After seeing some interesting updates from Hack The Box about funding on LinkedIn, I found a very exciting post about a CTF that they were running called Cyber Apocalypse. I left it pretty late to sign up as I didn’t think I’d get a lot of time, our baby needs a lot of attention & I have only a few hours in the evening where I can spend time hacking. I was considering asking some of the team at work whether they’d be interested in playing but thought better of it, at this point i wasn’t sure what type of CTF this would be. Some CTFs are ‘realistic’ and some are just troll-level pain and really not very fun.
I decided to focus on the web challenges as that’s something I’m OK at. Some were very simple, some were not so simple and were actually pretty scary with what could be achieved when the exploit path was understood. I managed to complete 12 challenges, 10 of which were web challenges, 1 was a ‘misc’ challenge exploiting input() in Python and the warm-up challenge. The warm-up challenge brought the most laughs… endless individuals writing flag++ in the Discord chat, not reading the announcements and mods getting very upset.
I liked the format but the infrastructure hit a hurdle a couple of times when I went to try play. I really liked that when the challenges were released that they were worth 1000 points, as people solved it dropped down to a minimum of 300 points, like a bounty for being quick or solving harder challenges. I managed to get a few > 500 point solves along the way which felt like a mini victory. I really liked the variety of challenges, I definitely wasn’t equipped to handle the forensics tasks as quickly as I’d have liked and consequently I parked these. I will definitely be reading the writeups and playing with the challenge materials at a later stage. Some areas like hardware & crypto were way out of my current skillset, and something I’ll also be looking into the released challenges when time permits.
It would’ve been good to know where I ranked as a 1 player team, I didn’t expect to compete with any of the 10 player teams! I managed to place 617/4740 as a single pringle, with a grand total of 3400/19650 points. I will be definitely be inviting along my work colleagues for the next, it wasn’t a trollfest of insanely unfun machines and really good learning.