Skip to content
This repository was archived by the owner on Jun 9, 2021. It is now read-only.

BSidesPDX/CTF-2020

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

152 Commits
deployment
deployment
 
 
intro
intro
 
 
over-the-air
over-the-air
 
 
pwn
pwn
 
 
re
re
 
 
tor
tor
 
 
web
web
 
 
BRAINSTORM.md
BRAINSTORM.md
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 

Repository files navigation

BSidesPDX CTF 2020

BSidesPDX

BSidesPDX CTF 2020 is using the bsides-ctf-framework. See TTimzen's blog post for a detailed explanation of the framework, motivations, and instructions for writing challenges.

Challenge authors:

Final Statistics

The CTF event ended with:

  • 75 teams registered
  • 135 individual players
  • 180 flags submitted
  • Every single challenge solved

The most solved challenges were:

  • 23 solves for Heading the Right Way (web)
  • 14 solves for Please Stand By (ota)
  • 14 solves for basic-bof-1 (pwn)

The least solved challenges were:

  • 1 solve for cheatcode (re)
  • 2 solves for Cavage Enough for You (web)
  • 2 solves for speakers (pwn)

The top 3 teams were:

  • OSUSEC - 3938 points
  • redpwn - 3044 points
  • limsa - 3041 points

Challenges

Challenge Name Category Points Cloud Port(s) Local Port(s)
Sowing Discord intro 10 N/A N/A
Flag Vault re 100 N/A N/A
flagvault.c re 200 N/A N/A
cheatcode re 300 N/A N/A
Heading the Right Way web 100 8081 8080
SOCKING IT TO YA web 200 8081, 8082, 1080 8081, 8082, 1080
Cavage Enough for You web 300 1337 1337
basic-bof-1 pwn 100 9999 9990
basic-bof-2 pwn 200 9999 9991
speakers pwn 300 9999 9991
Default Onion tor 100 N/A N/A
Default Onion - Fixed tor 200 N/A N/A
Microblog tor 300 N/A N/A
Please Stand By over-the-air 100 N/A N/A
Xclusive Numborz over-the-air 200 N/A N/A
Down the rabbit hole over-the-air 300 N/A N/A

Local Deployment

To locally test, deploy or play challenges with Docker, run the following (Ubuntu)

  1. sudo apt install docker-compose
  2. sudo docker-compose build && docker-compose up -d
  3. Containers are viewable at localhost:PORT (view with docker-compose ps)
  4. sudo docker-compose down to stop the containers

Get Onion Addresses for Tor Challenges

Default Onion: sudo docker exec -it default-onion cat /var/lib/tor/hidden_http/hostname

Default Onion - Fixed: sudo docker exec -it default-onion-fixed cat /var/lib/tor/hidden_http/hostname

Microblog: sudo docker exec -it microblog cat /var/lib/tor/hidden_http/hostname

Cloud Deployment

This year we ran all of our challenges in k8s using the Makefile and yamls in the oci directory of all pwn, web, and tor challenges. The Over-the-Air challenges had a Twilio bot and were streaming to Twitch on a seperate VM. We've done our best to include all of the tools and information required to stand-up the Over-the-Air challenges locally, but due to the use of Twilio, it will be difficult to replicate the challenge: Down the rabbit hole in it's entirety.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

4 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages