DEFCON 201

CTF

.::DEFCON 201 Online CTF Practice — Crypto CTF — August 10th-11th::.

Welcome to the DEFCON 201 Crypto CTF Practice Challenge!

For over two years we have been planing running our own Wargames and CTF to help people develop their hacking skills. While progress is still being made (we plan to launch our own in Winter 2019), DC201 will also occasionally enter into various online CTF Tournaments to test our skills and to get a sample on how one is set up so we have a blueprint in creating our own.

This Saturday, from August 10th 2:00 PM EST to August 11th 2:00 PM EST, we invite all DEFCON 201 Members, Attendees and Fans to help us hack the Crypto CTF 2019!

Website: https://cryp.toc.tf/

CTF Time Page: https://ctftime.org/event/809

Meet-Up: https://www.meetup.com/DEFCON201/events/262871871/

Anyone can enter by joining our group and entering our DISCORD Chat! Once in chat, select the #CTF channe. Our Discord will have our Team Invite passphrase. When registering your username, select “I have an invitation code to an existing team” and enter the passphrase posted in our Discord #CTF chat. You are then ready to hack away!

========================================================== DEFCON 201 Discord Link: https://discord.gg/PGgPNEF

CLIENT INTERFACES

Clear Net: https://discordapp.com/channels/@me

Windows: https://discordapp.com/api/download?platform=win

macOS: https://discordapp.com/api/download?platform=osx

Linux: https://snapcraft.io/discord

iOS: https://itunes.apple.com/us/app/discord-chat-for-games/id985746746

Android: https://play.google.com/store/apps/details?id=com.discord (We recommend using YALP)

Join The DEFCON 201 CTF Time Group: https://ctftime.org/team/40304 ==========================================================

::RULES::

Welcome to the Crypto CTF!

Crypto CTF is an online competition for hackers to test, evaluate, and expand their cryptography exploiting skills. In this CTF we will provide various crypto challenges regarding modern cryptography techniques.

All crypto lovers are most welcome

Each task will be based on a particular cryptographic primitive or it will include a direct application of cryptography in other fields.

Each team is only allowed to participate under one name.

There is no restriction on the number of team members.

If you have questions about tasks, ask moderators in IRC chat or Email. No points will be deducted for these questions.

If this is the first time you play over, you should know that a flag is a sentence or code that you should find in each level. There is no exact procedure to find them, you have to do several tests and think out of the box to get them. Eventually, you’ll understand the dynamics of the CTF and how to quickly solve challenges.

If you are sure your flag is true (we mean %100 SURE), but our system does not accept it, inform us via chat.

Reporting bugs in the contest infrastructure has a reward.

Thou shalt not be a jerk. We are all here to learn something new.

Any attempt to disrupting the contest will result in disqualification.

We have a dynamic scoreboard. That means the more teams solve a challenge, the less point each team gets.

All flags must be in this form: CCTF{[0–9a-zA-Z_–]+.}, unless the contrary is stated.

Flag example: CCTF{somel33tstringl1k37hi5}

There would be at least 24 tasks.

You can find the latest news and announcements about this contest on the announcements page.

Registration will be open until the end of the game.

The address of the live chat channel is freenode #cryptoCTF

Long Live Crypto!

Happy Hacking!

::END OF LINE::

.::DEFCON 201 — Google CTF Practice Challenge — June 22nd::.

Welcome to the DEFCON 201 Google CTF Practice Challenge!

For over two years we have been planing running our own Wargames and CTF to help people develop their hacking skills. While progress is still being made (we plan to launch our own in Winter 2019), DC201 will also occasionally enter into various online CTF Tournaments to test our skills and to get a sample on how one is set up so we have a blueprint in creating our own.

This Saturay, from June 21st 7:00 PM EST to June 22nd 7:00 PM EST, we invite all DEFCON 201 Members, Attendees and Fans to help us hack the Google CTF 2019!

Website: https://capturetheflag.withgoogle.com/

CTF Time Page: https://ctftime.org/event/809

Anyone can enter by joining our group and entering our DISCORD Chat! Once in chat, select the #CTF channel and hack away!

