I have been using Capture the Flags (CTFs) in my classrooms since 2013 and been training teachers in their use since 2017. While I wholeheartedly appreciate the staggering amount of work picoCTF and Carnegie Mellon do and did, I always felt that there was a learning curve issue they were having difficulty meeting. At the same time, I have seen other CTFs come and go and, invariably, they seem to be not as interested in the learning curve as I am.
Don’t know what a CTF is? I wrote this many years ago and it is out of date, but it will get you up to speed. I’ll also be updating it extensively once I get the CTF of my dreams built:
So, long story short, I am embarking on an ambitious task to create a truly beginner friendly CTF that even the most inexperienced CS teacher can feel safe in using in their classroom. At the same time, I hope it will double as an entry way for teachers who aren’t ready to expose their students to a CTF and want to learn enough to be comfortable using them in their classrooms. Here is the list of warm up topics currently up:
Hello World – Literally here is the flag, put the flag in
BaseBall – Convert binary, octal, and hexadecimal to decimal
Extensions Lie – Teach that you pretty much have to ignore the three letter extension at the end of the file
Go To Considered Harmful – Basic search engine research
K&R – More basic search engine research
SuperBase – Base64 encoding
Use the Telnet Force – telnet
Zip Line – File magic numbers and hex editors
Ask and Ye Shall Receive – Hex to ASCII
Big Blue – Hex to well.. something other than ASCII
The Wonderful Wizard of Woz – Hex to ASCII with an Apple II twist
The Source – Learning how to show source in your browser
Hello Zip – Decompressing zip files
A Sticky Situation – UNIX/Linux tar fun
grep is Your Kinsman – grep fun
Net Kitty – nc (netcat)
A key feature is that these problems are not designed to be tricky, but rather to give students (and teachers) a baseline to do more complicated CTFs. The problems are entirely designed to teach a specific CTF topic, rather than confuse students, and additionally direct them to resources they need to solve these (and more complicated) problems. I’m also big into teaching computer history, so you can will see I have snuck some of that into the problems, as well.
I have tried to make it as platform agnostic as possible, by avoiding some of the more CLI based fundamentals (at least for the warm up). I am trying to remain as iPad and ChromeBook friendly as possible.