Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

SpiderLabs Capture the Flag 2020 Results

Picture0

 

Overview

Capture The Flag (CTF) competitions are globally popular among both professionals and enthusiasts in information security. CTF competitions are often great fun, but they also play an invaluable role in improving the skills of security specialists. A tournament will usually take anywhere from a day to a couple of days and is conducted over the internet or face to face in the “olden times”. During that time teams try to solve as many security and hacking-related challenges as possible, each challenge is considered a “flag” and each flag is typically worth a range of points depending on the complexity of the challenge.

Picturea

 

Trustwave SpiderLabs recently hosted a CTF tournament directly supporting the BlackHat 2020 US conference. The Jeopardy-style competition took place from August 6 to 8, 2020 and it brought hackers and security enthusiasts from all over the world.

The Jeopardy style, one of the most common CTF types, is a list of challenges that each act as a flag worth a certain amount of points. The flags were a random string, collection of hexadecimal numbers or even whole sentence. These challenges involve skills like exploiting a vulnerability, solving programming or logic problems or just drill the internet for OSINT in order to find a mystery flag. Teams compete for the highest number of points they can score in a given time frame – 48 hours in this case.

A dedicated Discord server was available all the times for players and tournament administrators for communication, questions and concerns. During the tournament the SpiderLabs CTF page was active serving as a central spot to follow things like challenges, scoreboard and flag submission form.

The Events in Numbers

Across all the challenges and flags, there was a maximum of 8600 points. The winning team got 6300 points. Out of the 43 challenges only 3 remained unsolved.

The CTF proposed nine different categories:

  • Exploit
  • Reverse engineering
  • Software Defined Radio
  • Web
  • Crypto DFIR
  • Misc
  • OSINT
  • Cortex XDR by Palo Alto Networks

The challenge that was solved the most was solved 136 times. It was an OSINT challenge. Three challenges were solved only three time, which included two exploit challenges and one reverse engineering challenge. Also, while a total of 24,411 flags were submitted, only 8.2% (2002) were valid flags. Hint for future CTF participants: brute forcing the scoreboard usually will not pay off that much, but nice try.

The Scoreboard

From over 500 registered teams, 189 scored points. A maximum number of 6 participants per team was allowed. Teams had 43 challenges to choose from different categories with various complexity levels and point values:

Picture1

 

And The Winner Is…

Picture2

Picture3

 

Winners

The following prizes went to the best Teams:

1st Place - $2,500 Playstation, Nintendo, Steam or Xbox live Gift Card
2nd Place - $1,000 Playstation, Nintendo, Steam or Xbox live Gift Card
3rd Place - $500 Playstation, Nintendo, Steam or Xbox live Gift Card
4th-100th Places – a SpiderLabs CTF custom T-shirt

Congratulations to the ‘Bat Squad’ team for an amazing score and winning the CTF tournament. Also, congratulation to ‘gmu_mcc’ and ‘efiens’ teams for the second and third places. Great job!

In Conclusion

It is always challenging to create CTF challenges and ensure that the participant will follow the intended path. At least one challenge was solvable using a simpler path. But in the end of the day hacking is about the destination and not the journey. If you missed the event and want to try some of the challenges that were presented some of the challenges are going to be hosted on the https://ringzer0ctf.com website.

Happy hacking and see you next year!

Latest SpiderLabs Blogs

Using AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys

When working with Amazon Web Services (AWS), we often find that various AWS services need to store and manage secrets. AWS Secrets Manager is the go-to solution for this. It's a centralized service...

Read More

Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01

The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how threat actors use Facebook for malicious activity has uncovered a new version of the SYS01 stealer. This stealer is designed...

Read More

Tips for Optimizing Your Security Operations Framework

Building an effective Security Operations framework that provides the right balance of people, processes, and technologies can take years.

Read More