DEFCON 201 Discord Link: https://discord.gg/PGgPNEF

::CLIENT INTERFACES::

Clear Net: https://discordapp.com/channels/@me

Windows: https://discordapp.com/api/download?platform=win

macOS: https://discordapp.com/api/download?platform=osx

Linux: https://snapcraft.io/discord

iOS: https://itunes.apple.com/us/app/discord-chat-for-games/id985746746

Android: https://play.google.com/store/apps/details?id=com.discord (We recommend using YALP)

:..>Join The DEFCON 201 CTF Time Group: https://ctftime.org/team/40304

::RULES::

Welcome to the Google CTF 2019 Quals

If this is your first time playing a CTF competition, we suggest you start in the Beginner’s Quest here. If you are a seasoned and experienced player, or feel ready for a harder challenge, our competition will be running from June 22 00:01 UTC until June 23 23:59 UTC. Once the competition starts, the challenges for the main competition will be available here.

Q: Is there a limit of players per team?

A: There is no limit of players in a team.

Q: I got an error: PERMISSION_DENIED: Permission denied.

A: Try picking a different team name, the team name you inserted is already taken.

Q: I got an error: This browser is not supported or 3rd party cookies and data may be disabled.

A: Enable 3rd party cookies. Instructions for Chrome are available under “Allow or block cookies by default”. https://support.google.com/chrome/answer/95647 Where can I submit a write-up?

Please submit all write-ups as an attachment in CommonMark Markdown format to google-ctf-writeups@google.com. If your write-up can’t be submitted in Markdown (for example, if it’s a video, or an app), please send us a link to a ZIP file we can use to download it. The deadline for write-up submission is June 30 23:59 UTC. Any write-up received after that will not be accepted. Where can I ask a question?

During the competition, you can reach the Google CTF team on IRC on ##ctfcompetition on freenode. Click here to join with your web browser. You can also reach us by email at google-ctf@google.com.

Happy Hacking!

::END OF LINE::

.::DEFCON 201 — Facebook CTF Online Practice Challenge::.

Welcome to the June DEFCON 201 Facebook CTF Practice Challenge!

For over two years we have been planing running our own Wargames and CTF to help people develop their hacking skills. While progress is still being made (we plan to launch our own in Winter 2019), DC201 will also occasionally enter into various online CTF Tournaments to test our skills and to get a sample on how one is set up so we have a blueprint in creating our own.

This weekend, from May 31th 8:00 PM EST to June 2nd 8:00 PM EST, we invite all DEFCON 201 Members, Attendees and Fans to help us hack the Facebook CTF 2019!


Website: https://www.fbctf.com/

CTF Time Page: https://ctftime.org/event/781


Anyone can enter by joining our group and entering our DISCORD Chat! Once in chat, select the #CTF channel and hack away!


DEFCON 201 Discord Link: https://discord.gg/PGgPNEF


::CLIENT INTERFACES::

Clear Net: https://discordapp.com/channels/@me

Windows: https://discordapp.com/api/download?platform=win

macOS: https://discordapp.com/api/download?platform=osx

Linux: https://snapcraft.io/discord

iOS: https://itunes.apple.com/us/app/discord-chat-for-games/id985746746

Android: https://play.google.com/store/apps/details?id=com.discord (We recommend using YALP)

:..>Join The DEFCON 201 CTF Time Group: https://ctftime.org/team/40304


::RULES::

Want to play? Here’s what you need to know:

A valid email address is required in order to participate.

Playing on multiple teams is not allowed and will lead to disqualification.

All flags will be in the form fb{} unless otherwise specified.

We use dynamic scoring. The more teams that correctly solve a problem, the less points that problem is worth.

Sharing flags or other collaboration between teams is not allowed.

Attacking the CTF infrastructure or engaging in activity to prevent other teams from solving competition challenges will result in disqualification.

If you discover any bugs that may allow for manipulation or disruption of the CTF, please report the vulnerability to gulshan@fb.com.

