This repo contains sources for justCTF 2023 challenges hosted by justCatTheFish as well as summary of winners and sponsors of the event.
TLDR: Run a challenge with ./run.sh (requires Docker/docker-compose and might require sudo as we use nsjail extensively under the hood).
The challenges/ contains challanges directories with the following structure:
README.md- official challenge description used during CTFpublic/- files that were public/to downloadprivate/- sources and other unlisted filesprivate/run.sh- shell script to run the challenge locally (uses Docker and sometimes docker-compose)private/flag.txt- the flag (don't look there?)private/metadata.json- challenge metadataprivate/solve.sh/private/solver/- scripts and files with raw solution (not present for every challenge)- other files
- 1st place - r3kapig - $3200
- 2nd place - Never Stop Exploiting - $1500
- 3rd place - SKSD - $1000
- Trail of Bits - https://www.trailofbits.com/
- OtterSec - https://osec.io/
- SECFORCE - https://www.secforce.com/
- isec - https://www.isec.pl/
Thanks again to all the sponsors who made this event possible!
(Sorted from most solved to least solved)
| Category | Name | Points | Solves |
|---|---|---|---|
| Misc | Sanity check | 50 | 261 |
| Misc | ECC for Dummies | 88 | 138 |
| Misc | justCTF Survey | 140 | 87 |
| Pwn | Welcome in my house | 158 | 74 |
| Web | eXtra Safe Security layers | 173 | 65 |
| Crypto | Vaulted | 199 | 51 |
| Re | Rustberry | 201 | 50 |
| Web | Dangerous | 231 | 38 |
| Re | manGO | 253 | 31 |
| Pwn | nucleus | 256 | 30 |
| Misc | ECC not only for Dummies | 293 | 21 |
| Misc, Pwn | PyPlugins | 298 | 20 |
| Web | Perfect Product | 340 | 13 |
| Re | nvm | 355 | 11 |
| Pwn | Baby Otter | 363 | 10 |
| Crypto | Multi Auth | 373 | 9 |
| Pwn | Mystery locker | 373 | 9 |
| Web | Aquatic Delights | 373 | 9 |
| Pwn | notabug | 373 | 9 |
| Web | Phantom | 373 | 9 |
| Web | Easy Cloud Auth | 406 | 6 |
| Web | almost finished | 406 | 6 |
| Pwn | notabug2 | 420 | 5 |
| Pwn | Tic Tac PWN! | 435 | 4 |
| Re | Trial of Data | 453 | 3 |
| Re | thiefcat | 453 | 3 |
| Web | ESSAMTP | 500 | 1 |
| Misc, Web | Safeblog | 500 | 1 |
| Web | almost finished2 | 500 | 1 |
| Misc | Formula L | 500 | 1 |
| Misc | Secure DB | 500 | 0 |
| Pwn | Windytooth | 500 | 0 |
| Re | Trial of Bugs | 500 | 0 |
Write-ups created by players can be found on CTFTime as well as on our discord.
You should also look at challenges solution directories, if they exist (solver.sh/solver/).
Once again we used our own CTF platform which is available here with the exception of few features (notably the message system) not being pushed upstream at the time of publishing.