DMOJ Capture The Flag '20

Welcome to DMOJ Capture The Flag '20!

This contest will be very different from the standard contests on the DMOJ, so you are recommended to read the entire page.

What is a Capture The Flag (CTF) competition?

The goal of a CTF is to do whatever it takes — exploit, reverse engineer, decrypt, analyze — to retrieve the "flag" from some files that you are given. The "flag" is a secret string hidden in the files. For more information, you can read this Wikipedia section (Note: this is a Jeopardy-style competition, not an attack/defense style competition).

Competition Parameters

  • This CTF will run from July 22, 2020 12PM to July 27, 2020 12PM. You will have the full contest duration.
  • The scoreboard will be visible for the entire duration of the CTF.
  • There will be some number of problems grouped into five categories: General, Forensics, Cryptography, Reversing, and Binary Exploitation. Unfortunately, due to the limitations of running a CTF on the DMOJ, there will not be any Web Exploitation problems.
  • Each problem will be grouped through the contest ranking label. General problems will be prefixed with G, Forensics with F, Cryptography with C, Reversing with R, and Binary Exploitation with B.
  • There will be no partials. The "weight" of each problem will be defined in a later section.
  • The CTF will be run on the Atcoder format with a time penalty of zero. In other words, you will be ranked based on your score, breaking ties with the earliest time taken to achieve that score.
  • This CTF will be unrated.
  • There will be no limit on submissions (Note: this is not an open invitation to perform a timing attack).

All problems are created by Ninjaclasher. Special thanks to Zeyu for testing.

Rules

  • Do not share flags/solutions with other contestants during the entire duration of the CTF.
  • You are free to use any materials you find on the internet.
  • Do not attack the judge infrastructure, other contestants, or the problem authors/testers.

Flag Format

All flags will follow the regex ctf{[A-Za-z0-9_]{30,64}}. An example flag is ctf{dmoj_c4ptur3_the_f14g_2020_cb5a6}.

Scoring

To follow the tradition of a CTF, all problems will be assigned a weight of 500 at the beginning of the contest and slowly decrease in weight as more contestants solve them. However, due to the overhead of recomputing problem weights live, we will only recompute problem weights once after the contest. Post contest, each problem will be assigned a weight using the following formulae:

Define \displaystyle  \text{clamp}(a, x, b) = \begin{cases} a & \text{if } x < a \\ x & \text{if } a \le x \le b \\ b & \text{if } b < x \end{cases}

\displaystyle  \text{score}(x) = -250 \tanh(4x - 1.5) + 285

Each problem will be assigned a weight of \lceil \text{clamp}(50, \text{score}(p), 500) \rceil, where p is \frac{\text{number of contestants who have solved this problem}}{\text{total number of contestants in the competition}}.

Category-Specific Information

We have listed some tips and setup information for the different categories below.

General

You should attempt these problems first. They will not require too much in-depth knowledge of any particular branch of a CTF, and should work on any OS.

Forensics

Google is your best friend :)

Reversing

Some of these problems may contain files that only work on certain architectures or operating systems. You are recommended to have a Virtual Machine ready.

Binary Exploitation

Binary Exploitation problems will utilize the DMOJ's interactive grading. You will be given the source code of the interactor, which will be identical to what the judge runs. Once you have a working exploit, you will need to submit a submission that will run the exploit against the judge's interactor (to print the flag).
Of course, these will all be sandboxed (so anything you are not able to do normally on the judge cannot be done here).

Questions?

If you have any questions or concerns about this competition, please contact Ninjaclasher on Slack at @Ninjaclasher.

Good luck and have fun!



Comments


  • 5
    aropan  commented on July 29, 2020, 3:33 p.m.

    Thanks for the good contest.


  • 4
    Ynng11626  commented on July 28, 2020, 4:20 a.m.

    wish I'd got more free points out of this


  • -14
    prophet  commented on July 28, 2020, 3:52 a.m. edited

    This comment is hidden due to too much negative feedback. Click here to view it.


    • 12
      Ynng11626  commented on July 28, 2020, 4:15 a.m. edit 2

      At least for me, sometimes I'd see 32 random characters, and just figure to try it out with ctf{ and } added. I mean, why not? there's no penalty


  • 7
    namandude1008  commented on July 26, 2020, 2:00 p.m.

    how can we get a demo or any tutorial on how to get started with CTFs?


    • 5
      skyflaren  commented on July 26, 2020, 6:36 p.m.

      There's a lot of material online you can look into, here's a few links you might find helpful:

      Primer on CTFs: https://www.youtube.com/watch?v=8ev9ZX9J45A Resources: https://picoctf.com/resources Multitool: https://gchq.github.io/CyberChef

      In general, I recommend reading write-ups of previous challenges; afaik the author of this contest will be doing editorials after, I highly suggest you to look some over. There's also some websites like ctflearn.com that you can do more practice on, and ctftime.org for future CTFs. Having experience making things like web apps or programs will also definitely help; if you know how something works, you know how to take it apart.

      (Also just googling things can definitely help lol)


  • 5
    Encodeous  commented on July 22, 2020, 1:30 p.m.

    cout << Ninjaclasher;


  • 16
    quentin9909  commented on July 20, 2020, 6:56 p.m.