Attention Miners (and hackers)!
The MetaCTF Team and WWHF crew has been hard at work preparing an exciting set of challenges for this year’s competition. Similar to last year, the CTF will span both days of the conference, starting after the opening keynotes and closing on Friday afternoon. As opposed to the stump-the-chump style events, this is a learning CTF. While there will be plenty of hard challenges, the goal is for you to walk away with some new tools, techniques, and skills. Challenges will span a number of categories including reconnaissance and web exploitation to forensics and maybe even some hardware hacking. It will be team based, so make sure to get some friends together or meet some new people at the conference! You will need an updated Kali machine, but we will provide everything else. Based on past CTFs, you can expect to see some of the below topics as well as new ideas we’ve put together.
Entry Level: Geared towards beginners and those with less technical backgrounds, these problems focus on your basic infosec fundamentals.
● Rot N encoding
● Google Fu / OSINT
● Examining website source code
● Basic file analysis (eg. file, strings)
Intermediate: Don’t be afraid to dive deep into the unknown and learn how things work, identifying and exploiting vulnerabilities, using common toolkits, and more.
● Extracting objects from Wireshark dump
● SQL Injection
● URL Fuzzing
● Cracking password hashes (using john, Hashcat, etc)
● Reverse Engineering and Disassembly
Hard: Put your security ninja skills to the test with challenges designed to make you think outside the box, reverse binaries and encryption, and break into systems.
● Blacklist filter evasion for SQL Injection
● Binary Exploitation (buffer overflows and more)
● Cracking RSA Encryption
● Multi-step OSINT investigation
Finally, good luck to everyone, and we’ll see you deep in the mines of the Black Hills in South Dakota!
– MetaCTF Team and WWHF CTF crew