Capture the Flag - CTF

So recently beside solving challs on challenge sites, I'm also playing CTFs.

Just like challenge sites, CTFs are also computer security competitions. There are 2 types of CTFs: jeopardy and attack-defence. So far I've only played jeopardy ones, and because they are very similar to challenge sites, in this post I will mostly write about them :P

In jeopardy CTFs, you are given a number of challenges in different categories: crypto, stegano, web, pwn, RE, forensic... By solving these challenges you will get special passwords called "flags". Submitting these flags will earn your points. Unlike challenge sites, CTFs are events that usually last for 2 days, so it is recommended that everyone should play CTFs in teams. The teams with the most points will win the CTF. CTFs are a fun way to solve challenges, and many CTFs even offer cash prizes for the top teams.

Most CTFs have qualifier and final rounds. Usually the qualifier rounds are online, and final rounds are on-site. The biggest CTF is DEF CON CTF, which comes together with the famous conference that everyone already knows about.

My team is penthackon. It is a new team consisting mostly of high-ranked players in the WeChall network, and as a result we have done quite well and is currently #6 on the ranking. We even pre-qualified for DEF CON, and some of us will be going to Las Vegas in August to pwn there :P

Farewell to Scortile

Our fellow challenger, Scortile, passed away last month in a car accident, at a young age of 23. The sad news was delivered to Gizmore by his brother. An article of the accident is available here: http://www.ad.nl/utrecht/2466511/Ongeluk_met_dodelijke_afloop.html

Scortile had been around in the challenger world since 2003. He was active in many popular challenge sites, among which are TheBlackSheep, HackQuest, Rankk, and of course WeChall. He was especially skillful in cracking, with 63.46% crackits solved at TBS. And he is currently holding the record of achieving the quality of 82% for fuzzy fingerprinting attack against an SSH private key, as part of a challenge at WeChall.

It was just a year ago that Scortile expressed his desire to compete with rhican and pvcuong on the race to the top. But now he's gone. Forever.

Farewell to him! May he rest in peace!

Net-Force

I guess it's time to promote another challenge site: Net-Force.

Net-Force is a dutch challenge site with challenges divided into categories similar to TheBlackSheep and HackQuest. The challs are mostly in English, however.

At Net-Force you are ranked according to the ancient Roman empire, from slave to general. At the moment using some magic rhican is the second general there, having solved all the challs :O

And as promised by ilias, Net-Force will be a new member of the WeChall network "pretty" soon.

Hacking school

Most challenge sites have a ranking, where people can compare themselves with other challengers. It is a great source of motivation, but also on the other hand, the root of all evil. Many people have been competing dishonestly by trading solutions, begging for hints and cheating. A true challenger would not want to see that other side of the challenger world. And as a result, a group of topgamers, among which relee, rayden5, bb and chrisi, worked together and finished a cool project - the hacking school.

The main purpose of the hacking school was to create an educational challenge site where people can learn and grow their skills, and especially, cheating and solution trading are prevented. The challenges are reviewed by the "group leaders" for quality assurance, so that only good ones are published. The solutions are different for each user, and all solution attempts are monitored, so that "swapping answers" will not work.

Hacking school was built over 2 years, but in the end for an unknown reason only a framework was released. The framework was hosted at http://www.hacking-school.org, but for an unknown reason it is down for now. You can still have an overview of the site from the Wayback Machine, and if you want a copy of the framework, feel free to contact me.

Nature of a challenge site

Challenge sites have been around for quite a while. The first one that this writer knows is Cyberarmy's Zebulun, which was started around 1999, at about the time the browser market was dominated by Internet Explorer and Netscape. Over the years, many have sprung up in different corners of the web. Some have survived the changing face of the Web and are doing well, some have been neglected by their founders while others have faded away. New ones have been born and as I write, even newer ones are being conceptualised and coded.

This article is an attempt to describe the characteristics of a challenge site according to the writer's best knowledge. Feel free to share your thoughts :)

1) Single vs multiple domains

Some challenge sites offer challenges based on a single domain, be it mathematics, programming or hacking. Sites in this category include Electrica and Project Euler. Others offer a mixture of domains, from logic to programming to hacking to cryptology to stenography.

2) The need to register

Most challenge sites require you to sign up, but some, such as notpron, don't. The former has the advantage of identifying the solvers persistently so that when they return weeks or months later, they are still recognised.

3) Challenge presentation

The challenge is presented on a web page and is usually accompanied by an input field for solution submission. Typically the same challenge is presented to the solvers with a single, unchanging solution (though this solution may be periodically changed to foil cheating). However, it's also possible for the same challenge to be presented but with different inputs to make the solution unique for everybody.

4) Method of solving

There are two types:

a) Static
The challenge is presented and the solver can take any amount of time to solve it. He then submits the solution via an input field and gets a feedback instantaneously.

b) Dynamic
The challenge changes with every access and has to be "understood" and solved by a script. Usually there's a time limit on solution submission, like within 2 seconds. Challenges of this nature are harder to "cheat".

5) Hall of Fame or Ranking

Most, if not all, challenge sites implement a Hall of Fame (HOF) page to give the solvers an idea of how they are fairing relative to the others. Typically, the HOF lists the solvers and their challenge completion statistics in a hierarchical manner. It helps to inject a competitive element and is a source of motivation to the solvers.

6) Private Message

At some point during their stay, solvers will need to communicate with fellow solvers privately. Sometimes, it's just for getting to know the other person, while at other times, and perhaps more commonly, it's to seek "enlightenment" on a challenge. While not strictly necessary, it is nevertheless a popular feature amongst challenge sites.

7) Forum

The forum brings all the solvers together and is usually the first place to look for hints or to seek clarifications on a challenge. It's also the place to chill, to post congratulatory messages, or to whine about a challenge.

8) Challenge rendering

This is the meat of a challenge site. It is where the challenges are presented. There are different flavours:

a) Strictly linear
In this scheme, the challenges are accessible one at a time and in order of difficulty, from easy to difficult. You solve the current challenge and move on to the next (presumably) harder challenge. The old Cyberarmy, which enjoyed a phenomenal success during its peak, was implemented in this way. Others, such as Mod-x, are also modelled after this scheme.

b) Scatter or non-linear
In a scatter scheme, all the challenges are accessible to the solver, without any restriction on the order of solving. You can solve the easy challenges or the harder ones at any point in time. This is quite a popular model to present the challenges. Hackquest and TheBlackSheep, to name but a few, are modelled after this scheme.

c) A Hybrid
As the name suggests, this scheme is a cross-breed of the strictly linear scheme and the scatter scheme. For this scheme to work, the challenges are organised into levels, with a fixed or variable number of challenges at each level. It is linear in the sense that the solver needs to complete all or a certain number of challenges in a level to progress to the higher level. It is scatter in the sense that, in each level, the solver can freely attempt the challenges in any order. Slyfx and Rankk use the hybrid scheme.

9) Profile

Most challenge sites have a profile feature. This page displays the solver's personal information, such as country, age, hobbies and so forth, along with challenge completion statistics. It is like the solver's resume, if you like, acting as an informational link between the solver and the outside world.