CyberMazeV3

Table of Contents

• CyberMazeV3
  • Table of Contents
  • Event description
  • Back story
  • Planning
  • Platform
  • Tech Team

Event description

"CyberMaze" is a cybersecurity contest where participants must tackle a variety of cybersecurity puzzles and challenges scattered throughout the "Iset'com" environment. For this year's edition, we have selected the theme of "Harry Potter."

Back story

Back in 2020 Aziz NEFZI proposed this idea were players solve cyber-security like puzzles found around our university, back then Corona was at its peak, so we embraced the idea but postponed it until 2021, and we hosted the first edition, it wasn't that big of a deal, but we, and people who came, ejoyed the event, 2022 edition was themed "One Piece", and we started building tasks around the theme, this year(2023), we even decorated the platform(CTFd) around the theme.

Even the food was around the theme:

Planning

The hardest part of the whole event is this one, making a plan for the tasks and categories, we agreed on making 6 categories, one for the welcome task, one for the final task, and 4 others, one for each house so we ended up with those 6 :

• Welcome
  Image Not Showing Possible Reasons

  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported

  Learn More →
• Gryffindor
  Image Not Showing Possible Reasons

  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported

  Learn More →
• Slytherin
  Image Not Showing Possible Reasons

  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported

  Learn More →
• Ravenclaw 🦅
• Hufflepuff 🦡
• Final Task
  Image Not Showing Possible Reasons

  • The image file may be corrupted
  • The server hosting the image is unavailable
  • The image path is incorrect
  • The image format is not supported

  Learn More →

Each category had a mixture of 2 or more CTF categories(rev, pwn, foren, web,etc…).
Each and every category had Tasks following this layout :

For us, it went like this:

• Welcome : had only one task included which was a "welcome task" providing a domain welcome.events-spark.tech and a port 1337, using the netcat command, a script executes welcome.sh, this is what you get:

The link at the end takes you to CyberMazeV3 CheatSheet

It also provides a themed map for "Iset'com", which helps in other tasks :

• Gryffindor : as for the tasks found on this category they were mainly a mixture between WEB and OSINT.
• Slytherin : The challs on this category were mainly REV and PWN.
• Ravenclaw : This category had Foren and Crypto.
• Hufflepuff : It was all MISC(firmware, logic, etc…)
• Final Task : After solving all the challs in all the categories, a final task would show up, each category provide a bonus task that has an image, which is an item the creator of the club had left(Gryffindor's Sword, Slytherin's Locket, Hufflepuff's Cup and Ravenclaw's Diadem). Uploading the images in the right order would return the flag.

Platform

We Created a custom CTFd Theme around Harry Potter and It Looked Great :

Tech Team

The team behind all of the technical aspects of the event :

• Mohamed Amin ROUISSI
• Bilel YAAKOUBI
• Ahmed Amin DERBALI
• Nadhir ZOGHLAMI
• Mohamed Amine OUERFELLI
• Mohamed Malek WERTATANI
• Mohamed Ali KAABI
• Baha Ben OTHMAN
• Dhia LABIEDH
• Ayoub FDHILA

tags: CyberMaze CTF Engineers Spark