Capture the Flag

Capture the Flag

Last Wednesday I took part in a capture the flag event organised by the Computer Society and BT here at Essex University. The event consists of trying to solve computer science related challenges and quizzes to win points. Each challenge is mapped to a country and the first team that solves it gets the maximum amount of points with the number of points decreasing the more teams solve the challenge.

The event, as usual for events organised in the last year or so, was quite well organised. It was great to see the students taking part in a computer science related event for fun (and pizza). Our team, “; DROP TABLES USR; –” won which was pretty good. The challenges were quite varied and our team consisted of two excellent students (and me muddling though things).

## Challenges

The challenges ranged from simple questions about computer security concepts to full blown decompile the program and find out what it’s doing. I mostly focused on getting the web tasks done for our team, solving puzzles that relied on techniques such as SQL injection, cookie stealing and Javascript deobfuscation. It’s the first time I’ve competed in an event like this and it was good fun.

There were three challenges that we didn’t managed to get, one of them involved URL parameter guessing and was fairly trivial if you knew the paramter. I’m still kicking myself about that one. There was an encoded data task that we’d over-thought but couldn’t identify what we were looking at and an RSA challenge that one of my team-mates had managed to solve but hadn’t realised he had the solution.

We had a few technical challenges at the beginning that required the board resetting (it wasn’t our team name, we promise :)), but once reset we were good to go. Scoring was paused over pizza time to stop teams getting too much of an advantage while everyone else was eating. The event was definitely worth while going to and thank you again for BT and our Computer Society for organising it.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.