Description
This assignment will focus on the exploration of vulnerabilities in a competitive manner. The objective if for you to compete in one Jeopardy Capture The Flag (CTF) available at CTFTime of choice, solving challenges for the pwn and web categories. No challenge can be considered as introductory (warmup). It is strongly recommended that you engage in simple challenges to acquire the required skills and tools, then moving to more complex challenges.
In order to complete the assignment, you should enroll in CTFTime, and then use the same username to enroll in the specific CTF. If you need a team, use the UAC team. Apply and send a message for your request to be authorized. There is also a Discord server with other players. An invite code will be provided during the first class.
The assignment should be implemented by a group of 4 students.
Delivery and Grading
Delivery should consist of a compressed ZIP, encrypted with the password infected, submitted through elearning. The package should includee:
- Information regarding the CTF participation (CTF, usernames, dates, links)
- Challenge information: description, points, difficulty, assets/files
- The solution to the challenge a description (writeup), describing what is exploited and how
- Screenshots of you solving it.
The flags and simple solutions must be uploaded to elearning before the CTF ends. The assignment can be updated up to 24h later with improved writeups.
Grading will take in consideration the detail of writeup and the difficulty of the challenges. En easy challenge will award up to 33% of the grade, a medium will award up to 66% and a hard will award up to 100%. The number of challenges solved will vary with their difficulty.
All materials submitted must be created by the report authors. Using materials from other sources (public writeups) without reference will be considered as plagiarism.