CAPTURE THE FLAG
The Capture The Flag (CTF) challenge at HackSTAIR features a variety of security challenges including cryptography, web exploitation, reverse engineering, and more.
Update/Fix on Technical Issues
We apologise for the technical difficulties. We have resolved the issues. Please follow the updated instructions below:
- New CTF is running at: http://83.228.214.27
- Register and create a team.
- Use the registration Code: stair
The website to hack runs locally, the Docker command is on the website. It is currently only accessible via http.
FAQ
General Questions
What is a CTF?
A CTF (Capture The Flag) is a cybersecurity competition where participants find security vulnerabilities, analyze code, and solve puzzles to discover so-called "flags". Each flag found earns points and contributes to the overall ranking.
How does the CTF event work?
The CTF begins at the specified start time. All labs are unlocked from this point. The event automatically ends after the game time expires (see timetable).
Participation & Teams
How can I participate in the CTF?
Note: To participate in the CTF, you must have registered in advance via the STAIR website.
- Go to the Parrot-CTF platform: https://parrot-ctfs.com/events/ctf/144003
- Register individually first (how to form a team is explained in the next point)
- After registration, you will receive an email with the activation link and access credentials to Parrot CTF
- Connect to the VPN (download the .ovpn config file for this)
- Alternatively, launch the Athena Web Based VM (NOT RECOMMENDED)
- You don't need more information to get started, you're ready!
How can I register my team?
- First register personally on the event website (https://parrot-ctfs.com/events/ctf/144003) with your email address
- After confirmation, you will get access to Parrot CTF
- In the Parrot CTF dashboard, you'll find the "Team" option on the left side
- Create a new team and invite your team members, or search for an existing team to join (Note: a maximum of 4 people are allowed in a team)
- Once all member data is correct, you can start together!
How can we work together?
- Register as a team via the website according to the previous point
- Your earned points will then be added together
- However, note that you can only work on one lab at a time
What do I need to bring?
To participate in the CTF, you need a laptop or PC with a stable internet connection (HSLU WLAN). A browser (e.g., Chrome, Firefox) is required to access the Parrot CTF platform. It is strongly recommended to bring your own setup (operating system, tools). If this is not possible, a web-based VM (Athena OS) is available as an alternative.
Setup & Access
Is there a link to the scoreboard?
How can I access the labs if I have my own VM?
- Select challenge
- Make sure you're connected to the VPN
- Start lab machine
- Wait until IP address appears (usually takes ~2 minutes)
IMPORTANT: Copy the IP, it sometimes disappears. The lab machine should still remain active.
Can I start/work on multiple labs at the same time?
No, only one lab can be solved at a time.
How can I participate if I don't have my own setup?
A web-based VM from Parrot CTF (Athena OS) is available, but is very unstable. We recommend that you prepare your own setup; a Kali Linux should generally be sufficient.
Support & Winning
What if I get stuck on a lab?
Unfortunately, we cannot answer questions about the lab itself, but we are confident that you will have enough time to figure everything out.
What if I/we finish early?
Contact us if you finish early. There is a potential chance for bonus points.
How can I/we best win?
The ranking is created by the platform operators. The rule is: Whoever finds more flags also has more points (depending on difficulty). If two teams have the same score, the faster team wins.
The top 3 groups/participants win!
Where can I ask if I have technical problems?
There is live chat support. You can access it when you're on the event/lab page (bottom right). Otherwise, you can contact Marcel!