Add an extra layer of security, enable your 2FA

We have great news! 2FA (i.e. Two-Factor Authentication) is now available at Shellter Labs and you can make your account more secure by enabling it.

Someone may ask: But what is 2FA and what is this for?

Don’t worry! We will tell you in a bit…

2FA in a nutshell

2FA Image
2FA Image

As mentioned before, 2FA stands for Two-Factor Authentication. This solution provides an extra layer of security to your account by requiring an extra step during your authentication process. In other words, after you submit your username and password, you will be asked for an unique dynamic and random code.

So, even if someone knows your password, this person would still need the second code to authenticate in your account.

Ok, but what is this code and how do I get it?

You can view this code on a trusted device of yours or you can use a Yubikey (https://www.yubico.com/start/) if you have it.

token-image
token-image

It is important to notice that not always the second factor means it is a code or a Yubikey.

So, tell me more about authentication factors…

In security, we usually say that we have three categories of authentication, also known as authentication factors, which are:

  • Something you know: This is the most common form  of authentication. It is asked the user something that he/she knows, like a password or a secret.
  • Something you have: This factor uses something the user has, like a smartphone or a security token.
  • Something you are: This one is related to your personal attributes in a biological and physical way, and uses biometrics such as your fingerprint, voice or face.

As you can imagine… Two-Factor Authentication uses two of these categories. 🙂

And now you know why 2FA dramatically improves the security of your account.

Great! How can I setup Two-Factor Authentication on my Shellter account?

  1. First, go to your Account / Settings, then choose tab “Enable two-factor authentication”

    Step 01
    Step 01
  2. Select  which authentication method you would like to use

    Step 02
    Step 02
  3. If you chose the ‘Token Generator’, you will need to have an app like Google Authenticator installed in your smartphone. Open the app, and point your camera to the qr-code shown in the screen (like the one below). Then enter with the token generated by app and click ‘Next’.

    Step 03
    Step 03
  4. Now you have a safe login with 2FA 😀

    Login with 2FA
    Login with 2FA

After you finish activating the 2FA in your account, be sure to save your backup codes. Backup codes can be used when your smartphone is not available. So, in case you phone run out of battery, or you lose it, we can still log into Shellter.

Good hacking, and be safe!

Hey, we have a new look!

Responsive

We’ve done a platform tuning job to make it responsive, so that you can access any resolution, even from your smartphone.

Now you can read and browse the lessons, interact in our forum, check the ranking, view job openings, player profiles and companies on any mobile device while playing on the computer.

New Theme

As part of the new look, we applied a darker theme, making Shellter more comfortable to study in half light. We remodeled components, nomenclatures and more to make it easier to locate and navigate inside the platform.

Join SHX #8 [shellterlabs.com/contests] and see how new game dashboard looks like!

A Lot More Coming

And we didn’t stop there, this was one more of many news that we are preparing to launch this year, stay tuned!

Leave a Reply

So, what did you think about the new look? We’re curious to know what you found. Feel free to send us feedbacks at contact@shellterlabs.com. We are always open to suggestions from you.

 

Shellter Team
Keep Hacking, Go Shellter

Carnaval Hacking Results

Hey players,

We have reach the end of #CarnavalHacking. The event was awesome and we are very happy with the engagemnt of all the team.

Congratulations to everyone who played. Special Congratulations (and prizes) to the winner team, DeathinReverse!


Here’s the final result!




Oh! And get ready, because as the Starks would say: “Contests are coming!” 😀 Stay tuned in our facebook page and our platform because other special events are coming. Not to mention the SHX, that happens eery 15 days.

Announcement – Introducing Individual Labs

Yesterday we’ve added a new feature along with SHX2: Individual Labs. Don’t worry if you were not there, we will explain here what you missed…

With this feature, each user will have his own challenge.

“What do you mean?”, you may ask.

What we mean is that each user will have a unique and isolated environment to play on remote challenges, so it will not be interfering on another user challenge. Cool, right?

This will be available during contests but also on past challenges at CTF-Master section. On the next weeks we will be adding more and more remote challenges so you can practice and learn. But we already have 4 remote challanges available. So don’t waste time! Go ahead and try the new feature!

All you have to do is:

  1. Go to CTF Master Page:

  2. Choose the challenge you want. 
  3. Click on the “Start” button to start your environment:
  4. You will receive the information you need( a.k.a IP and PORT):

  5. Now it´s all on you. Take those information and pwn it al!

You can stop and restart your environment if you need to.

We hope this update makes your learning process even funnier, and with a lot of practicing. Thanks for all the feedback we get from you every day! We truly appreciate you helping us build a better place to learn.

Keep hacking. Go Shellter.

Shellter Hacking Express #01

On January 15, 2017, we will make the first Shellter Hacking Express (SHX).

And what is SHX? You must be wondering. Well, SHX is an event that will take place on average every 15 days on Sundays. You may have noticed that the past CTF issues that are available on Shellter are worth very few points, correct? The questions that matter most will give you only 100 points, and are very difficult to solve. By participating in SHX, you will have the opportunity to earn more points, and climb the ranking faster.

