BSidesPDX CTF 2020 is using the bsides-ctf-framework. See TTimzen's blog post for a detailed explanation of the framework, motivations, and instructions for writing challenges.

Challenge authors:

• aagallag
• arinerron
• 0xdade
• fdcarl
• 0x1nd0

The CTF event ended with:

• 75 teams registered
• 135 individual players
• 180 flags submitted
• Every single challenge solved

The most solved challenges were:

• 23 solves for Heading the Right Way (web)
• 14 solves for Please Stand By (ota)
• 14 solves for basic-bof-1 (pwn)

The least solved challenges were:

• 1 solve for cheatcode (re)
• 2 solves for Cavage Enough for You (web)
• 2 solves for speakers (pwn)

The top 3 teams were:

• OSUSEC - 3938 points
• redpwn - 3044 points
• limsa - 3041 points

To locally test, deploy or play challenges with Docker, run the following (Ubuntu)

1. sudo apt install docker-compose
2. sudo docker-compose build && docker-compose up -d
3. Containers are viewable at localhost:PORT (view with docker-compose ps)
4. sudo docker-compose down to stop the containers

Default Onion: sudo docker exec -it default-onion cat /var/lib/tor/hidden_http/hostname

Default Onion - Fixed: sudo docker exec -it default-onion-fixed cat /var/lib/tor/hidden_http/hostname

Microblog: sudo docker exec -it microblog cat /var/lib/tor/hidden_http/hostname

This year we ran all of our challenges in k8s using the Makefile and yamls in the oci directory of all pwn, web, and tor challenges. The Over-the-Air challenges had a Twilio bot and were streaming to Twitch on a seperate VM. We've done our best to include all of the tools and information required to stand-up the Over-the-Air challenges locally, but due to the use of Twilio, it will be difficult to replicate the challenge: Down the rabbit hole in it's entirety.