This repository contains the challenges for DCTFSI26.
Most of the challenges will also stay available on vuln.si.
Flag format is dctf{...} unless otherwise specified in the description of the challenge (challenge.yml).
Choose a template from the intro folder depending on your needs, copy it to this folder and update the relevant files.
After you're done and you need a review from the Repository owners create a new branch with your changes and a pull request.
When choosing a template it is recomended to read the linked details, so you can see why we made certain decisions.
When creating a misc challenge you might be able to use an existing template. If not, create your own setup and we'll integrate it into the infra, but notify us in advance!
Regardless of the template you need to update the Makefile which specifies how to build, run and distribute the challenge.
The pwn template is meant for challenges that need a raw socket server to function.
These are usually pwn challenges, some rev challenges and in other cases misc challenges.
Since we need to protect the containers running the challenges we prepared the template that leaves the flexibility of the possible exploits but protects our resources like the local network and the flag file
In the case where this template is not enough for your needs you can create your own, but try to keep the below notes in mind.
- Port should be set to 1337, since we'll provide a reverse proxy before the containers.
- The user and group IDs will be set later in the container, so you don't need to do it before. But do set the correct permissions for "other" users if needed.
- Challenge files should be in the root directory, since that one will be set to read-only.
- The description's IP and port will be appended later on, so no need to write it in the
challenge.yml.
In case you need a raw socket server to host a challenge you should take a look at the pwn template.
This rev template is for challenges that can be solved with just the binary or similar (i.e. in connection with crypto).
The only change you need here is updating the challenge.yml with the correct files for solving the challenge.
If the challenge is connected with having a server, take a look at pwn or if you need a binary but no server you can take a look at rev.
This template of a web challenge is for single instance websites which don't connect to other services (like mysql).
Since the web apps are so different it is hard to create a single template for them all, but here are some notes that you should follow.
- The web service should listen on
0.0.0.0:8000, since we have an overlaying reverse proxy set up later on. - If you have a flag file, you should put it in the root directory (i.e.
/flag.txt), since the root is better protected by the infrastructure. - You need to update the
challenge.ymlfile to provide the files needed. The only uploaded file should be a zip, for easier download (we might provide a simplified solution to automatically do this later on).
If your use case is different in any case feel free to create a different setup but coordinate that with the DCTF moderator team on discord.