Blind brute force or automated vulnerability scanners are not required to solve any of the CTF challenges. Some challenges may require a small amount of brute force, but only after reducing the possibilities to a feasible range. If you’re unsure if you’ll be violating this rule, ask an admin.

Please read the full rules and conditions to determine eligibility.

Need Help?

Join the #fbctf-2019 IRC channel on Freenode, which you can access from your web browser here: https://webchat.freenode.net/?channels=%23fbctf-2019

Please reach out to gsingh93 on IRC with any questions.


Happy Hacking!

::END OF LINE::

.::DEFCON 201 CTF Practice Challenge — May 10th-May 13th::.

Welcome to the May DEFCON 201 CTF Practice Challenge!

For over two years we have been planing running our own Wargames and CTF to help people develop their hacking skills. While progress is still being made (we plan to launch our own in Winter 2019), DC201 will also occasionally enter into various online CTF Tournaments to test our skills and to get a sample on how one is set up so we have a blueprint in creating our own.

This weekend, from May 10th 0:00 UTC (8:00 PM EST) to May 13th 0:00 UTC (8:00 PM EST), we invite all DEFCON 201 Members, Attendees and Fans to help us hack the Order Of The Overflow DEFCON 27 CTF Qualifier!

Website: https://www.oooverflow.io/dc-ctf-2019-quals/

CTF Time Page: https://ctftime.org/event/762

Anyone can enter by joining our group and entering our DISCORD Chat! One in chat, select the #CTF channel and hack away!

DEFCON 201 Discord Link: https://discord.gg/PGgPNEF

CLIENT INTERFACES

Clear Net: https://discordapp.com/channels/@me

Windows: https://discordapp.com/api/download?platform=win

macOS: https://discordapp.com/api/download?platform=osx

Linux: https://snapcraft.io/discord

iOS: https://itunes.apple.com/us/app/discord-chat-for-games/id985746746

Android: https://play.google.com/store/apps/details?id=com.discord (We recommend using YALP)

P.S. Join The DEFCON 201 CTF Time Group: https://ctftime.org/team/40304

-RULES-

:..>No Denial of Service — DoS is super lame, don’t do it or you will be banned :..>No sharing flags, exploits, or hints — Do your own hacks :..>No attacks against our infrastructure — Hack the challenges, not us :..>No automated scanning — For these challenges, do better

-New Challenge Type: SPEEDRUN-

We want to see who the fastest hackers are on the planet. So we created a new type of challenge: the speedrun. There will be one speedrun challenge released every 2 hours starting at May 11th 03:00 UTC for 24 hours (for a total of 12 challenges). Every speedrun challenge is running on the latest Ubuntu 18.04 with libc-2.27 md5 hash of 50390b2ae8aaa73c47745040f54e602f. To the winner go the spoils.

-SCORING-

As in 2018, all challenges (except for speedruns) will be adaptive scoring based on the number of solves: starting at 500 and decreasing from there (based on the total number of teams that solved the challenge).

Speedrun challenges have two ways to earn points: individual and overall.

Individual challenge scoring is based on the solve order of the speedrun:

First to solve: 25 points Second to solve: 20 points Third to solve: 15 points Fourth to solve: 10 points All other solves: 5 points

Overall speedrun scoring is based on the total solve time of a team over all speedruns (max of 2 hours for unsolved challenges):

First place: 300 points Second place: 200 points Third place: 100 points

For example, if one team solves all speedrun challenges first, they would receive 300 (25*12) points on individual speedrun and 300 points for being in first place overall.

-FLAG FORMANT-

Unless otherwise noted in the challenge description, all flags will be in the format:

OOO{...}

AND YOU MUST SUBMIT THE WHOLE THING, INCLUDING THE OOO{…}. POW

We may implement a POW (proof of work) in front of a challenge if we feel it is necessary. Specific POW, along with a client, will be released at game time.

-HINTS-

Do not expect hints. Particularly if a service is already pwned, it would be unfair to give one team a hint when it’s already solved. If we feel that something is significantly wrong, then we will update the description and tweet about it.

Happy Hacking!

::END OF LINE::