跳转至

History

EN | ZH > The content of this column is taken from the public video "The Past, Present and Future of CTF" by Teacher Zhuge Jianwei in the Spring Festival.

Origin of CTF

The predecessor of CTF is the game of network technology competition between traditional hackers, which originated in the fourth DEFCON in 1996.

Early CTF Competition

The first CTF competition (1996-2001) Years), there are no clear rules of the game, no professional competition platform and environment. The target team prepares the game goals (the game targets they prepare themselves defend themselves and try to break the game goals provided by the opponent). Most of the organizers are just some non-professional volunteers, accepting the team to request manual scoring.

There is no background automatic system support and referee technical ability identification, scoring delays and errors, as well as unreliable network and improper configuration, resulting in great controversy and dissatisfaction.

"Modern" CTF Competition

The professional team will undertake the competition platform, proposition, event organization and automatic integration system. The participating teams are required to submit an application for participation and will be selected by the organizers of the DEFCON meeting.

For the three-year DEFCON CTF competition organized by LegitBS, the following salient features:

  • The game focuses on the core capabilities of the underlying computer and system security, and the web vulnerability attack and defense skills are completely ignored.
  • The competition environment tends to be a multi-CPU instruction architecture set, multiple operating systems, and multiple programming languages.
  • Adopt the "Zero sum" scoring rule.
  • Team Comprehensive Capabilities: Reverse analysis, vulnerability mining, exploits, vulnerability patching, network traffic analysis, system security operations, and security-oriented programming debugging.

评论