2019 CTF

Join us and participate in this year’s CTF

Like previous years – we have a ton of challenges, just waiting for you to take them on, so buckle down – and Level Up!

Hall of Fame

2018

Honorable Mention: @doadam – Adam Donenfeld

1st place: reclass (Nir Lavi and Intel’s team)

2nd place: babyr00t (known also as dm0n)

3rd place: JCTF (@schturdel, @nmontag, @YaakovCohen88 and Israel Erlich)

2018 CTF

One of our volunteers was kind enough to deliver a care package to the person who solved everything first! (Adam Donenfeld) – while not eligeble to win, he did solve everything first.

2018 Challenges

#ChallengeAuthor
1IAmBruteTomer Zait and Nimrod Levy
2Redirect meTomer Zait and Nimrod Levy
3IH8emacsTomer Zait and Nimrod Levy
4I’m Pickle Rick!Tomer Zait and Nimrod Levy
5Creative AgencyTomer Zait and Nimrod Levy
6ContactUsTomer Zait and Nimrod Levy
7GamingStoreTomer Zait
8c1337ShellTomer Zait
9DockingStationTomer Zait
10PySandbox-InsaneTomer Zait
11Shared DirectoryNimord Levy
12Can you bypass the SOP?Nimord Levy
13NoSocketNimord Levy
14Into the rabbit holeAdir Abraham
15PimpMyRideGal Goldstein
16hideinpILainsightOmer Agmon
17WTFLOL (and wtflol_reflagged)Kasif Dekel

Also on the team were Ido Naor, Ezra Caltum and Omer Cohen who gave advice and support, as well as QA 🙂

Resources

Link to 2018 PDF

Our challenges are also available as a VM (courtesy of Tomer Zait) (

Write Ups

https://jctf.team/BSidesTLV-2018/

https://www.digitalwhisper.co.il/issue97

https://www.digitalwhisper.co.il/files/Zines/0x61/DW97-2-BSides2018.pdf

https://hackso.me/bsidestlv-web/

https://t.co/klqz7gavLb

Statistics

312 teams registered

112 solved at least one challenge

1275 unique IP addresses

Running a Fair Game

Yesterday, June 9th at 18:26 we discovered that someone has shared the flag for one of our challenges on Pastebin.

Obviously, we considered this before starting the CTF and made a decision to trust our community and the rules of the game would be played fairly, and we still believe that the vast majority of the playing teams or playing for fun and do so fairly.

However, we couldn’t let one of our flags (worth 1,000 points!) run around free, so we made a difficult choice. Even though the likelihood of further spreading of that flag is minimal, we modified the challenge slightly to include another step in the flag creation, making the original flag obsolete.

this is on no way the fault of the hard-working, serious players who were hurt by this decision, but rather a way for us to move forward and keeping (a rather excellent) challenge with us – without using the original flag.

as to the people behind the leaked flag, and the submission of the leaked flag to get points – we took their word that this was not intentional, and we are keeping a close watch for the rest of the competition.

Please play fairly! both for your sake, and for the fun of everyone else!