In the past semester, a group of volunteers from the ISACA-SP Student Group as well as the DISM SIG members ran a semester long miniature capture the flag (CTF) online competition.
Index Page of the Online CTF System
It was made open to anyone with a valid Singapore Polytechnic email address, but the majority of the participants came from the DISM year 2s and year 3s.
The aim of the event was to increase interest in infosecurity by supplying interesting challenges for the CTF teams to solve in their free time.
A Portion of the Rules and Regulations of the Competition
The project was officially kicked start during the holidays. Members of this ‘CTF committee’ were assigned different roles on order to bring up the event in time for the semester’s start, when everyone else would be returning to school.
One was appointed as the system developer and coded and designed the website from scratch, some worked on server and network administration at the labs where the project was hosted, whilst others crafted the challenges and puzzles.
A List of Puzzles / Challenges for Participants to solve
It was a democratic process, where the group met frequently to make and solidify decisions over issues such as the suitability of the challenges, website bugs or design, and the exciting topic on prizes to award.
Screenshot of One of the Entry Puzzle “Cracked The File”
Another Puzzle “SpyKey” of Entry Level Difficulty
After the site went live, quite a number of students from year 1, 2, 3 and even graduates signed up to participate. Many grabbed the additional points by being the first few teams in submitting flags whilst others got a bit of help from the hints released gradually.
After one month from the release of a puzzle, teams are invited to submit write-ups for their solution approach for the benefit of others as well as more reward points, which would all be summed up in calculation of the final ranking after the semester.
Ranking Board of Participating Teams after End of July
Hope this joint adventure by ISACA-SP and DISM-SIG could inspire the passion for InfoSecurity in more and more students. Good luck to all teams that are take part!