Giters

td-org-uit-no / UiTHack19

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

UiTHack19

Status/TODO

  • Create Crypto challs

  • Create Noob challs

  • Create Pwn challs

  • Create RE challs

  • Create Web challs

  • Create Misc challs

  • IRL challs (only on-site)

Post on Website

  • Post Crypto challs

  • Post Noob challs

  • Post Pwn challs

  • Post RE challs

  • Post Web challs

  • Add urls to Web challs

  • Post Misc challs

  • Post IRL challs (only on-site)

TODO Lørdag

  • bilde på insta

  • finne fram hengelås

  • henge opp gåter

  • henge opp Enigma

  • starte Hack Overflow

  • starte opp nettsider

  • starte opp GLaDos

Categories

  • 👶 Noob
  • 🔥 Pwn
  • ↩️ Reverse Engineering
  • 🔐 Crypto
  • 🕸️ Web
  • 🌈 Misc

Planning:

UiTHack 2019 - thoughts and challenges

Motivation and vision

We want to create more interest and enthusiasm for security and related problems for students. For this, a noob-friendly Capture-the-flag competition is perfect! The idea is to expose people to gradually more challenging tasks, starting with very simple ones and moving to more complex ones. None should be too hard and some help will be given for those in need.

Challenge Categories

We define the following categories of challenges, with a minimum of three(3) in each category and up to six(6).

Noob
  • Noob1
  • Noob2
  • Noob3
  • Noob4
  • Noob5
  • Noob6
Misc
  • Reactivate GLADoS to hand out a flag
  • Up a flag to discord uithack server and td.uit instagram - Post picture in instagram
  • Esoteric horrorshow
Pwn
  • Format string exploit
  • Buffer overflow into authorization
Reverse Engineering
  • Flag hidden in hexdump of executable file
  • Password and username hidden in hexdump of executable
  • ???
Crypto
  • ceasar chipher, write in why we put what we put in terminal to solve rotation cipher?
  • Mabye run base64 again? let the studentgets familiar witht he syntax. Can write more lines thats encrypted, so that the studentshave to decrypt multiple lines, and recognice the end of a base64 encrypted file '=='. Mabye takes this as the second task.
  • Hash password, normal encryption, with one ore two lettes over f in the encryptet text? These will ned to be removed before decryption can take place. Have this as the pasword for a steganography picture? Should this be under misc? MOVE TO MISC
Web
  • Easy get request of flag in URL
  • Some forgotten password and username in source, different variations of this?
  • As with the newsletter sites, maby have a "box" cover the actuall site where the flag is pictured? Manipulation of the source to remove?

About

Languages

Language:C 56.4%Language:Python 28.3%Language:HTML 13.8%Language:Makefile 1.5%