Overview
Last week, I alongside with 4 other Malaysians (Daus, Roheen, Jia Qi and Danisy) represented Malaysia as students to participate in GCC 2024 at Thailand.
I had a really really really great time there, so I want to document and share some of my experiences through this blog.
This isn’t really gonna be a technical blog, and is more gonna be a blog about my memories and fun experiences there.
The blog turned out quite long, sorry for yapping so much lol
Thank you so much to all the staff and sponsors from every country for making this event possible. I’m truly grateful to be able to have this once in a lifetime experience.
Day 0
When we reached the Don Mueang International Airport, the GCC Thailand staff were waiting for us there with a piece of paper that had “GCC 2024 Team Malaysia” written on it, which tbh was pretty cool.
We then went to the hotel, checked in and then went up to our respective rooms. That was when I first met my amazing roomate Bau [TH] (Thank you so much for waking me up everytime I slept past my alarm 💀). The room was really spatious and clean, and had a really comfortable vibe to it.
Everyone then met up at the lobby to attend the Ice Breaking Party. The staff gave us all Thailand souvenirs, and also a lenyard with a piece of paper for us to write our names on (This was a really good idea, made meeting new people and learning new names a lot easier).
Every country had to give an introduction on stage about all the students and staff during the ice breaking ceremony. It was really cool learning the backgrounds of everyone and seeing what people inside the room has accomplished.
There were people with CVEs, people with startups, people who attended DEFCON CTF Finals, just people who have achieved great things in hacking. And it was very exciting seeing all these talented people gathered in one place, and knowing that I’m gonna have the chance to spend a week interacting with them.
After dinner, I went to the a local 7-11 with some friends and went to a small party in someone’s room.
Day 1
Went to the meeting hall for the opening ceremony with my roomate, and this time we have to sit down according to our groups. So in GCC, students from different countries are arranged in groups as there will be groupwork assigned later on and we have to work together with our groupmates to complete the project and give a presentation later on.
I was in Group 5, alongside with:
Coincidentally, I was actually sitting beside Josh [KR] and his roomate, Sam [TH] during yesterday’s dinner, so I actually already talked with Josh quite a bit and was pretty happy he was in my group.
There was a class about Ethics, which for me was very interesting.
The instructor first talked about what was ethics, and introduced stuff like consequentialism, deontology and virtues, and then gave us topics about cybersecurity ethics for us to discuss among our group.
Personally, I felt that the discussions were really fun. I managed to get to know my groupmates through these discussions. I actually talked a lot to my groupmate, Raj [IN] during the discussions which made me a lot closer to him as I enjoyed talking with him quite a bit. The topics were really thought provoking and was just fun to think about.
After that, groupwork was assigned to the groups. The topics were:
- Analysis of OSINT feeds for Scams
- CVE and Exploit database
- CTF challanges
- Maltego plugin for analysis of mobile phone dumps
The topic that our group got was “Analysis of OSINT feeds for Scams”. We initially wanted the CTF challanges topic (I’m pretty sure every group wanted that topic), but I guess we just have to deal with what we’re given.
After lunch, team Singapore handed out GCC 2024 stickers (designed by Yao Xuan [SG]) as well as a super cool penguin circuit board (made by Manzel [SG]) which could play songs, but also had flags inside the board that we could capture. Thanks a lot to them!
We then had a training about Active Directory (AD) Attack Techniques.
Deep Dive into Active Directory (AD) Attack Techniques
I’ve never actually done any AD stuff before, so I kinda used this class to learn what AD was about. There were a lot of labs which made the training very interactive so that was rly nice.
But by the end of the training, everyone’s laptop were starting to sound like helicopter fans as 3 vms were needed to run at the same time for the training, lol.
We then had dinner and went back to the meeting hall to discuss about our groupwork. We were actually having trouble getting started as we weren’t necessarily sure what to do for our groupwork, we were deciding whether to make it a case study about an ongoing scam, or maybe make an OSINT tools wrapper that helps us automate the OSINT process. But in the end we just ended up looking for OSINT tools first, and was testing them out. Let’s leave the rest of the work for tmr :).
There was a party but I ended up going to bed early since I wanted to get enough sleep for tmr’s Fuzzing in the kernel world class, which was the class that I was most excited about alongside the Hands-on Car Hacking class.
Day 2
The first training of the day was about Handling Threat Intelligence.
Handling Threat Intelligence
It was about blue teaming stuff which I also never really touched on before, so it was pretty cool learning about what happens on the other side of the exploit. There was a lab about using YARA to find malware on a machine which was actually quite fun. There was also another lab which was about finding compromised users on a VM network by analysing their login times and locations which was also pretty fun to do.
After that was the Fuzzing in the kernel world class which I was super excited for.
