what are CTFs?

capture the flag in a cybersecurity context is a competition meant to teach fundamentals of information security from an attacker's perspective. the two most common forms of ctf competitions are attack and defense and jeopardy.

attack and defense usually entails players attacking other player's machines in an attempt of capturing their flag while attempting to defend their own against cyber attacks. these kinds of competitions are usually reserved for the finals of a competition.

jeopardy which is the more common of the two usually has various challenges aimed at testing different areas of knowledge. they are also meant to range in difficulty to let players of all skill levels participate and learn. the category a challenge is under usually can give an insight of what kind of skills will be required and in many cases, a small blurb will also provide a hint which can direct new players on what areas they might want to study or touch up on before taking on said challenge. the goal for players is to utilize various hacking techniques to find and submit the flag hidden in the challenge. this will provide the player with points which usually coincide with the level of difficulty for the challenge.

common categories:

pwn:

a challenge that typically requires exploitation of a binary to gain access to the flag. these are typically solved by discovering vulnerabilities common in binaries such as memory corruption (buffer overflows, use after frees, etc), race conditions, or the like.

web:

similarly to pwn, these typically require exploitation of a target, however, these are specifically web based. these challenges typically require common web application vulnerability knowledge such as cross-site scripting (XSS), path traversal, SQL injection and the like.

reverse engineering / RE:

although these sometimes require exploitation, the goal of reverse engineering challenges typically is to understand how a program or application functions in order to discover a secret in the application. it is common for this category to overlap with the crypto category as this also typically requires understanding of the algorithms used. this category typically requires disassembly or decompiling of binaries so tools such as Ghidra are recommended.

forensics:

not as common as the other categories, this category usually centers around a more defensive approach of finding hidden information or attempt of compromise. some examples could include finding hidden files in network traffic, finding hidden flags in image or files (steganography), or simply finding files in a data dump.

crypto:

this type of challenge usually centers around the breaking of cryptographic algorithms. this can either take the form of custom crypto algorithms with mathematical flaws, or, the use of algorithms known to have issues such as padding oracles or simple brute force attacks. this category typically is more mathematically focused compared to the others.

misc:

a category usually reserved for miscellaneous and fun challenges that do not exactly fit in the other categories. this can sometimes include fun recon problems that involve finding information about a certain person to finding information in RF frequencies or even sometimes making phone calls. the possibilities here are endless :)


any contents on this website are licensed under cc-by-sa cc-by-sa unless we explicitly say otherwise on our official channels.