CTF challenges for csictf 2020.
Explore the docs Β»
View Demo
Β·
Report Bug
Β·
Request Feature
This is a repository to store CTF challenges to be deployed for csictf.
Note: This is a beginner CTF, hence the challenges should be of easy / moderate difficulty.
Note: DO NOT PLAGIARIZE challenges from other CTFs. You can take inspiration but not have the exact same challenge.
The following are the categories of challenges that are to be made:
- Pwn
- Web
- OSINT
- Linux
- Crypto
- Forensics
- Reversing
- Miscellaneous
- Clone the repo
git clone https://github.com/csivitu/ctf-challenges.git- The flags must be enclosed in
csictf{}. - They can have numbers, alphabets,
_s,'s,!s,.s,-s,@s,#s,$s,%s,:s,>s. - They must be related to the challenge.
- They must not be so simple that you can guess them.
Here's a regex for the flag format.
/^csictf{[\w_!@#?$%\.'" :->]{5,50}}$/
Here's a sample flag.
csictf{th1s_i5_4_s4mpl3_fl4g' !-.@#$%?}
The following are guidelines for creating challenge folders.
- Each challenge has it's own folder, which is placed in the relevant directory amongst the ones enlisted above.
- Each challenge must have a
README.mdfile describing how to solve the challenge, along with the relevant code / files that needs to be run / deployed on the server. - The flag must be present in the
README.mdfor the challenge. - We prefer having each challenge in it's own docker container, so that it's simple to deploy.
- pwn/
- n00binary/
- static/
- img1.png
- README.md
- n00binary
- n00binary.c
- Dockerfile
- web/
- localize/
- README.md
- localize.php
- Dockerfile
The static folder contains images that may be used in the
README.md.
As mentioned earlier, each challenge requires a README. The README must be written in such a way that this can serve as an official write-up later. This should have the following format.
# Challenge Name
Author: [author](https://github.com/author)
## Description
Brief Description about challenge
## Requirements
- Docker: [Dockerfile](./Dockerfile)
## Sources
- [sample.py](./sample.py)
- [sample.txt](./sample.txt)
<!-- Remove this comment, and the '\' before '```' -->
\```
Challenge description to go up on the website.
Hint 1: If any - Points 100
Hint 2: If any - Points 200
\```
## Exploit
<!-- Much more detailed description than the following. -->
Reverse `sample.py` to decrypt the flag in `sample.txt.`
<br />
The last line should be the flag.
<br />
The flag is:
\```
csictf{some_flag_here}
\```
Refer to this sample for writing the exploit section.
Every challenge must have a challenge.yml, in the format specified in challenge-example.yml. This is MANDATORY, without this the challenge will not be deployed. Remove the comments in the specified format, leave out the value, decay and minimum keys as they are in the template. Every challenge has 500 points initially and decays to 100 points over 450 solves.
Here are some Dockerfiles you can refer to while making your own. Make sure you test it locally before making the PR.
Make sure you read the Dockerfiles and include the necessary files like the flag.txt. REMEMBER TO ADD THE README.md and challenge.yml FILES TO .dockerignore, BECAUSE IT HAS THE SOLUTION..
Besides contribution of challenges, contribution of ideas for challenges is also appreciated. You can put forward your ideas to @roerohan, @theProgrammerDavid and @thebongy.
Contributions are what make the open source community such an amazing place to be learn, inspire, and create. Any contributions you make are greatly appreciated.
- Fork the Project.
- Submit your idea for the challenge in the respective
README. - File a Pull Request with the
challenge-ideatag. Each challenge must have it's own PR. - Once the challenge is approved, the tag is changed to
challenge-approved, we comment on the PR. - Build the final challenge and update the same PR.
- Make sure all commit messages are in accordance with the guidelines in CONTRIBUTING.md.
- Any issues in the challenge will be addressed using GitHub Issues.
You are requested to follow the contribution guidelines specified in CONTRIBUTING.md while contributing to the project π.
Distributed under the MIT License. See LICENSE for more information.
Thanks goes to these wonderful people (emoji key):
This project follows the all-contributors specification. Contributions of any kind welcome!