Fuzzing in the kernel world
The class was given by Lisa [TW], who is actually a GCC 2020 alumni, and is actually a member of Balsn! We started off by learning about how fuzzing works, what are seed queues, mutations, sanitizers, etc which were all very interesting. Despite being a pwn player, I haven’t actually done fuzzing myself yet so I learned a lot during this. The instructor prepared servers on the cloud that we could ssh into for every group, so that was rly convenient since we didn’t have to setup anything locally. We installed afl++, wrote a simple C program with abort calls and just fuzzed our own binary. Then we went on to fuzz a previous version of xpdf which was vulnerable, so we were actually doing fuzzing on real life software. Fuzzing using pdf files were pretty interesting to say the least. The instructor then went on to teach about how virtualization works. Virtualization is key for kernel fuzzing since for userspace fuzzing, we can just rerun the binary when the process dies, but for kernel fuzzing, we can’t possibly just kill our own system for each run. So we have to virtualize the system and fuzz the kernel there. There were familliar concepts like page tables, TLBs and page faults, but ngl there were also quite a bit of stuff that I didn’t rly understand and have to revisit soon. Still, I learned about concepts like shadow page tables and Instruction Set Architectures (ISAs) which were pretty interesting. Finally, we got to the kernel fuzzing part. We had to compile the linux kernel and write a vulnerable kernel module to be loaded into the kernel and fuzzed later using a fuzzer called Syzkaller. The instructor was teaching about how kernel fuzzing worked, and what kernel modules are when the kernel was compiling (which took forever). I’ve been getting more and more into linux kernel pwn lately, so I’ve seen some kernel modules source code already, but I’ve never actually wrote a kernel driver myself, so this was a rly nice time for me to practice writing one. Overall I really enjoyed this training, and learned a lot during it. Had tons of fun.Read More
Also, it was actually my groupmate, Raj’s [IN] birthday! Some of his friends from India bought a cake for him to celebrate during dinner and we all sang happy birthday for him. Thanks for being such a goated groupmate and friend Raj, cheers!
There was a party at the poolside after dinner which was very fun. I managed to talk to a lot of people there and got to know them all a lot better. Near the end of the party, a group of us were sitting by the pool and just talking together, which was just really chill.
Day 3
First class of the day was about How (not) to build a vulnerable LLM web app. I didn’t think I would enjoy this class as much as I would actually, but it ended up being one of my top 3 classes of GCC.
How (not) to build a vulnerable LLM web app
The class was given by Shota Shinogi [JP], who has actually talked at conferences like Black Hat and DEFCON. He starts us off immediately with a LLM web app which you could abuse by telling the LLM to “Ignore the above instructions” and telling it to do what we want. He gave us a short lecture on ways to trick the LLM, for example: Then he gave us another lab which was about a salesperson selling screws, and that we had to negotiate prices with the sales person. He wasn’t allowed to leak the minum price per screw, so we had to somehow get that information out of him. Then we had to make the prices lower than the minimum price, and even get it to be FREE. This was a really fun lab and I learned a lot through it. In the end, he told us all to make a vulnerable LLM web app ourselves, and try to do prompt injection on it. Our group made a travel planner app, which was hiding the admin’s travel details, and you had to somehow use prompt injection to leak the admin’s travel details and get the flag. Super interesting lesson.Read More
After lunch, we had a training called Hunting with a dinosaur.
Hunting with a dinosaur
It was about using the Velociraptor tool to find information on a comprimised machine. The instructor gave an engaging story which had character names, locations, connections, which helped made the training very interactive.
We then had dinner and I later on gathered with my groupmates to discuss about the group project. At this point we really haven’t gotten much progress on our project, so we decided that we had to work longer hours for the day and really put our head down and work.
We decided on making an OSINT wrapper tool that automates the OSINT process, as well as find ongoing scams, so that we could use the ongoing scams as input for our tool to test and demonstrate it. So in a sense it was a combination of our previous 2 project ideas, an OSINT wrapper tool as well as a case study. We distributed our work load and started working till around 12am at the sitting place outside the hotel lobby. We made really decent progress as we found a really nice OSINT tool called maigret which could extract a lot of information from usernames and names. We also finally wrote some code for our tool. Only thing missing was that we were having troubles finding ongoing scams that had enough information about the scammers for us to plug into our tool. (Turns out we were just looking at the wrong places).
Just when we were about to leave, a few of the Malaysian staffs as well as Lena [JP], a.k.a LambdaMamba were entering the hotel and saw us. We were talking to them about our project and turns out, that Lena [JP] was a scam expert expert at hunting down scammers!
She gave us all an impromptu “workshop” and showed us where to actually find ongoing scams, how to extract info from scam links as well as safely browse scam links. She also introduced us to her tool GrimScraper, which is used to take screenshots of the scam sites and store the source code of the scam sites for further analysis.
