Cyber Heroines CTF was an online Jeopardy-style Capture the Flag competition developed by our WiCyS chapter, in partnership with the L3 Harris Institute for Assured Information FITSEC Team From Florida Tech, Research Innovations Inc, and an ORAU Innovation Award.
| Name | Category | Difficulty | Author | Problem Description |
|---|---|---|---|---|
| Barbara Liskov | Forensics | Easy | Josh | Compiled Python Code (PYC) |
| Magaret Hamilton | Forensics | Easy | Rusheel | Binwalkable Image |
| Elizabeth Feinler | Forensics | Easy/Medium | Rusheel | Covert Channel PCAP |
| Stephanie Wehner | Forensics | Medium | Rusheel | Application Memory Dump |
| Marian Croak | Forensics | Medium | Prajakta | Disk Img w/ Deleted VOIP Call |
| Elizebeth Friedman | Crypto | Easy/Medium | Josh | AES-CBC (Vulnerable Blocks) |
| Sophie Wilson | Crypto | Easy/Medium | Prajakta | RSA (Small Primes) |
| Shannon Kent | Crypto | Medium | TJ | Crypto puzzle (XOR/GZIP/XOR/ZIP) |
| Lenore Blum | Crypto | Medium | Robbie | Blum Blum Shrub in C |
| Katherine Johnson | Crypto | Hard | RII | Hill Climbing |
| Dorothy Vaughan | RE | Easy | Kourtnee | Fortran Reverse |
| Anita Borg | RE | Easy/Medium | TJ | MovCC Compiled Bin (just ltrace) |
| Maddie Stone | RE | Medium | Sneha | APK (Dynamic/Static Analysis) |
| Mary Combs | RE | Medium | TJ | Constraint Solving with Angr |
| Grace Hopper | Web | Easy | Sandesh | Vulnerable PHP (Cmd Inject) |
| Susan Landau | Web | Easy/Medium | Sneha | CSRF Token Impersonation |
| Radia Perlman | Web | Easy/Medium | Rusheel | NodeJS (DNS App) |
| Shafrira Goldwasser | Web | Medium | TJ | Flask App w/ CMD/SQL Injection |
| Frances Allen | Web | Medium | TJ | Flask App w/ SSTI |
| Sally Ride | Pwn | Easy | TJ | C Bin. (w/ Python Input() Vuln) |
| Erna Hoover | Pwn | Easy/Medium | TJ | Shellcode (Exec Stack/2-Stage) |
| Carol Shaw | Pwn | Medium | TJ | Array Index Abuse (Tic-Tac-Toe) |
| Kateryna Yushchenko | Pwn | Medium | TJ | Linked List Abusing Pointers |
| Ada Lovelace | Pwn | Hard | RII | Tcache Safe Linking Exploit |
- Challenge prompts all begin with a Wikipedia enries and Youtube videos that are all individually cited.
- Josh used the code from earlier AvengerCon CTF by TJ for Elizebeth Friedman
- TJ used ChatGPT to create (and then modify) the code for the Carol Shaw, Sally Ride, Shafrira Goldwasser, Frances Allen, Sally Ride, Mary Combs, Shannon Kent challenges.
- TJ used ChatGPT to create the CSS/HTML for Grace Hopper, Susan Landau, Radia Perlman
- TJ used ChatGPT to build and then modify Kateryna Yushchenko, which was inspired by DEFCON 2023 Quals: Open House problem.
- TJ was inspired to build an SSTI problem by this blog post and used their solution in the README.md
- TJ builds his binary-hosting docker containers from the template published by the Order of the Overflow for their DEFCON 2019 Speed Run Challenges.
- Sneha used ChatGPT to create and modify the code for Susan Landau and Maddie Stone .
- Sandesh used ChatGPT to create (and then modify) the code, also inspired by our internal Big Brother CTF Web challenge for Grace Hopper
- Rusheel and Sneha created and modified code for Stephanie Wehner
- Rusheel created and modified coding using ChatGPT for Elizebeth Friedman
- Rusheel created and modified code using ChatGPT for Magaret Hamilton
- RabbitShield Infosec Private Limited created ideas with Sneha and shared code for Radia Perlman
- Kourtnee Fernalld used Chatgpt to create and modify Dorothy Vaughan
- Robbie used ChatGpt to edit a few parts of Lenore Blum
- Prajakta used FreePBX server, MicroSIP, and PhonerLite to simulate Marian Croak
- Prajakta used ChatGPT and inspired by CTF101 for Sophie Wilson