saarCTF 2023

Services from saarCTF 2023.

Building services

Enter a service directory and use docker-compose, e.g.:

cd pasteable
docker-compose up --build -d

Running checkers

Every service comes with a checkers directory, which contains a python-script named after the service. Running this script should place three flags in the service and try to retrieve them subsequently. Caveat: Make sure the gamelib is in the PYTHONPATH, e.g.:

PYTHONPATH=.. python3 bytewarden.py [<ip>]

Checkers require a Redis instance to store information between ticks. If you don't have redis installed locally, use the environment variables REDIS_HOST and REDIS_DB to configure one.

Flag IDs and exploits

The script get_flag_ids.py prints you the flag ids used to store the demo flags.

Each service comes with demo exploits to show the vulnerability. To run an exploit: python3 exploit_file.py <ip> [<flag-id>]

Services

About

Services, Checkers and Exploits from saarCTF 2023. https://ctf.saarland

Languages

Language:Python 67.6%Language:JavaScript 11.9%Language:Shell 5.1%Language:TypeScript 2.6%Language:C 2.5%Language:PHP 2.1%Language:HTML 1.9%Language:C++ 1.7%Language:Java 1.0%Language:Pascal 1.0%Language:Go 0.8%Language:C# 0.8%Language:Dockerfile 0.5%Language:CSS 0.3%Language:CMake 0.1%Language:Makefile 0.1%Language:Less 0.1%Language:Hack 0.0%