CTF Introduction

Capture The Flag is an event we set up for solving computer security puzzles and engaging in creative exploration in a safe environment with reduced consequences for activities generally considered malicious or illegal. By providing a safe place to explore, defenders are better able to learn what kinds of techniques they might need to defend against.

Categories

Our CTF exercises feature multiple categories, which are typically not related to each other. Each category exercises a particular skillset. For instance, a contest may feature codebreaking, file carving, rapid code development, and Unix system administration. Categories are either considered "puzzles" or "live".

Puzzle categories are sequential, static puzzles that you can download or write down and work on without further interaction with the contest server. Codebreaking an example of a puzzle category: you get a code, write it down or save it to disk, and you can then detatch from the contest network (or sometimes your computer). Puzzle categories usually award points when the correct answer is entered, at which time the next puzzle in the sequence is presented.

Live categories require constant interaction with the contest network. Unix administration is an example of a live category: it contains running services which produce different results based on their input. You must adjust your input to trigger the correct output for points. Live puzzles are usually not sequential: running parallel to each other, all open to all players.

Scoring

The objective is to make the most points.

In our CTF setup, each team is battling for a percentage of one point in each active category, and percentages are added to obtain an overall score for each team. This setup rewards breadth and not depth: your score will be higher initially if you solve one puzzle in four categories, than if you solve four puzzles in one category. This also means that a 2 point puzzle in a category with 5 total points is worth far more overall than a 300 point puzzle in a category with 7000 points.

In the drop-in setup, points are (hopefully) adjusted to reflect how much effort we estimate is required to solve the puzzle. You should be able to solve puzzles in any order you want, without worrying about point-scoring strategy.

Security of your computer

Most of our events require you to bring your own computer. It is not a good idea to bring a computer with important information to a computer hacking contest. We tell people to consider the contest network hostile, to remove any important or sensitive information before they come, and to strongly consider reinstalling the OS after they've left.

When everybody brings a clean computer they don't mind being compromised, it's a much more fun event for everyone involved: nobody needs to worry about acting in a way which might cause real damage to anyone other participants.

Environment

In our preferred setup, we dim the room lighting and play and no-vocals "unts unts" electronic music. We prefer banquet-style seating: round tables that seat up to ten, with wired connections to the contest network on a "head table". We don't always get the setup we'd prefer, though, and have run CTFs in almost every setup imaginable, from classrooms to computer labs to dance floors.