Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

Hosting a Hacking Challenge - CTF-style

Lexi Pimendis
Chaos Communication Congress 22th (22C3) 2005
Indexed on
Mar 27, 2013
File name
File size
20.7 MB

The talk will give a deep view behing the scenes of creating a CTF-hacking challenge. Starting from a short analysis of requirements for such an event, the organizational work to be done, to the main topic: designing the actual contest and choosing the software to be hacked. This years CIPHER event was a larger hacking event for students from international universities. 14 teams gathered from four continents and fourteen countries to hack the other team's server and defend their own. The exercise is about hosting a server that initially runs multiple services, i.e. a webserver, a mail server and customized services. These have typical security vulnerabilities that allow to compromise the server. The goal is to maintain the services up and uncompromised for the duration of the game, scores are also given for exploiting weaknesses and gaining access to other team's servers. The contest was held within a VPN, to authenticate the teams and ensure that the contest will not leak 'surprises' on the remainder of the internet. The services were hosted on VMWare- images, so that the memory layout and starting conditions for each team were controlled and known to all participants. We will give an overview of the services used in the contest, how we build them and demonstrate the tools we used to run the contest. The main goal of the exercise was to teach students how to act in situations of constant pressure and ubiqituous insecurity. The skills to actively participate not only include programming languages but also system administration and knowledge about offensive techniques.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.


Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.


To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !