Playing Capture The Flag with a team on location is something completely different than performing penetration tests, security assessments or even trying to solve CTF challenges over the Internet.
At Defcon 23 I joined a team of really knowledgeable, nice and friendly people for the OpenCTF competition. It was an exhilarating ride from setting up all equipment to the glorious finish. Playing Capture The Flag on Defcon was educational but foremost fun, fun and fun.
So why would you spend a good chunk of 48 hours sitting in a chair behind a screen while there is so much more to see and experience at Defcon ? In one word: The undescribable exciting atmosphere of playing during a conference, of competing against all these bright people from all over the world, desperately trying to solve the challenges.
Here are some of my personal notes on how to get the most out of competing in an OpenCTF competition with a team:
- Allow plenty of time before the competition to set up (and harden - don't be a fool like me) your machine. Make sure you have all necessary tools and notes.
- Make sure beforehand that all team members have one communication channel (eg. IRC) readily available, and ways of sharing files (eg. USB sticks, pastebin or dropbox). Share the knowledge. Our team first met up at Defcon 23, so this was important for us.
- Read the instructions of the challenge. Read them again. And preferably again. Look at the challenge. This was for me an eye opener, as I got the feeling that didn't allow myself enough time reading into each challenge.
- Don't forget to make notes continuously while playing. If you're stuck, if there aren't challenges to your liking open or if the competition floor is closed, you can always do write ups (please don't hold it against me, but I really like doing write ups).
- Make sure you're comfortable with setting up networking, routing and, most important (local) firewalls. Several challenges needed network tweaks like VLAN settings. You could also go on the offense and attack other teams, so be prepared.
- Bring hardware. Lots of it. Patch cables, USB sticks, chargers, foreign adaptersmonitors, you-name-it. One of our team members brought a switch, and it made him the instant uncrowned king of our team.
- The advantage of being in one location is that you can easily communicate with each other. I really enjoyed walking around to other team members, seeing what they were up to and hearing their ideas. Bouncing theories around is so extremely valuable. If you have pair programming, why not pair hacking ? And Extreme Hacking is born...
- The helpful organizers Team Vand were walking around all day. It seemed like they really enjoyed it when you asked them about the challenges. Why not walk up to them more often when you're stuck ?
- With regards to technical skills, I felt that it was an immense advantage if you're pretty confident with a glue language like e.g. Python. Writing (simple) file parsers, doing basic byte conversions and other file operations is a plus.
- Remember to have fun, it's a social thing.
The learning experience was my most important goal of joining a CTF team and the competition. In that regard Defcon 23 was a huge success. Not only that, but our team also ended up at a rewarding 12th place out of the 61 teams. Something that I'm really proud of.
We will be competing again at Defcon 24, and you should too. See you next year ?
Thanks to the organizers "Team Vand" and last but not least all of our team members. I learned so much from you - You know who you are!