notebook you've got to try if you have ipython installed it's really easy to to run it and it's a really nice way to again keep documentation and execution really close together so this is actually a tip that I got from Gabriel like three years ago he presented his solution using ipython notebook and I was amazed by how interesting and flexible it is and now whenever I start a CDF I start a notebook and I import you know the functions I reuse all the time and I start from there and you can share it it's it's HTTP so so multiple people can connect to it it's kind of a Python kernel exposed via HTTP through a nice web interface it's it's really cool don't use plain gdb for that the type of stuff we do reverse engineering the plain gdb is just not doing it get fancy gdb in it there are good ones readily available from Google or use a p3da or peda this is the the peda fork that works on Python 3 with Python 3 I think is a cruel going to be at it or easy right now at Nordsec he's coming for the CTF so this is this this guy who who forked it he's going to be here this weekend and I want to like I don't know kiss his feet or something because it's it's really useful to have it in Python 3 since Ubuntu compiled the gdb with Python 3 support and dropped the Python 2 you cannot have both so yeah cool stuff from time to time try to take the time to try radar again instead of a pirated I approach it's just like we need to get rid of proprietary things so I just like do it a little political message I actually presented my the last month react I present on the pearl thing using radar to of course I didn't solve it with radar unfortunately but I still took the time to learn it and present it fully with radar and it actually worked quite well wire shark is the bomb and you should learn T shark there's so many cool things you can do with you know wire shark T shark and Python code I use that a lot at work too so this is my tip Burr or OASP unfortunately I'm not the best guy for web so my my tools might my tools might be way outdated I don't know use vagrant for disposable VMs it's so easy to get a VM quickly if you need to run you know a 32-bit or something or or an old version of red at or this lip see or that you go on the vagrant boxes you find the right server you want to run and then just boom on the command line everything no gooey and it's the back end is virtual box most people already have it installed it's really nice for disposable VMs learn to use a powerful text editor like VIM sublime or Emax but preferably VIM of course now the developer tools of your browser this is also really really powerful and now they have like really neat things for hacker like you do the thing in your browser and then you realize you need to automate it and now you go and painfully you know copy and paste values one by one into your curl command when now you have a right click copy as curl right into Chrome on a request so now you can paste it in a terminal you have all the cookies and all the stuff for your request in there so it it's worth it to take the time to learn some of these bricks so what's next for Montreal I am proud to announce that we are sponsored by the Benelux for a free beer after the workshop from now on at the next month react yeah slow clap we're really glad about this we've been hanging out there it's like just normal that they sponsor us I guess but for us it's like a recognition you know it's good we intend on taking no breaks this summer so we'll have a full full schedule for support this summer and I'm revealing information about next month that is not yet confirmed so it's subject to change but we will probably have a presenter that is outside of Montreal so a guy from Seattle a Googler who works at Google and he wants to present a Defconn quals 2015 challenge so it should be really interesting and hard and we'll have the opportunity to meet this guy which I didn't want to name because it's not confirmed so now it's time for you to participate this is what's next you know part you participate so we want you to come to Montreal we want you to present at Montreal anyone can do it and it's always fun to see the new approaches to problems we also want sponsors of Montreal and the best way to sponsor is to present or create a challenge and it could also be hosted at your offices so if you have a cool office you want you know to hire people and you have security team have them create a challenge and will will will all go there and you'll have to provide some beverages maybe should and and then for you it's good visibility for us it's a cool challenge and meeting new place seeing new venues so it's win-win now the way to get in touch and get this all together is through mailing list Twitter we are at some other places Facebook Google plus and you can get also involved on the meta mailing list which is the mailing list for you know people interested in the behind the scenes and the we are more than the four of us on the meta list so it's really open archives are open you can look at them it's it's really we don't want we don't have any secrets you can also contribute and participate and by contributing I really mean it like let's see what we can do here you can modify our website through get up and this was a pull request that I made yesterday to demo the thing that the fact that you can contribute so if you see something shitty on our site you can let's look at it so I go on learning resources and I don't see I don't see like north sick or hackfest in here and I want to fix that so what I do is I create a pull request pretty simple I change some markdown and I submit it so let's accept it where is the button and this is green that's probably good no this merge pull request I got it all right confirm the merge merging I we can go back and see this is the wonders of not doing anything regarding your infrastructure and so we live we modified Montreal's website how easy was that so now you can do it if I could do it while not really seeing what I did you can do it also and that's it is there any questions