Howdy, and Welcome to BSides Edmonton CTF!
We know everyone is eager to start, but some quick rules before you get hacking.
- If you have a question, direct it to the Hopin event where we will be providing service 0900-1700 Edmonton time and intermittent support at other times. If it is a question about flags, is specific to challenge details, or we just missed you, please direct it to firstname.lastname@example.org.
- Blind brute force is never required. Never brute force flags; dirbuster or equivalent is not necessary; challenges which require repeated iterations will clearly offer you the ability to do so.
- Don't share or steal flags.
- Don't attack infratstructure. If you find a security vulnerability, please responsibly disclose that information to email@example.com for remedy.
Additionally, we have some extra information that you may want to know.
- ALL CHALLENGE POINTS ARE DYNAMIC. It is up to the contestant to find challenges they are able to solve, and challenge points will reduce for all solvers as more contestants solve each challenge.
- Challenges will be released in increments: the first day will have most challenges released (pwn, reversing, forensics, statistics, and some misc); the second day will have the remaining challenges released (web and crypto).
- Challenges which show issue will be announced in the Hopin event channel and briefly hidden. Please be patient if we need to do live fixes, but hopefully we won't need to!
- We use SSL SNI for managing challenges that require direct connections to solve. A solver template using pwntools has been provided for each challenge like this, and if you have further questions please ask.
- Some direct connection challenges require a proof of work to ensure they are not brute forced. Appropriate templates have been provided in these cases, and if you have further questions please ask.