Trellix Launches Annual CTF Competition – Catmen Sanfrancisco!
By Trellix · February 1, 2022
This story was written by Steve Povolny.
The Advanced Threat Research team, now with Trellix, is pleased to announce the return of our second annual Capture the Flag contest featuring 12 new challenges of varying skill levels, and a Discord server to facilitate competitive collaboration. This year we decided to add a bit of story – so put on your 90’s nostalgia hats, as you assist our heroine, Catmen Sanfrancisco (clearly no relation to Carmen Sandiego).
Much like our inaugural CTF, we’ve done our best to minimize guesswork and gimmicks. While we’ve added a few flashy graphics, we’ve stayed true to our core principles – distilling the kind of problems we’ve encountered many times over the years during our actual research projects. Additionally, as this contest is primarily educational in nature, we won’t be focused as much on the winners of the competition. The goal is for anyone and everyone to learn something new. However, we will provide a custom ATR challenge coin to the top 5 teams (one coin per team member, up to 4 per team) on the scoreboard. When registering for the contest, make sure to use a valid email address so we can provide winners with our congratulations and challenge coin.
The ATR CTF will open on Friday, February 11th at 11:59 pm PST and conclude on Friday, February 25th, at 11:59 pm PST.
Click here to register!
If you’ve never participated in a CTF before, the concept is simple. You will:
- Choose the type of challenge you want to work on,
- Select a difficulty level by point value,
- Solve the challenge to find a ‘flag,’ and
- Enter the flag for the corresponding points.
NOTE: Each flag will be in the format ATR[1a2b3c4d5e], where 1a2b3c4d5e is replaced with a specific string clearly stated when solving a given challenge. For example: ATR[Ul33th4xorU]. You must submit the flag in full, including the ATR and square brackets.
Successfully completing a challenge will reward anywhere between 100 and 500 points - the harder the challenge, the higher the points! We designed all CTF challenges so that you practice real-world security concepts, and while there are definitely overlaps for each challenge, this year’s categories include:
- Reverse engineering
Teams consist of at least one competitor, but we welcome groups as well. If you get stuck, a basic hint is available for each challenge. Be warned though, you should only use the hint as a last resort; doing so will cost you valuable points.
This year we will be using Discord for teams and individuals to communicate both with us, and as a CTF community. Guidelines for participation via Discord can be found on initial login. Please register and login early and stay tuned for important announcements and opportunities to collaborate with industry peers.
Read before hacking: CTF rules and guidelines
McAfee and Trellix employees are not eligible for prizes or scoreboard placement in the public competition but are welcome to compete.
When registering, please use a valid email address, in case of password resets and contact information for prizes. We will not store or save any email addresses or contact you for any non-contest-related reasons.
Please wait until the contest ends to release any solutions publicly.
While cooperation is okay in limited form, sharing of flags or providing the challenge hints to other teams is cheating. Please help us keep this contest a challenge for all! When collaborating with other teams, general hints or strategies are okay, but please don’t ruin the competition for others.
Attacking the Platform
Please refrain from attacking the competition infrastructure, as this will lead to expulsion from the CTF. If you experience any difficulties with the infrastructure itself, questions can be directed to the ATR team via Discord. ATR will not provide any additional hints, feedback, or clues.
Sabotaging or otherwise impeding other teams is strictly prohibited and will result in expulsion from the CTF.
No brute forcing of challenge flags/keys against the scoring site is accepted or required to solve the challenges. You may perform brute force attacks, if necessary, on your own endpoint to determine a solution if needed. If you’re not sure what constitutes a brute force attack, please feel free to contact us.
DoSing the Capture–the–Flag (CTF) platform or any of the challenges is forbidden.
Looking for a little extra help?
Find here a list of useful tools and techniques for CTF competitions. While it’s not exhaustive or tailored explicitly to this contest, it should be a useful starting point to learn and understand the tools required for various challenges.
Many of these challenges are designed with Linux end-users in mind. However, if you are a Windows user, Windows 10+ has a Linux subsystem called ‘WSL’ that can be useful. Alternatively, a Virtual Machine can be configured with any flavor of Linux desired and should work for most purposes.
See https://github.com/dkmcgrath/Tools-and-Tips/blob/main/windows_and_mac.md for details on how to install useful Linux tools on both macOS and Windows machines.
While it may be difficult for us to respond to emails, we will do our best – please use the email address below to reach us with infrastructure problems, errors with challenges/flag submissions, etc. We are likely unable to respond to general questions on solving challenges. You can also reach us directly via Discord.
How much do you know about Trellix’s industry-leading research team?
ATR is a team of security researchers that deliver cutting-edge vulnerability and malware research, red teaming, operational intelligence and more! Take a look at the ATR website to learn more about the team and some of its research highlights.
General Release Statement
By participating in the contest, you agree to be bound to the Official Rules and to release Trellix and its employees, and the hosting organization from any and all liability, claims or actions of any kind whatsoever for injuries, damages or losses to persons and property which may be sustained in connection with the contest. You acknowledge and agree that Trellix et al is not responsible for technical, hardware or software failures, or other errors or problems which may occur in connection with the contest. By participating you allow us to publish your name. The collection and use of personal information from participants will be governed by the Privacy Notice.
Mar 15, 2023
Trustwave and Trellix Announce Strategic Partnership to Deliver Best-in-Class Managed Detection and Response to Protect Global Organizations
Feb 22, 2023
Trellix Finds LockBit Ransomware Gang Most Apt to Leak Stolen Data
Feb 8, 2023
Trellix Launches Xtend Global Channel Partner Program
Feb 6, 2023
President Biden Names Bryan Palma to National Security Telecommunications Advisory Committee
Jan 17, 2023
Trellix Endpoint Scores 100% Detection with Zero False Positives in Latest SE Labs Endpoint Security Test
The latest from our newsroom
The Bug Report – January 2023 Edition
By Jesse Chick · February 1, 2023
January began with a headache on a Sunday morning and, if you happen to be on the receiving end of this month's remote code excitement, it ended with one, too.
Cyberattacks Targeting Ukraine Increase at End of 2022
By Daksh Kapur, Tomer Shloman, Robert Venal and John Fokker · January 24, 2023
From malicious email and URLs to nation-state backed use of malware, cyberactivity continues to accompany kinetic military activity and social discontent.
Trellix to Lead the XDR Market
By Daniel Ramos · December 19, 2022
Recognition by the analytical firms and peer review programs in all the main XDR front-end components including EDR, NDR, SEG, CWWP, and DLP.
Get the latest
We’re no strangers to cybersecurity. But we are a new company.
Stay up to date as we evolve.
Zero spam. Unsubscribe at any time.