Third Annual Capture the Flag Contest
Date: Thursday June 2, 2011 Time: 2:30 to 4:30pm
Place: Sci III 315
Team Registration
Teams of up to three students are allowed for the contest. Teams should have
at least one member who has taken CMPS 340 (Digital Forensics) or who is
familiar with forensic tools. Teams can register ahead of the contest by
emailing Dr. Danforth or stopping by her office (Sci III 338). Teams may
also register at the contest itself.
Contest Information
The purpose of this contest is to capture virtual flags by applying digital
forensic techniques. Clues will be given about where to start looking for
evidence and what the ultimate goal of each flag will be at the start of the
contest. The team to capture all the flags first wins the contest, but
everyone is encouraged to keep trying until they too capture all the flags.
Useful Tools
All students will have access to the Linux desktop, a Linux virtual machine
with sudo access and a Windows virtual machine during the contest. The virtual
machine passwords will be given out at the start of the contest. Both virtual
machines are blank slates, with no forensic tools installed on them yet.
In the days before the contest, it will be useful to brush up on the following forensics tools that were introduced in CMPS 340:
- WinHex - A hex editor for Windows.
- File Signature Database - A list of hex signatures for the start and ending bytes of many common file types.
- Wireshark - A GUI packet sniffing program.
- tcpdump - A command line packet sniffing program.
- nmap - A network mapping utility.
- John the Ripper - A password cracking utility.