Capture the Flag

Overview

In this assignment you will try out some of the skills you have learned this semester through a capture-the-flag (CTF) style assignment.

A “flag” is an 8-digit hexadecimal value. There are five of them, and each one is obtained after overcoming some type of challenge. Also, each one leads to the next. To begin, start at the web page listed on the Canvas landing page. Be sure to read what’s on that page!

Flags are all 8 digit hexadecimal values; the case does not matter. Whenever you find a flag, it will be obvious. They will appear in one of two forms:

• A flag could be something you have to find, such as a file name or a password. It will be clearly told to you when this is the case.
• All other situations will explicitly state what the flag is in the form “Flag 1 is 01234567”

You will be submitting an edited version of ctf.py (src).

Expected changes

There are a few additions that will happen to this homework over the next few days

• There may be a few more fields added to ctf.py](ctf.py.html) (src). These would be descriptive type fields (“how did you like the assignment?”)

Background

An evil hacker has penetrated our systems. We don’t know much about what happened, but we did manage to get a .pcap file from a telnet session he used. We know he read some messages in that telnet session, and from the information he gained from those, he went to work attacking our systems. He bounced around to a number of websites, and did some other strange stuff on our network. It’s your task to track his progress down.

Changelog

Any changes to this page will be put here for easy reference. Typo fixes and minor clarifications are not listed here. So far there aren’t any significant changes to report.

• Thu, Apr 25: a hints page is available; see the links on the CTF home page (the link to the CTF home page is in Canvas’ landing page)