HSCTF 3 ran — May 14-21, 2016

Find our practice problems here.



HSCTF
HSCTF is an international online hacking competition designed to educate high schoolers in computer science.
 
Teams of up to 5 students will be challenged to....

Crack Codes

Reverse Engineer

Design Algorithms

Master The Internet

Sponsors
 

Prizes

 

First Place: $450 and Facebook Swag.

Second Place: $300

Third Place: $200

FAQ
 

What is a CTF?

CTF stands for "Capture the Flag". CTFs are a type of computer security competition (but HSCTF extends beyond computer security to include other areas of computer science). Certain pieces of information, called "flags", are placed on servers, encrypted, hidden, or otherwise stored somewhere difficult to access. During the competition, different challenges are released which allow the participants to reverse engineer, break, hack, decrypt, and do whatever it takes to capture that flag. When a team submits this flag to a scoring page, they will get points.

What is HSCTF?

HSCTF ("High School Capture the Flag") is the first CTF designed by high schoolers for high schoolers.

Unlike other CTFs, HSCTF isn't purely about computer security. It extends the CTF model of competition to other areas of computer science such as the design and analysis of algorithms and programming languages. Each challenge will still have a flag, and most of our challenges will fall into the traditional CTF categories of cryptography, reverse engineering, programming languages, forensics, and recon.

Capture the Flag (CTF) competitions are traditionally targeted at college students or industry professionals. HSCTF is a CTF designed for younger students who might be interested in computer science.

Our primary goals are to educate students in computer science, and to increase their interest in computer science.

Who can compete?

The competition is open to middle school and high school (6th to 12th grade) students from the United States. Teams can be composed of 5 or fewer students.

There will be a non-competitive division for all participating teams who are disqualified by the above rules.

Why?

We love computer science and CTFs. Competing in CTFs is one of our favorite things to do; unfortunately, there aren't many CTFs out there for high schoolers. We found that we learned a lot about computer security very quickly by particating in CTFs. HSCTF will teach participants about other areas of computer science as well. HSCTF is meant to follow up on the success of picoCTF.

Where?

HSCTF will take place entirely online at this website. Once the competition starts, teams will be able to log in and view the challenges using the team name and password provided at registration, which will be open throughout the competition. Participants may find it useful to have the ability to install software and have unfiltered internet access.

When?

May 14th 10:00AM EST to May 21th 11:59PM EST.

Will it be difficult?

Challenges will vary widely in difficulty. We expect some challenges to be solved by every team, and others to be solved by only a few teams or even none. Teams should be potentially capable of performing very well in this competition with no CTF experience. We hope HSCTF will be a fun, educational experience for all competitors.

What resources do I need to compete?

Full participation in the competition requires only a computer with a modern web browser (Firefox, Chrome, Opera, Safari, Internet Explorer 9+, etc.) and the ability to install applications.

How is it scored?

There will be several dozen challenges, each worth a fixed number of points based on its difficulty. When you solve a problem, you send your answer (or 'key', or 'flag') to a scoring server, which adds the problem's value to your team's score. At the end of the competition the team(s) with the highest scores are the winners. Time will be used as a tiebreaker.

What constitutes cheating?

Partipants in HSCTF must abide by a few common sense rules that ensure the competition is fair. These rules are copied from picoCTF's FAQ: Attacking the scoring server, other teams, or machines not explicitly designated as targets is cheating. This includes both breaking into such machines and denying others access to them (for example, by altering a key or ping-flooding). Sharing keys or providing overly-revealing hints with other teams is cheating, as is being directly assisted by personnel outside the team (using tools from the internet is OK; asking people on the internet to help you solve the problem is not). We encourage you to solve problems in novel and creative ways using all available resources, but we do require that you solve them yourselves.

Who is running HSCTF?

HSCTF is organized by students at West Windsor-Plainsboro High School North in New Jersey as part of its computer science club. HSCTF is lead by President Jacob Edelman (12th grade) and Vice-President Sammy Berger (11th grade). The founders were Jacob Edelman, Alok Tripathy, Ben Edelman, Aaron Weiss, Ernest Chiu, and Aaron Berger.

Are there any related competitions?

Yes! Look at HSCS for CTFs run by High Schools and you may also want to compete in picoCTF, run by Carnegie Mellon University, and the qualification round of CSAW CTF, run by the New York University Polytechnic School of Engineering. We had a great time participating in both competitions. CSAW CTF is designed for undergraduate students, not high schoolers, but there is a high school division and the challenges are introductory.

USACO is a competition that includes algorithm problems.

Practice
 

Find our practice problems here.

Other Sample Challenges

Find the hidden flag for each challenge (solutions forthcoming)!

Cryptography

65 63 7a 76 6a 63 62 75 20 63 7a 20 71 6a 67 69 6d 77 7a 76 20 6c 6a 6d 20 65 63 70 74 2e 20 71 71 63 20 76 66 67 61 71 20 66 71 66 20 6f 20 73 64 67 66 20 72 71 70 2c 20 65 78 66 65 6d 20 76 76 75 68 20 75 71 6c 67 20 6b 6d 68 20 66 71 62 20 67 6f 65 6e 20 6c 71 20 6a 74 73 6d 7a 2e 20 61 20 63 75 20 6b 61 62 67 77 75 61 67 72 20 66 77 73 76 20 67 71 69 20 69 74 6a 67 20 69 64 7a 71 20 69 67 20 75 77 6e 6a 71 20 69 7a 6b 61 20 63 62 70 20 6e 67 77 20 6c 67 67 71 67 6e 67 20 62 6a 73 20 64 74 6f 63 7a 66 2c 20 6b 74 78 75 6a 20 71 75 20 68 74 74 20 73 70 61 79 73 64 20 69 67 20 76 70 67 20 64 64 64 74 6e 6d 6f 2e 20 68 74 74 20 63 67 67 20 6b 67 20 75 72 73 70 6a 74 33 6f 77 72 30 76 33 75 2e

Reverse Engineering

import java.util.Scanner;


public class SuperSecure {
  public static void main(String[] args) {
    Scanner in = new Scanner(System.in);
    String input = in.next();
    if(input.length() != 10) {
      System.out.println("LOL no");
      System.exit(0);
    }
    String changed = change(input);
    if(changed.equals("fvbl}bf334")) {
      System.out.println("Awesome!");
      System.out.println("The flag is: " + input);
    } else {
      System.out.println("LOL no");
    }
   }
   private static String change(String s) {
    char[] temp = new char[10];
    for(int i = 0; i < s.length(); i++) {
      temp[i] = (char)(s.charAt(i) + 3);
    }
    return new String(temp);
  }
}

Recon

recon image
Contact Us
 

facebook/hsctf

[email protected]
[email protected]

@hsctf