Difficulty: Easy
Opinion: One of the worse organized CTFs I’ve been into.
Preface:
I entirely support the competitors and their ways; their solves are as valid as mines are.
Problem (As always) comes from the people that are higher on the chain :)
Everything started going south when they opened the second challenge, I couldn’t access it for 15 minutes.
When it somehow decided to open up correctly, at least 5 people already solved it.
I thought, well, maybe this was a problem with my devices/network but I ruled that out because:
I tried 3 different devices w/different browsers and different networks and none worked.
And later on they confirmed it was an issue on their end.
Question is, how did people finish it in less than 1 minute (In the dashboard you can see people’s solve times)?
I started asking the people over at Discord and asked hackrocks themselves and what basically just happened is that the clients that hired hackrocks to design the CTF, cheaped out and told them to re-use challenges.
What’s the problem with that? That the flags are the same.
That entirely explains the sub-1’ solutions.
The very same day, they mistakenly opened the third and last challenge (It was supposed to go live by next day at 10AM) and the same thing happened again, sub-1’ solves…
I went crazy and started asking for responsibilities regarding it but hackrocks said they could not do anything over and over, they had some sort of meeting with the clients but didn’t change anything.
They only substracted the points of the 3rd challenge to the people who solved it and opened it next day as nothing happened; and we saw again the sub-1’ solves.
The prize for winning is a 7.700€ scolarship in Nuclio Digital School, the least they could do is make a decent and righteous for everyone, yet they failed miserably at doing so.
A simple blog for everything me
Writeups for Nuclio CyberHack CTFs