For those of you who don’t know, CTF is short for Capture the Flag. Basically it’s like a game format which can be a competition or as a way to have fun or build up skills. You are presented with a series of puzzles and other challenges to fix. The way to solve is to find the ‘flag’ which can be like a string of letters, numbers, or both. In the context of information security, these challenges can be on Linux exploitation, Windows exploitation, reverse engineering binaries (ie malware), digital forensics (ie mobile), cryptography and more.
I very recently decided to sign up to one, I decided not to mention who they are because perhaps this was a complete first run, or something. But they touted “1000 participants” for the CTF in which the participants are from a certain demographic group (cough you know where this is headed). I saw a post less than a week ago saying that they only attracted less than half of that number, and I decided to sign up, because one it was on a weekend and it was a short CTF.
That weekend was today and unfortunately the experience was very disappointing. From the get-go, there were multiple problems with the server and getting 502 errors. Not only that but doing -anything- was just problematically slow - from generating the browser-based VM to a Kali server right through to generating the OpenVPN file to connect via VPN. Even if someone were to manage to connect (for me, it was about 20 minutes later), the actual challenge site itself was just mired with problems - slow to get to new pages, slow to download the required files to work on the challenges, slow to do -anything-. And the problem still persists, even after 3.5 hours. The CTF challenge is supposed to end in about 30 minutes and I have only so far submitted just one flag because of all the issues above so I really do not think the problem here is load as by now 90% have probably just given up.
Luckily there are other CTFs out there, some permanent CTFs, some downloadable CTFs, and CTFs that have been going on for a while at yearly occurrences.