A Warm Up for Capture the Flag

I have been using Capture the Flags (CTFs) in my classrooms since 2013 and been training teachers in their use since 2017. While I wholeheartedly appreciate the staggering amount of work picoCTF and Carnegie Mellon do and did, I always felt that there was a learning curve issue they were having difficulty meeting. At the same time, I have seen other CTFs come and go and, invariably, they seem to be not as interested in the learning curve as I am.

Don’t know what a CTF is? I wrote this many years ago and it is out of date, but it will get you up to speed. I’ll also be updating it extensively once I get the CTF of my dreams built:

http://ceos.io/ctf-teacher-guide-draft.pdf

So, long story short, I am embarking on an ambitious task to create a truly beginner friendly CTF that even the most inexperienced CS teacher can feel safe in using in their classroom. At the same time, I hope it will double as an entry way for teachers who aren’t ready to expose their students to a CTF and want to learn enough to be comfortable using them in their classrooms. Here is the list of warm up topics currently up:

Hello World – Literally here is the flag, put the flag in

BaseBall – Convert binary, octal, and hexadecimal to decimal

Extensions Lie – Teach that you pretty much have to ignore the three letter extension at the end of the file

Go To Considered Harmful – Basic search engine research

K&R – More basic search engine research

SuperBase – Base64 encoding

Use the Telnet Force – telnet

Zip Line – File magic numbers and hex editors

Ask and Ye Shall Receive – Hex to ASCII

Big Blue – Hex to well.. something other than ASCII 😉

The Wonderful Wizard of Woz – Hex to ASCII with an Apple II twist

The Source – Learning how to show source in your browser

Hello Zip – Decompressing zip files

A Sticky Situation – UNIX/Linux tar fun

grep is Your Kinsman – grep fun

Net Kitty – nc (netcat)

A key feature is that these problems are not designed to be tricky, but rather to give students (and teachers) a baseline to do more complicated CTFs. The problems are entirely designed to teach a specific CTF topic, rather than confuse students, and additionally direct them to resources they need to solve these (and more complicated) problems. I’m also big into teaching computer history, so you can will see I have snuck some of that into the problems, as well.

I have tried to make it as platform agnostic as possible, by avoiding some of the more CLI based fundamentals (at least for the warm up). I am trying to remain as iPad and ChromeBook friendly as possible.

Long story short, I am pleased to announce that the warm up questions are available to both teachers and students alike at:

Edit:

https://warmup.ctfd.io

Inspired by: picoCTF
Made possible by: ctfd.io

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: