Introducing RunCode CTF
For people who want to pwn good and want to do other things good, too.
This is a new format brought to you by the same team that develops the on-site and online coding competitions at https://runcode.ninja . Our team loves a good CTF, and our gradual inclusion of more and more infosec challenges to our traditional programming challenges called for a new format we think you'll enjoy.
We believe that the best way to learn to exploit is by actually exploiting live machines and in support of this, we have created a mobile capture-the-flag (ctf) environment. This environment contains several types of machines with multiple pathways for exploitation. We understand that ctf's have a broad appeal and will entice individuals (both novice and seasoned) to attempt the ctf competition. In light of this, we ensure that the machines we develop are developed at varying difficulties. This will engage a novice just starting out as well as a seasoned competitor.
The format is a little different from what you might be used to, but similar in style to some competitions we've enjoyed in the past, such as DerbyCon and EverSec. Teams are placed on a network and given a list of target boxes running vulnerable services they need to pwn. Each box will contain one to many flags waiting to be captured and submitted to the scoring server.
RunCode CTF competitions are (currently at least) held a few times a year at special events like security conferences and meetups.
Teams can be comprised of anywhere between 1 - 6 people - beyond the size restriction, anyone can be on a team.
The competition will not use a specific flag format. Look for
l33tsp34kwords scattered about and try submitting them. They'll generally be in places where you might normally find something of value (config files, passwords, so on and so forth).