Eligibility
To be eligible for prizes, teams must consist of up to five US high school students. Teams do not have to consist of students from the same high school. Students on the winning teams must complete a verification process to ensure that all members are eligible for prizes. If you graduated this year, you are still eligible for prizes.
1st Place
$500 Amazon gift card
2nd Place
$300 Amazon gift card
3rd Place
$200 Amazon gift card
CTF stands for "Capture the Flag". CTFs are a type of computer security competition (but HSCTF extends beyond computer security to include other areas of computer science). Certain pieces of information, called "flags", are placed on servers, encrypted, hidden, or otherwise stored somewhere difficult to access. During the competition, different challenges are released which allow the participants to reverse engineer, break, hack, decrypt, and do whatever it takes to capture that flag. When a team submits this flag to a scoring page, they will get points.
HSCTF ("High School Capture the Flag") is the first CTF designed by high schoolers for high schoolers.
Unlike other CTFs, HSCTF isn't purely about computer security. It extends the CTF model of competition to other areas of computer science such as the design and analysis of algorithms and programming languages. Each challenge will still have a flag, and most of our challenges will fall into the traditional CTF categories of cryptography, reverse engineering, web exploitation, and binary exploitation.
Capture the Flag (CTF) competitions are traditionally targeted at college students or industry professionals. HSCTF is a CTF designed for younger students who might be interested in computer science.
Our primary goals are to educate students in computer science, and to increase their interest in computer science.
The competition is open to middle school and high school (6th to 12th grade) students from the United States. Teams can be composed of 5 or fewer students.
There will be a non-competitive division for all participating teams who are disqualified by the above rules.
We love computer science and CTFs. Competing in CTFs is one of our favorite things to do; unfortunately, there aren't many CTFs out there for high schoolers. We found that we learned a lot about computer security very quickly by particating in CTFs. HSCTF will teach participants about other areas of computer science as well. HSCTF is meant to follow up on the success of picoCTF.
HSCTF will take place entirely online at this website. Once the competition starts, teams will be able to log in and view the challenges using the team name and password provided at registration, which will be open throughout the competition. Participants may find it useful to have the ability to install software and have unfiltered internet access.
Challenges will vary widely in difficulty. We expect some challenges to be solved by every team, and others to be solved by only a few teams or even none. Teams should be potentially capable of performing very well in this competition with no CTF experience. We hope HSCTF will be a fun, educational experience for all competitors.
Full participation in the competition requires only a computer with a modern web browser (Firefox, Chrome, Opera, Safari, Internet Explorer 9+, etc.) and the ability to install applications.
There will be several dozen challenges, each worth a fixed number of points based on its difficulty. When you solve a problem, you send your answer (or 'key', or 'flag') to a scoring server, which adds the problem's value to your team's score. At the end of the competition the team(s) with the highest scores are the winners. Time will be used as a tiebreaker.
Partipants in HSCTF must abide by a few common sense rules that ensure the competition is fair. These rules are copied from picoCTF's FAQ: Attacking the scoring server, other teams, or machines not explicitly designated as targets is cheating. This includes both breaking into such machines and denying others access to them (for example, by altering a key or ping-flooding). Sharing keys or providing overly-revealing hints with other teams is cheating, as is being directly assisted by personnel outside the team (using tools from the internet is OK; asking people on the internet to help you solve the problem is not). We encourage you to solve problems in novel and creative ways using all available resources, but we do require that you solve them yourselves.
HSCTF is organized by students at West Windsor-Plainsboro High School North in New Jersey as part of its computer science club.
Yes! Look at picoCTF, run by Carnegie Mellon University, and CSAW RED, run by the New York University Tandon School of Engineering.
USACO is a competition that includes algorithm problems.
65 63 7a 76 6a 63 62 75 20 63 7a 20 71 6a 67 69 6d 77 7a 76 20 6c 6a 6d 20 65 63 70 74 2e 20 71 71 63 20 76 66 67 61 71 20 66 71 66 20 6f 20 73 64 67 66 20 72 71 70 2c 20 65 78 66 65 6d 20 76 76 75 68 20 75 71 6c 67 20 6b 6d 68 20 66 71 62 20 67 6f 65 6e 20 6c 71 20 6a 74 73 6d 7a 2e 20 61 20 63 75 20 6b 61 62 67 77 75 61 67 72 20 66 77 73 76 20 67 71 69 20 69 74 6a 67 20 69 64 7a 71 20 69 67 20 75 77 6e 6a 71 20 69 7a 6b 61 20 63 62 70 20 6e 67 77 20 6c 67 67 71 67 6e 67 20 62 6a 73 20 64 74 6f 63 7a 66 2c 20 6b 74 78 75 6a 20 71 75 20 68 74 74 20 73 70 61 79 73 64 20 69 67 20 76 70 67 20 64 64 64 74 6e 6d 6f 2e 20 68 74 74 20 63 67 67 20 6b 67 20 75 72 73 70 6a 74 33 6f 77 72 30 76 33 75 2e
import java.util.Scanner; public class SuperSecure { public static void main(String[] args) { Scanner in = new Scanner(System.in); String input = in.next(); if(input.length() != 10) { System.out.println("LOL no"); System.exit(0); } String changed = change(input); if(changed.equals("fvbl}bf334")) { System.out.println("Awesome!"); System.out.println("The flag is: " + input); } else { System.out.println("LOL no"); } } private static String change(String s) { char[] temp = new char[10]; for(int i = 0; i < s.length(); i++) { temp[i] = (char)(s.charAt(i) + 3); } return new String(temp); } }