Challenge Information
CTF 2023
Date and Time :
10 November 2023, 6:00PM HKT to
12 November 2023, 6:00PM HKT
(The system will operate for 48 hours, participant can access anytime during the contest)
Contest Format :
This is a Jeopardy-style online CTF Contest. Participant will get a score after solving the challenges during the Contest.
How to play :
The application deadline has been extended from now to 5 November 2023 (Registration after the deadline will not be accepted)
Leaflet :
*
Learning Outcome Through the Contest
1. Creative thinking
2. Computer security concept, e.g. reverse engineering
3. Networking, e.g, TCP/IP, HTTP
4. Mathematics of cryptography
5. Programming concept and language, e.g. Python, JavaScript, Assembly, Structured Query Language (SQL), HTML
6. Internet search skill
* All the challenges in this contest are bilingual (i.e. Trad. Chinese and English)
Past Challenges
Categories
The Contest is divided into 3 categories:
Secondary School
- For all student of secondary school in Hong Kong
Tertiary Institutions
- Full-time students in Diploma, Higher Diploma, Associate Degree and Bachelor’s Degree of universities or colleges in Hong Kong
Open Category
- At least one Hong Kong residents or holders of valid Hong Kong working or study visa in the team
The challenges in the Secondary School category are different from the Tertiary Institution and Open categories. Therefore, if teams of secondary schools want to compete with teams in Open category, they can choose to opt-in the registration form. Please note that in this case, their score will be counted in Open category. For details on how to opt-in, please refer to the instructions in the online registration form.
The Contest is a team competition, with each team making up of one to four members. Each participant can enrol to only one of the categories and should submit only one entry. Participants shall agree and abide by all the terms and conditions, and rules of the Contest.
Example
Scenario
Eligible to join
Members are studying in the same secondary school of Hong Kong
– Secondary school, or
– Open (opt-in)
1 of the members is studying in different secondary schools of Hong Kong
– Open
Members are studying Diploma, Higher Diploma, Associate Degree or Bachelor’s Degree in Hong Kong universities or colleges
– Tertiary institutions, or
– Open
1 of the members is studying master’s or doctoral degree in Hong Kong universities or colleges
– Open
1 of the members is Hong Kong resident, the other 3 members are not
– Open
Oversea Category
- Team members from outside Hong Kong
Prizes
Team Name
All the team names will consist of 2 parts (1) Team code; (2) Team name, which would be the name of school/institutions or any self-defined names. The naming convention of each category are shown below
- Secondary School
- Assigned by Organiser
- Naming convention is {Team Code} – {School name of the members}
- E.g. S0001 – Tsuen Wan East Secondary School
- Tertiary Institution
- Self-defined name in English with maximum 50 characters, or assigned by Organiser
- Naming convention is
- {Team Code} – {self-defined name}, or
- {Team Code} – {Institution name of each member}
- E.g. T0001 – HK CTFMan, or T0001 – CUHK, PolyU, AbcdU
- Open Category
- Self-defined name in English with maximum 50 characters
- Naming convention is {Team Code} – {self-defined name}
- E.g. O0001 – HK CTFMan
The Organisers reserve the right to change the name of the team at any time without prior notice.
Proof of Answer (Write-up)
The top 5 teams of each category are required to submit the proof of answer (write-up) of 3 solved challenges selected by the Organisers. The Organisers will verify the accuracy while confirming the final ranking.
- Each team should include maximum of 4 team members (i.e. 1 – 4 members). All team members must fulfil the entry requirements stated in the Eligibility.
- Representatives of the Contest Organising Committee, members of the project team and supplier(s) of the Contest are not eligible for joining the Contest.
- The top five teams of each category are required to submit the write-up as specified under the “Write-up” section within the set time by the Organisers.
- After completing the 48 hours’ Contest, the top three teams of each category with the highest scores and their write-ups confirmed by the Organisers will be declared the gold, silver and bronze winners respectively. In case of a tie in score, the final placing will be decided by time.
- If any issues occur during the Contest, participants shall report them to the Organisers immediately.
- Don't attack the CTF platform, such as:
- Modify the scoreboard;
- Generate excessive load;
- Launch denial of service attack;
- Don't attack any machine or service other than the designated ones.
- No social engineering attack.
- Don’t cheat or interrupt the Contest, such as:
- Share flags;
- Ask for flags;
- Delete flags;
- Intentionally prevent other teams from submitting flags.
- In the chat room:
- Don’t send any message which contains violent, obscene or indecent content.
- Don’t upload any file which infringes any copyrights and intellectual property rights.
- Do not share any content or details of the CTF challenges with anyone before the end of the contest.
- Any abuse or violation of the Rules will result in penalty as stated in the Terms and Conditions.
General Terms and Conditions
General Terms and Conditions for the Capture The Flag event organised by HKCERT
- The participating teams should abide to these Terms and Conditions and the Rules of the Contest. The Organisers reserve the right to penalise team members for noncompliance with suspension of access or disqualification. The related teams and their members shall not raise objection.
- Each participating team will be named as per the rule specified under the “Team Name” section. The Organisers reserve the right to substitute any name with another name at any time without prior notice. The participants shall not raise objection.
- The whole team is disqualified if any member of the team is not eligible.
- All works of the team must be contributed by eligible members of the team.
- The team should notify the Organisers of any change in team members immediately. The Organisers will verify the identity of the winning team members when confirming their award.
- The Organisers may allow teams from other countries / regions to compete in the platform. The invited teams would compete in another category. Their score and ranking would not affect the other groups. The participants shall not raise objection.
- The decisions of the Organisers on the Contest results will be final and the results of the Contest will be published on https://ctftime.org. The participants shall not raise objection to the Contest results or rankings.
- The Organisers reserve the right to substitute any prize with another prize at any time without prior notice.
- The Organisers reserve the right to amend the Rules from time to time and inform the participants.
A computer with web browser
Useful Tools
Type |
Tool |
|---|---|
Compression utilities |
Any Zip tools |
File editor |
Any text editor |
File editor |
Any Hex editor |
File viewer |
Any image viewer |
File viewer |
Any PDF viewer |
Network utilities |
Ncat |
Network utilities |
Nmap |
Network utilities |
Wireshark |
Network utilities |
Burp suite |
Password crack utilities |
Any password crack tool |
Terminal emulator |
Putty |
2. Online
- Compiler, e.g.
Online Resources
Learning
- picoCTF: https://picoctf.org/resources
- CTF 101:https://ctf101.org
- HackerOne: https://www.hacker101.com/videos
- Web XSS: https://prompt.ml/0
- Cryptography: https://cryptohack.org
- Binary exploitation: https://pwnable.tw
- Wikis: https://ctf-wiki.org/en/
- Course: https://pwn.college/
- VTuber: https://www.youtube.com/c/kurenaif
Practice
- picoCTF: https://play.picoctf.org/practice (require registration)
- HSCTF3: https://jacobedelman.gitbooks.io/hsctf-3-practice-problems/content/
- CTFlearn: https://ctflearn.com (require registration)