Skip to content

Latest commit

 

History

History
61 lines (39 loc) · 3.46 KB

README.md

File metadata and controls

61 lines (39 loc) · 3.46 KB

d:CTF 2023

d:CTF Logo

The CTF competition arranged for the d:hack 2023 hackathon at DIPS AS.

Challenges designed by @raymonshansen, @olivernilssen, @orjanj and @jaalu.

Setup

If you have Docker Compose installed, you can run the challenges yourself by cloning the project and running docker-compose up in the root directory.

Note that Next Generation Calculator is commented out as it is very resource-intensive.

Challenge types

Challenges are divided into five categories:

  • Crypto: challenges about cryptography and code breaking
  • Investigation: challenges about reverse-engineering secrets and data from files and programs
    • This category covers both reverse-engineering and forensics categories in other CTFs
  • Pwn: challenges about discovering and exploiting vulnerabilities
  • Misc: challenges about creative problem solving
  • Web: challenges about exploiting vulnerabilities in web applications

Useful tools

Windows utilities

  • Windows Sandbox lets you set up disposable Windows environments quickly - nice if you only need a tool for a specific challenge!
  • Windows Subsystem for Linux lets you set up a Linux environment as part of your Windows installation.

Programming

  • If you're new to programming, Python is a nice scripting language with lots of resources available.
  • Some challenges may require the .NET SDK

Cryptography

  • CyberChef - a Swiss army knife of cryptography, which offers encryption, decryption and general file analysis tools
  • DCode - handy utilities for analyzing and breaking classical ciphers

Investigation/Reverse engineering

  • GHIDRA - a full software reverse engineering suite, offering disassembly, decompilation, and graphing
  • IDA Free - the free version of the established reverse-engineering and debugging toolkit, also offers a decompiler
  • dnSpy - .NET assembly decompiler and editor
  • dotPeek - JetBrains' .NET decompiler
  • Binwalk - file analysis tool

Web

  • The browser developer tools -- accessible with the shortcut F12 in Firefox and Chromium-based browsers
  • Postman - lets you craft your own HTTP requests to web apps
  • Fiddler - lets you observe traffic to and from your computer

Pwn

  • Burp Suite - toolkit to map and exploit vulnerabilities in web applications
  • Pwntools - a Python library with utilities for networking, exploit development and common CTF tasks