Really gotta say thanks to Lena for teaching us so much about scams. The new knowledge helped us significantly for our group project. Go check out her website if you want to learn more abt malware analysis and scams!
Day 4
Day 4 only had one training, which was the car hacking training.
Hands-On Car Hacking
The training was given by Kamel [JP]. And I just gotta say, Kamel is one the most goated, fun, charasmatic, smart, majestic teachers that I’ve ever had. He made the training incredibly fun and interactive and engaging and made it my favourite training from GCC 2024. He started off by introducing car hacking, and how cars have been exploited before. Then he went on and taught us about bluetooth security, and gave us some labs about interacting with a bluetooth device that he set up.
I was having troubles with connecting usb’s to my vbox vm at this point so I didn’t rly get to play around the lab at this point. Thankfully I solved the problem later on and could work on the CAN stuff. He then taught us the basics of CAN, and setup CAN networks for the whole room, which you could connect to through a USB to CAN adapter board. This gave us the ability to just write and dump messages to the network, and well obviously people wrote scripts to spam the entire network which was pretty funny. The most fun that I had was definetely towards the end of the training, when he brought out a bluetooth infotainment system, and also a detached instrument cluster which was connected to the CAN network for us to play with. The instrument cluster was meant for the other side of the room to play with first. But as there were problems pairing with the bluetooth of the infotainment system, I moved my laptop over to the table which had the instrument cluster. At the time, my friend Anikait [IN] was already connected to the instrument cluster, and he brute forced all the arbitration ids to find the id that controlled the speedometer, so he could then control the speedometer by sending CAN signals. Click here to look at the video He was then nice enough to hand the CAN wire to me and let me play with the instrument cluster, and I first made a windshield using the speedometer. Click here to look at the video I was then joined by my friends Slash [TW] and Toda [JP] and we managed use the same bruteforce technique to find the arbitration ids for a bunch of different controls. I specifically wanted to find the arbitration id that flashed a warning light and made a “beep” sound, so that I could spam the “beep” sound. We managed to find it and well this is what we made in the end:Read More
I promise its not malware I just dk how to embed videos inside here
Click here to look at the video
Today was the last day of preparation before the groupwork presentation.
So me and my groupmates just worked till we finished everything. We made a plan, assigned jobs, finished the tooling, made slides, and finally found an ongoing scam with enough information for a case study thanks to my groupmate Kevin [IDN]!
I bonded a lot with my groupmates through these nights of working for the group project, and I’m quite proud of what we ultimately made in the end, so really thanks to my groupmates for being so fun to work with.
Day 5
There was a training about Practical Malware Analysis and .NET Reversing.
Practical Malware Analysis and .NET Reversing
They talked about how .NET works, .NET headers, IRs, and demonstrated analysis on real life malware. They made a ton of cool labs too, and even made a ctfd website.
and ofc my guy Faze speedran the ctf
They gave us all certs for completing GCC training and gave every country an opportunity to say some closing words.
Then was the groupwork presentation. My group ran out of time and didn’t manage to present all of our findings and content. I was fine with it but still I feel like 5 mins is too short to present the groupwork projects, but I guess part of the challange is to make the presentation short and sweet.
In the end, we managed to get in the top 4, which made us all quite hyped lol.
Group 9 ended up getting second and Group 8 (Faze’s group) got first! They absolutely deserved it as their projects were really well developed and they also had rly nice presentations. Congrats to them and hope they enjoy their Offsec prizes.
We then all had dinner together at some local restaurant near the sea, and most of us went to the night market together.
And of course, we had a party after that at the hotel.
I got super hungry after the party so I went to 7-11 with a few of my friends and got some cup noodles.
EOF
We checked out of the hotel, and went to do some sightseeing together.
Went to a market, and looked at the sea for a bit.
Then we said our goodbyes, and before I knew it, I was already back in Malaysia.
Conclusion
This week flew by insanely fast. So many things happened in just a span of a week.
I made so many cool friends, and talked to so many people. I learned a lot about new areas of cybersecurity and dived deeper into what I already knew.
I made a lot of fun memories there and I’m not even exaggerating when I say it’s been one of the best weeks of my life.
Again, thanks so much to all the organisers involved, from travel to accomadation to trainings, everything went really smoothly and great.
I’ve also reposted a few other blog posts by other GCC candidates on my twitter, so go ahead and check them out to see their pov of GCC!
Sorry for yapping so much in this post but this blog is really a way for me to remember this experience. I really tried to only write about the more interesting parts of my experience, but there is just too much to write about. Also, if you wish for me to make modifications to the blog, like maybe changing the hyperlink attached to your name, please do not hesitate to tell me.
Photo dump
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|