Last weekend, I had the chance to once again participate in a CTF Security Tournament. Those tournament are very interesting since they serve as a way to test my knowledge, but also learn in a very fast way new thing. As such, I had to learn another type of VM that I never even heard of, QEMU. Luckily for me, QEMU was part of Arch packages and installing it wasn’t hard. But I still had to break through the Debian system in the VM, and find the binary to reverse. Sadly, I ran out of time before finding the flag. Nonetheless, it was a very fun experiment.
Isn’t capture the flag in FPS games?
When people hear capture the flag, they think an FPS game. And I can’t blame them. But no, that’s not what it is in this case. A CTF in security tournament is multiple security challenges where you have to find a flag that is identified by a unique string. That flag then gives you point based on the difficulty. The harder, the more points. The challenges can be of all kind: Reversing binaries, web security, forensic, and it keeps going. I personnally really like reversing challenges. What is also great with those challenges, is that they teach you new way to master the tools and software you may be used to use.
So last weekend, the CTF tournament I was in was the Polictf. Due to its nature of being online, people from around the world were able to participate. I am also very happy to say we finished 10th in the world, a team composed only of students. This experience was great, and I just can’t wait for the next one.