Help

Registration

To register, create an account on this site with your full name, student email address, school name, and a teacher contact. Your student email, school, and teacher contact will be used for verifying that you are an Ontario student eligible to compete in some contests like LyonCTF.

To create or join a team, go to the teams page. One member of the team can create the team and give the access code to other team members to join. The access code will be displayed on team creation but can be accessed or changed from the edit team page. To be eligible in WxMCTF, make sure the team has a maximum of 4 members.

Registration must be done before the contest to have access to the full contest time, but it is recommended to register as soon as possible to have access to the practice contest and problems on this site.

Problems & Flag Submission

CTF Challenges can be viewed from the problems page. The list contains problems in a wide variety of challenges both in topic and difficulty. The goal of challenges is to look for a string called a flag from given files, programs, web pages, etc. Flags on this site usually have the format of CTF{[A-Za-z0-9_]+} but may differ depending on the challenge. The flag format for a specific problem can be seen in the submission placeholder. For problems that give files, SHA256 checksums are provided for testing file integrity. For problems with webpages or binary executable access, an instance of the challenge can be run from the problem page. These instances last a few minutes and can be started again when they close. Most binary exploitation challenges will require the netcat tool to access the challenge instance.

Sample Netcat Problem

The problem Sanity Check - Netcat Edition allows you to get a feel for how to launch an instance of a problem like you would do for some binary exploitation and web challenges. After logging in, you should see this UI:

problem page with option to start an instance

After pressing the button "Launch Instance" you'll now see a unique connection command:

problem page with connection details of running instance

On most operating systems, you can install a version of netcat suitable for connecting, though you may also use available libraries in different programming languages like pwntools in Python. Some challenges will require scripting, so you should explore the options available in your language of choice and test them out on this problem.

Note: the nc portion of the connection string is merely for ease of copy-pasting in to a command line. Using a tool other than netcat may require using the host and port in a different format.

Connecting to this instance will return the flag, after which you can let the time run out, or, to save some resources, delete the instance prematurely.

Resources

  • CTF 101 - general resources on the different kinds of CTF challenges.
  • CryptoHack - fantastic resource for cryptography challenges.