;

Introduction

On August the 5th, 2017 SHA2017 hosted a CTF (Capture The Flag) hacking competition. CTF.zone and the Eindbazen team took care of the organization of the CTF competition. This document contains the overall results of the CTF as well as description of the involved challenges.

CTF Summary

CTF stands for Capture the Flag, a game consisting of security and hacking related challenges where teams or individual players have to “capture flags” to score points. Flags can generally be captured by solving challenges or by hacking systems. The goals of playing CTFs are extending knowledge, training people, using and practicing skills and improving team work. CTFs can further be hosted for recruitment purposes and skill testing. Irrespectively of the purpose a good CTF should mostly be fun to play. CTFs are always held in controlled environments where the CTF organizer has full control and permission over the involved systems and challenges. The exercises in a CTF are never illegal or disrupting.

The SHA2017 CTF type was Jeopardy style, this type of CTF consist of multiple separate challenges which need to be solved to score points. The style is based on the old TV show Jeopardy because of the similar setup. The challenges in a Jeopardy style CTF are divided in specific categories and difficulty levels. In Jeopardy CTFs people can have the option to focus on the type of challenges they have experience or knowledge in, by choosing which category they try to solve a challenge in. This combined with the multiple difficulty levels makes the Jeopardy style CTFs suitable for players with different backgrounds and skills.

Junior CTF

Besides the CTF, there was also a junior CTF, designed for beginning CTF players and to promote CTFs to visitors of SHA2017. The statistics of the junior CTF can be found here.

Sponsors

We would like to thank our sponsors who made this CTF possible. Without them it wouldn't be possible to create the CTF.

Teams

Subscription to the CTF was open several days before the start of the CTF. 651 teams subscribed before the start, 686 teams joined after the CTF was started, bringing the total to 1337 teams playing the CTF. There were 119 teams playing from the SHA2017 campsite. From all the teams 462 teams managed to solve at least one challenge. A total of 3218 unique IP-addresses connected to the scoreboard.

There were a total of 4161 flag submissions. The total of solved challenges is 1962, which means there were 2199 failed submissions.

There were NO teams who managed to solve all challenges. The team with the most points was "Eat Sleep Pwn Repeat" which managed to score a total of 4900 making them the winner of the CTF. They solved all but 2 challenges of the CTF

Country Statistics

The CTF was played by teams from all over the world. The top 15 best scoring countries can be seen in this overview:

# Country Teams Points
1 United States 202 35000
2 Germany 67 24000
3 Korea, Republic of 92 18200
4 Russian Federation 77 16600
5 Poland 31 14600
6 Netherlands 74 14100
7 France 49 14000
8 Multiple countries 9 13100
9 Japan 43 12900
10 Romania 21 11900
11 China 49 7100
12 Austria 10 6300
13 Viet Nam 46 5000
14 Taiwan 18 4600
15 India 75 4600

Challenges

The categories used during the CTF were binary, crypto, forensics, misc, network, pwnable and web, the categories contained different levels of difficulty being scored as 100, 200, 300 and 400 points. All challenges in each category are described below.

Binary

100 - Suspect File 1
Description We found some software on our suspects development server, it looks like they created some different versions, are you able to crack the software?

Challenge created by the Digital and Biometric Traces division of the Netherlands Forensic Institute.
Solves 63 out of the 1337 teams solved this challenge
100 - asby
Description Eindbazen team member asby has by far been putting the most energy and time in creating the SHA2017 CTF. To honor his dedication and all his effort we created this challenge as an ode to him.

You can choose to reverse engineer this challenge or you can "asby" it. Good luck with the option you choose.
Solves 331 out of the 1337 teams solved this challenge
200 - Suspect File 2
Description We found some software on our suspects development server, it looks like they created some different versions, are you able to crack the software?

Challenge created by the Digital and Biometric Traces division of the Netherlands Forensic Institute.
Solves 10 out of the 1337 teams solved this challenge
300 - ESPecially for you
Description Since everyone on SHA2017 walks around with an ESP processor around their neck we thought it would be nice to make an ESP reversing challenge.
Solves 7 out of the 1337 teams solved this challenge
400 - Suspect File 3
Description We found some software on our suspects development server, it looks like they created some different versions, are you able to crack the software?

Challenge created by the Digital and Biometric Traces division of the Netherlands Forensic Institute.
Solves 7 out of the 1337 teams solved this challenge

Crypto

100 - Stack Overflow
Description I had some issues implementing strong encryption, luckily I was able to find a nice example on stackoverflow that showed me how to do it.
Solves 155 out of the 1337 teams solved this challenge
200 - Secure Login
Description This server uses signed tickets to allow users to login, can you find the flag?
Code:
nc secure-login.stillhackinganyway.nl 12345
Solves 67 out of the 1337 teams solved this challenge
400 - Flaghider
Description Our enemies are using a custom cryptographic algorithm to hide flags. Luckily we have been able to find a binary that performs the encryption. Can you find out how it works and recover the flag?
Solves 0 out of the 1337 teams solved this challenge

Forensics

100 - WannaFly
Description My daughter Kimberly her computer got hacked. Now she lost all her favorite images. Can you please help me recover those images?
Solves 187 out of the 1337 teams solved this challenge
100 - Compromised?
Description We think our system got compromised, our hosting company uses some strange logtool. Are you able to dig into the logfile and find out if we are compromised?

