TBTL CTF 2024
What is it?
CTF is a competitive hacking event, similar to IOI or ICPC, but in the domain of cybersecurity. Teams usually face a number of challenges about cryptography, binary reverse engineering and exploitation, web vulnerabilities, digital forensics, etc.
Each challenge has a relatively well-defined goal (e.g. exploiting an insecure
cryptographic protocol), and reaching that goal allows the contestants to
uncover (capture) a flag, which is some secret string like
TBTL{Th15_15_4_Dummy_Fl4g}
. The team then submits a flag in exchange
for points. The team with the most points wins.
Basically, being successful at a CTF competition entails having a deep understanding of computer systems and security.
This particular CTF is organized by the employees of TBTL (The Blockhouse Technology Limited) Zagreb, with the main goal being connecting with talent in Croatia that has an interest in the field of cybersecurity.
When is it?
TBD
Registrations will open at least 72 hours before the contest starts.
Competition Format
The competition consists of a bunch of challenges divided into the following five categories (standard Jeopardy format):
- Web — Finding vulnerabilities in insecure web applications.
- Crypto — Exploiting insecure usage of cryptography and cryptographic protocols.
- Rev — Uncovering the inner workings of a static binary via reverse engineering.
- Pwn — Exploiting vulnerable programs running on a remote server.
- Misc — Anything and everything that doesn't fit in the other categories (e.g. digital forensics, esoteric languages, etc.)
Rules and Fair Play
- Unless specified differently in the challenge, the standard flag format is
TBTL\{[A-Za-z0-9_!]+\}
- This is a team competition, each team can consist of at most 4 members, and may not seek any external help.
- Everyone is welcome to compete, although you must be a Croatian university student to be eligible for prizes.
- Your rank on the scoreboard depends on:
- your total number of points (higher is better);
- the timestamp of your last solved challenge (earlier is better).
- Don't brute-force the flags, it won't get you anywhere.
- Sharing flags, hints, or solutions while the CTF is still running is strictly forbidden.
- You are not allowed to attack the scoreborad, our infrastructure or other teams. The scope of each challenge should be pretty well-defined. When in doubt, you can always contact us at [TBD].
Prizes
TBD