Yes, all SHX issues will be available after the event ends, but they will only be worth 20% of what they were worth during the event. So be sure to get join live.

The SHX # 1 will begin at 5:00 pm UTC, and will last only 4 hours. The 3 issues will involve problems in Python. Do you really understand the language? Do you know the the weakest points?

Come play and learn a little more!

Register Now.

Keep hacking. Go Shellter.

Results of Holiday Challenge

Our first holiday challenge has ended. We celebrated Christmas with 3 challenges distributed between Coding, Forensics and Web Application.

It was two days of fun and the winner was…

@manoel https://shellterlabs.com/en/profile/player/2580/

Thanks to everyone who played!

Stay tuned and make sure you don’t miss the next Shellter Labs Holiday Challenge! 🙂

Keep hacking. Go Shellter.

Happy Holidays and Happy New Year

 

What’s up, people,

The staff here from Shellter Labs is in the mood for Christmas. We would like to wish you a Merry Christmas and a Happy New Year!

Since we are in this Christmas mood, we decided to give you a “little gift” 🙂

How about taking 0x5dc points and earn a few positions in the ranking?

There’s going to be a Christmas challenge on Shellter. Only 3 easy problems surrounding this theme that will put you to the limit as you wait for the turkey with cranberry sauce.

The contest will start at 00h GMT on 24th and goes until midnight on 26th GMT.

So, Let’go? We’ll wait for you there!

The Shellter team wishes you all the best in this Christmas Eve and a awesome 2017 with a lot of hacking.

Join Now

Regards! Keep hacking. Go Shellter

JISIC EPN – Ecuador Contest

Last Wednesday, November 16, we hosted a CTF supporting the Escuela Politécnica Nacional (EPN) from Ecuador during the VII  Jornadas JISIC 2016.

It was 24 hours of fun with 22 challenges.  By the end, 16 of the 26 teams competing solved 16 challenges

We would like to thank all the students for the participation and good game, the event organization, and especially the professor Jonathan Barriga Andrade who contacted us and made this happen!

Congratulations for the winner, the team FEJTBBB, composed of only 3 members:  FEJ_Rhyfel_GR,  Camm and FEJ_Patricio.

jisic-players      jisic-players2

final_scorboard
Final Scoreboard

 

 

Shellter Update

Hi there!

We are happy to annouce the launch of a Shellter update, with a fresh dashboard and some new features.


The first thing you will notice is the main screen. Now when you log in, you have a dashboard showing core information like your current status, top 10 ranking, week progress, latest challenges tries and active forum topics… by the way, did I mention that we have a forum now? Yes, we have! Now you can discuss security with your fellow hackers and improve our community. Please, use wisely and respect the rules. 🙂

dashboard

We also introduced the Play category. This category consists of everything related to your learning path and practice of security skills.
shellter-play

Starting from:

  • Welcome:
    Here you will have introductory lessons on basics of information security and also how to start playing with Shellter. There will be 9 lessons, 1 lesson released per week.
  • CTF Master:
    The good old CTF. Here you have past CTF challenges so you can practice and keep you sharp.
  • Contests:
    We wil be hosting Capture The Flag contests. Mainly Jeopardy style. So if you are interested on hosting your CTF on Shellter, feel free to contact us 🙂

The first contest will be Saturday, 25, organized by Sucuri HC. Don’t miss it! Go to Contests page and register yourself.

contests

More learning paths is to come. Keep posted and good hacking!

Shellter is coming back…

 

We know it’s been a while, but we promise you that it’s not going to happen anymore. We’re excited to introduce you new features we have been working on.

Create Teams
Create your own team and invite your friends to play with you.
Choose your team mates right, their skills will affect the way your team goes on the competitions.

Armyants
Armyants Team

Stay Updated

We’ve added a new topic at CTF Master page with the latest challenges, so you can keep track of what’s new.

RecentlyAdded_round
Recently added challenges

Better ranking pagination and Friends raking tab

Now you have a better way to navigate through ranking instead of only doing next, next and next. Also, we’ve added a friends tab so you can easily see the ranking between you and your friends.

 

ranking
Ranking of your friends

Badges
So far we have only two badges. Get rewarded for completing your registration and for solving your first challenge.  New Badges to come.

Rewards
Shellter Rewards

 

New features coming soon:

  • More challenges!
    Beside past CTF Challenges, we will have our own exclusive challenges.
  • Team Ranking
    See which team is the best and take yours to the top!
  • Team Chat
    Talk to your team members. Discuss challenges, help them become even better.
  • Newsfeeds and Activity Stream
    Follow your friends feeds, see what challenge they just solve, share you thoughts and knowledge!

We hope you haven’t gone so far away. Come back and create your brand new team, invite your friends and keep practicing.

ShellterLabs is a small team, but we work hard to get you some security knowledge and a lot of fun. Feel free to contact us and give your feedback. Let’s us know if you need anything.