Challenge created by the Digital and Biometric Traces division of the Netherlands Forensic Institute.
Solves 159 out of the 1337 teams solved this challenge
300 - Samsung S4
Description A forensic investigator was wondering how hacker boxes like RIFF and Z3X use JTAG on a Samsung S4 phone while the main cores have debugging disabled.

Challenge created by the Digital and Biometric Traces division of the Netherlands Forensic Institute.
Solves 15 out of the 1337 teams solved this challenge

Misc

200 - Growing Up
Description You remember the day you started hacking or playing CTF's? You can relive these days by playing our junior version. Just solve all challenges to get the flag ;-)
Solves 158 out of the 1337 teams solved this challenge
300 - Stolen Bitcoins
Description Someone stole our Bitcoins, luckily we captured the transaction. Can you find the flag that will allow us to get them back?
Solves 22 out of the 1337 teams solved this challenge

Network

100 - Vod Kanockers
Description The name is Kanockers. Vod Kanockers.
Solves 218 out of the 1337 teams solved this challenge
200 - Malware Testrun
Description We heard a rumour that our website will be used to distribute malware. We believe we captured a test run of it. Can you find out what the malicious content will be?
Solves 131 out of the 1337 teams solved this challenge
300 - Abuse Mail
Description Our abuse desk received an mail that someone from our network has hacked their company. With their help we found some suspected traffic in our network logs, but we can't find what exactly has happened. Can you help us to catch the culprit?
Solves 62 out of the 1337 teams solved this challenge

Pwnable

200 - Megan-35
Description We created our own Megan-35 decoding tool, feel free to test it. System is running Ubuntu 16.04, ASLR is disabled.
Code:
nc megan35.stillhackinganyway.nl 3535
Solves 59 out of the 1337 teams solved this challenge
200 - Title Case
Description How Annoying
Code:
nc titlecase.stillhackinganyway.nl 1337
Solves 7 out of the 1337 teams solved this challenge
300 - d1d13r
Description We stumbled upon a couple of generic purpose tools with sp3c14l capabilities. Can you abuse those?
Solves 17 out of the 1337 teams solved this challenge
400 - Echo Service
Description No %n for you
Code:
nc echo.stillhackinganyway.nl 1337
Solves 11 out of the 1337 teams solved this challenge

Web

100 - Bon Appétit
Description We are creating a new web-site for our restaurant. Can you check if it is secure enough?
Solves 234 out of the 1337 teams solved this challenge
200 - Ethical Hacker
Description Are you a worthy ethical hacker? Join us on Ethical Hackers United.
Solves 33 out of the 1337 teams solved this challenge
300 - Eindbazen Election
Description Dutch election software seems to be broken. We created our own election software to vote for your favorite Eindbaas (Eindbazen-member)! Can you check if it is secure enough?
Solves 7 out of the 1337 teams solved this challenge
400 - A View Of Holland
Description To get an idea of Holland feel free to browse our image gallery!
Solves 2 out of the 1337 teams solved this challenge

Final Scoreboard

Scoreboard

The final scoreboard of the competition can be seen below, showing the results of the top 25 teams and the amount of points each team scored.

# Team Country Points
1 Eat Sleep Pwn Repeat Germany 4900
2 Just Hit the Core Poland 3600
3 HackingForSoju Sweden 3500
4 Tasteless United States 3400
5 dcua Ukraine 3100
6 We_0wn_Y0u Austria 2900
7 glua.team Multiple countries 2600
8 GoSSIP China 2600
9 ALLES! Germany 2600
10 Northern Coalition Canada 2600
11 H4x0rPsch0rr Germany 2600
12 InSecurity France 2600
13 vxrl Hong Kong 2600
14 Hayyim Korea, Republic of 2600
15 dodododo Japan 2300
16 OpenToAll Antarctica 2300
17 cnc Thailand 2300
18 Harekaze Japan 2300
19 p4team Poland 2300
20 calCode Korea, Republic of 2200
21 U202E France 2200
22 Hackademia United States 2000
23 Eat Pwn No Sleep Korea, Republic of 2000
24 ASIS Iran, Islamic Republic of 2000
25 Tits R Nice Multiple countries 2000

Scores over time

The progress of the top 10 teams participating can be seen in the graph below, showing the points scored by each team over time during the competition.




Solve Table

 Challenges
 bincryformisnetpwnweb
 

100

100

200

300

400

100

200

400

100

100

300

200

300

100

200

300

200

200

300

400

100

200

300

400

Eat Sleep Pwn Repeat  
Just Hit the Core      
HackingForSoju      
Tasteless       
dcua       
We_0wn_Y0u        
glua.team          
GoSSIP          
ALLES!         
Northern Coalition          
H4x0rPsch0rr         
InSecurity          
vxrl         
Hayyim          
dodododo          
OpenToAll          
cnc          
Harekaze           
p4team           
calCode           
U202E           
Hackademia            
Eat Pwn No Sleep           
ASIS           
Tits R Nice            

We thank our sponsors: