About our NIZK (Non-Interactive Zero-Knowledge) Platform: https://arxiv.org/pdf/1708.05844.pdf
-
All team members must have a GitHub account and configure a SSH key in their account settings.
Important Note: If you are unable to follow the installation instructions below,
or is simply too lazy to do all the steps, we made a LXD container preloaded with this platform. If you prefer Docker, we made a Dockerfile too. If you want to install directly in your machine (instead of containers), just ignore this note. -
All team members must clone the repository and install the dependencies:
git clone [email protected]:pwn2winctf/2018.git cd 2018 sudo apt-get install libsodium23 curl https://bootstrap.pypa.io/get-pip.py | sudo -H python sudo -H python -m pip install -r pip-requirements.txt
Note: Any libsodium version >= libsodium18 is supported. However, recent pysodium has a bug when used together with old libsodium. Therefore, if you use libsodium18, please change
pip-requirements.txtsecond line topysodium == 0.6.9.1in order to use exactly the pysodium version which works correctly with libsodium18. -
All team members must have the git client correctly set up. If you have never used git before, run:
git config --global user.name "John Doe" git config --global user.email [email protected]
-
If dependencies are installed correctly (or if you used one of our preloaded containers), you should now see the help menu when calling:
./ctf -h
-
The leader of the team must execute the following command and follow the instructions to register the team:
./ctf init
-
The other members of the team must login to GitHub without registering a new team, by running:
./ctf login
-
After that, the leader must share the
team-secrets.jsonwith the members of the team. The other members of the team must place theteam-secrets.jsonfile shared by the leader in their2018directory.
Challenges are available on https://pwn2.win/2018.
If you prefer to browse them locally, you may also run a local webserver by typing ./ctf serve, or list challenges through the command line interface:
./ctf challsTo submit a flag:
./ctf submit --chall chall-id 'CTF-BR{flag123}'You may omit --chall chall-id from the command, however it will be slower to run this way. In this case, we will look for the flag in every challenge released until now.
To get the VPN credentials after your team has unlocked it (by solving at least 6 challenges - see the rules page for more details):
./ctf news --pullYou can see the scoreboard in the game link (https://pwn2.win/2018), locally (if you ran the local webserver) or through the command line interface:
./ctf score --names --pullYou may reach us through #pwn2win at irc.freenode.net.