cf-coder's blog

By cf-coder, history, 3 years ago, In English

does anyone from cf have id in ctf(https://ctftime.org/)? and are you active there? ctf is a site that holds contest on cyber security.

Tags ctf
  • Vote: I like it
  • +12
  • Vote: I do not like it

| Write comment?
»
3 years ago, # |
  Vote: I like it +2 Vote: I do not like it

I participate semi-regularly in CTFs and qualified for my country in ECSC (European Cybersecurity Competition) and IOI. My ctftime id is: https://ctftime.org/user/82787

  • »
    »
    3 years ago, # ^ |
      Vote: I like it 0 Vote: I do not like it

    So you do CP and cyber security contest at the same time. Will you tell what extra skills are needed for cyber security contest for a competitive programmer?

    • »
      »
      »
      3 years ago, # ^ |
        Vote: I like it +8 Vote: I do not like it

      When I did CTFs, I worked pretty much exclusively on cryptography challenges so I'll comment on that.

      Ironically, for a crypto main, I am not a fan of math and I'd try to blackbox any math concepts in a CTF if I could. So usually that would mean copying scripts from online and praying that they'd work. In hindsight, this probably wasn't the best approach. If you can learn how something works then definitely do so, especially since that will allow you to more easily utilize that thing.

      In terms of what I know now, I have a basic understanding of how some common cryptography systems like RSA and AES work, and enough knowledge about common attacks on them that I know what to search for in order to use them. I never got around to fully understanding elliptic curves, which was a serious handicap when I was playing.

      I also did a lot of scripting in Python and SageMath. Being able to both read and write code in those languages is very helpful when solving crypto challenges.

      In general, I think that as long as you are willing to learn by yourself and on-the-fly, you should be set for CTFs. You should be prepared to do a lot of Googling searching on the online search engine of your choice.

      I don't really think there's much overlap between knowledge required for CTFs and CP, although a lot of the thought process is pretty similar.

»
3 years ago, # |
  Vote: I like it 0 Vote: I do not like it

Me and qpwoeirut are former members of RGBsec, rated 4th in the USA in 2020.

  • »
    »
    3 years ago, # ^ |
    Rev. 2   Vote: I like it -8 Vote: I do not like it

    Is it hard to maintain both CP and hacking ?

    • »
      »
      »
      3 years ago, # ^ |
        Vote: I like it +8 Vote: I do not like it

      Well, what do you mean by maintain? If you mean have an account, then well no -- just create an account and never touch it for the rest of your life. If you're talking about maintaining a good ranking, then it does certainly take a lot of time and effort. I am of the opinion that the amount of time you can spend on a specific CTF is one of the biggest factors in regards to how well you do on that CTF.

      Both of us would usually spend a good part of our day doing a CTF, usually working for several hours straight.

      CTFs were fun, but right now for me they simply take up too much time to be worth doing to the best of my ability. So I am currently inactive on CTFTime. I do happen to be planning on participating in the Lexington Informatics Tournament CTF (as well as their CP competition), which starts tomorrow. But that's going to be the first CTF I've participated in in probably a half year or so.