Repo containing links to all CTF Challenges used in the 2015 MITRE CTF.
Latest commit f1a1c6d Sep 28, 2016 @rbclark rbclark committed on GitHub Typo
Permalink
Failed to load latest commit information.
LICENSE
README.md

README.md

2015 CTF Game

The following is a list of all of the challenges used for the 2015 CTF along with their description and link for convenience. Each of these challenges contain a README which well tell you how to stand up the challenge and the correct key to allow you to check yourself when you solve it.

Title Value Repository Description
We're in. 200 Not Available In an attempt at industrial espionage, a toy company has hired you to get information from a rival company. Here's what they know: the target company sends "Weekly Report" emails to its employees. The reports usually link to an internal file server for download and viewing. For reasons unknown, one employee registered his personal email on the list and has a tendency to use this email at work. His email is ggrievousctf@gmail.com and from what we can tell, he's not the most tech savvy and will probably open anything you send him if it looks like a Weekly Report. The rival company knows that the primary designer for the target company is named Dooku and they want you to extract as much as you can from his system. Happy Hunting! Hint: http://tinyurl.com/ozx528o Hint2: Flag is the password for Grievous!
Pixel, perfect, chesse! 300 Not Available What's that video?
I Need More!!! 400 Not Available That was a great memo!
Hey, you there? 500 Not Available Hate it when I fat finger an address!
"I Kinda Feel Like God." 600 Not Available I will send you on this final task, and you will return as king of this domain. Let's see if you gain some wisdom...
Holy Krabby Patty, Mermaid Man! 50 2015-crypto-50 Oh no! Mermaid Man has left his belt at the Krusty Krab. You fully intend to return the belt to him, but first you want to enjoy a Ceaser Salad. Because you don't want to get any food on the belt, you set it next to you. After finishing the salad, you notice that the belt is now gone and replaced with a "note". What does the note say?
Coffee Shop Routers 100 2015-crypto-100a While at a local coffee shop, enjoying your morning cup of coffee and daily hacking practice, you manage to gain access to the shop's router and begin to capture network data. You have intercepted an "image" that looks like it may contain some interesting information based on the other requests and responses coming from that IP. Unfortunately, the image has been corrupted during transmission and you now need to unscramble it. Note: Key is 10 hex digits.
Mystery Twins 100 2015-crypto-100b While wondering through the woods next to the Mystery Shack, you found a suspicious "piece of paper". You're sure it's a part of a torn page from the journal you found, but it's written in some sort of strange alphabet.
Crazy Kids with their Hippity Hoppity Music 300 2015-crypto-300a Your friend, Bin, has given you a "sound file" of this hip new band he swears is going to make it big because they've created a whole new genre. You're sure he was wrong because this surely doesn't sound like music to you! Note: the key for this challenge is of the form XX XX XX XX XX XX XX XX where the X's are hex digits.
Daba Dee Daba Die 300 2015-crypto-300b Yo listen up here's a story About a little guy that lives in a "blue world" And all day and all night and everything he sees Is just blue like him inside and outside Blue his house with a blue little window And a blue corvette And everything is blue for him and himself And everybody around 'Cause he ain't got nobody to listen to.
Message from the Doctor 300 2015-crypto-300c The Doctor has paid you a visit and helped you get rid of a stubborn Isolus. Before he left, he gave you a "note", but it seems to be written in a strange language. Maybe you can decode the message to see what the Doctor wants to tell you.
BOYCOTT 0 Not Available HEY GUYS, I SOMEHOW HACKED INTO THE CTF SERVERS AND MADE A CHALLENGE THAT APPEARS TO BE 0PTS, BUT IS ACTUALLY 50,000!!! LET'S BOYCOTT THE CTF BY ALL GETTING THE POINTS BY USING THE KEY MCA-FFFFFF!
I Spy (Part 1) 50 2015-cyberville-50-100 Matt sent you "an IP", see what you can do with it.
I Spy (Part 2) 100 2015-cyberville-50-100 I feel like we've been "here" before.
Paula O's Marketing Blows 200 2015-cyberville-200 Have you seen the "specials" this week? They look really tasty,
What's our vector, Victor? 300 2015-cyberville-300 Keep an eye on that number 3 engine gauge over there, its running "a little hot".
Operation Bedtime 500 2015-cyberville-500 As a vigilante you work in the dark. The shadows are you friend. Make the world a more friendly place. "With darkness".
Mobile Challenges 100 2015-mobile-challenges 3rd Place score for FlashingColors and SherLocked.
Mobile Challenges 200 2015-mobile-challenges 2nd Place for FlashingColors and SherLocked.
Mobile Challenges 300 2015-mobile-challenges 1st Place for FlashingColors and SherLocked.
Geocaching 100 2015-traditional-100 Welcome to Google Airlines(TM), the world's leader in virtual traveling. You trip begins "here"! Enjoy your time and remember to keep your hands and feet inside of the Internet at all times.
The Butterfly Effect 200 2015-traditional-200 Your younger sister has gotten a hold of your computer and downloaded a bunch of "images of butterflies". Besides now having a ton of butterfly images on your computer, you're sure she has introduced a virus to your system. Inspect the files she downloaded to see if you can find any abnormalities.
Forgotten Password? 250 2015-traditional-250a You registered at "this website.", but you can't seem to remember your login or password. Obtain access to your account.
Who is the Real Slim Shady? 250 2015-traditional-250b We paid someone to improve our Slim Shady fan club website, endorsed by Shady himself. I guess he didn't like Slim Shady though, because he hacked into our "emails" and made our website worse. We would like you to fix it. Slim Shady should have sent me an email with the password to go and reset the site, but there are so many in my email, I don't know which to use! Here are all the emails I have theoretically gotten from Slim. Oh, and it probably won't be much use, but here's what's left of our website, in case it helps you design the new [website". THANK YOU! --The Slim Shady Fan Club
New and Old Forms of Communication 300 2015-traditional-300 Your growing interest in communications mediums has sparked a research effort that has lead you to this "webpage". What could possibly the message the author is trying to communicate?

Regex used to assist in generating this file (The first block is placed in the "Find" block and the second in the "Replace" block in sublime)

This regex can be used on the result of the exported challenges with only the "Name" associated field checked for category and all associated flag fields unchecked. You will need to export as json and then use an online converter to convert it to yaml.

Find Block:

- 
  id: .+
  name: "((.|^\")+?)"
  description: "([\w\W]*?)"
  point_value: (.+)
  state: .+
  created_at: .+
  updated_at: .+
  achievement_name: .+
  category: 
    name: "((.|^\")+?)"

Replace Block:

<tr>
  <td>\1</td>
  <td>\4</td>
  <td><a href="https://github.com/mitre-cyber-academy/2015-\5-\4">2015-\5-\4</a></td>
  <td>\3</td>
</tr>

Next, you will need to do a find replace to get rid of all links:

Find Block:

    \[(.*)\]\(.*\)

Replace Block:

    "\1"