Skip to content

Repo containing links to all CTF Challenges used in the 2017 MITRE CTF.

License

Notifications You must be signed in to change notification settings

mitre-cyber-academy/2017-ctf-game

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 

Repository files navigation

2017-ctf-game

The following is a list of all of the challenges used for the 2017 CTF along with their description and link for convenience. Each of these challenges contain a README which well tell you how to stand up the challenge and the correct key to allow you to check yourself when you solve it.

Crypto

Title Value Repository Description
🅱️🍕 150 2017-Crypto-150 🚩🤷🚩

Hint: The key is 2 characters long
Custom Packed Executable 200 2017-Crypto-200 We found these two suspicious files, "_1._" and "_2._", on one of our ICS-connected devices following an incident response investigation. We can't figure out what they are. Can you?

Note: Linux users need to use Wine.
Note: Flag format is `flag{...}`.
Off the Chain 300 2017-Crypto-300 I found these bits and bytes laying around by that tree. Can you help?

Forensics

Title Value Repository Description
Forgotten 50 2017-Forensics-50 All these rules about letters, numbers, and symbols. I always keep forgetting.
Onyxia 100 2017-Forensics-100 Odd groups go to the left, even groups go to the right. Seven and eight are whelp groups.
Ghost of a Chance 150 2017-Forensics-150 The router is probably maximized, but the Internet is fine.
What I.P. Waiver? 200 2017-Forensics-200 An employee is suspected of stealing and exfiltrating sensitive intellectual property about a newly developed tool. A forensic acquisition was conducted on the suspects system and identified several files that may contain company intellectual property. Reconstruct and complete a SHA-1 hash of the original file.
Layers of Fun 400 2017-Forensics-400 Your Network Security Team presents you with a PCAP file and states that it contains evidence of data exfiltration. Can you find the flag that was exfiltrated along with the data?

Note: Flag format is `flag={flag}`

Grab Bag

Title Value Repository Description
Level 1 150 2017-Grab-Bag-150 Welcome to the game that is sweeping the nation. Mario got nuthin on this!

How to Run Client:

Run preInstall.sh which installs 32-bit libraries that the game requires. Once the script completes, the game will run automatically and have an icon to re-run.

Note: The last line in `preInstall.sh` should be `/opt/AGE/runner`, not `/opt/AGE/AGE`
Gyro King 200 2017-Grab-Bag-200 A recent exploit was discovered that allows malicious apps to read data from the gyroscope of a phone fast enough for it to pick up the faint vibrations of audio, attached is a list of the data that was obtained from the gyroscope sensor.
Lorem ipsum 200 2017-Grab-Bag-200 You may have to crank up the speakers, which is not always desirable.

Hint: Check file in a hex editor and then use Audacity

Binary

Title Value Repository Description
101 gnisreveR 100 2017-Binary-100 ?elif siht esrever uoy naC

Note: Flag format is `flag{...}`.
Return to Sender 150 2017-Binary-150 I'd like to cancel my mail.

To connect: `ssh [email protected] -p2200`
ReDanker 200 2017-Binary-200 Doot doot. SPIMster SKILENTON is back and danker than ever. Can you solve his dank challenge?
PyGolf 300 2017-Binary-300 See if you can score a hole in one.

Connect to the box using `ssh [email protected] -p2200`

Web

Title Value Repository Description
Trust Issues 50 2017-Web-50 I'd like to file a complaint about your website, it doesn't work correctly.
Security Camera 100 2017-Web-100 That home security camera I purchased was so BAD! I could only get ten frames per second on my eight core processor so I had to return it.

I wonder what kind of frame rate the next person gets...
Captchaured 150 2017-Web-150 We're gonna catch all the bots with our new patented "Bot Detection System".
Take a Shot 200 2017-Web-200 Let us render your webpage for you, what could go wrong?

About

Repo containing links to all CTF Challenges used in the 2017 MITRE CTF.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published