GreyCTF 2022: Event Summary + Catching Up with the Student Leaders of Greyhats

Early this year in June, NCL and NUS Greyhats had the pleasure of organizing GreyCTF 2022. The event was sponsored by CSA, Guardrails and Ensign Infosecurity. The online qualifiers ran from 6 June to 10 June, while the finals ran from 18 June to 19 June. Over 354 participants took part in the online qualifiers, while 10 local teams fought their way to the finals, held at NUS i4.

<Finalists, organisers and sponsors>

The event was kicked off with speeches by representatives from sponsors CSA, Guardrails. Participants were then ushered to their respective allocated meeting rooms and the competition commenced. Following an intensive competition which ended the following day, the winning teams were finalized. All teams gathered for the prize ceremony, where representatives from Ensign Infosecurity closed the event with a motivational speech to all participants. The winners were presented prizes and all participants enjoyed a buffet spread prepared for them.

<Ms. Christine Wee – CSA>

<Mr. Stefan Streichsbier, CEO – Guardrails>

<Mr. Seow Chun Yong, Consultant (Cyber Adversarial Emulation) – Ensign InfoSecurity>

<1st Place - Catssg>

<2nd Place - Nushmallows>

<3rd Place - Stranglehold>

<All Winners, 1^st to 3^rd Place – Catssg, Nushmallows, Stranglehold>

Following the successful run of this competition, we caught up with Greyhats president Kel Zin and advisory member Daniel, and they shared their experience in leading and organizing the competition this year. They also offered some advice to students who may be interested in organizing their own CTF events.

Read on for this short Q&A with Kel Zin and Daniel.

1.       Was this your first time organizing a CTF competition?

Kel Zin: No if you take account of online CTF, yes if I only consider physical CTF. Before GreyCTF, I participated in the organizing team of Welcome CTF 2021 and CS2107 Assignment CTF. Both of them are completely virtual and only involve NUS students. GreyCTF is the largest CTF that I have ever organized.

 

Daniel: It wasn't our first time doing so as Greyhats as we annually organise a mini CTF for SoC freshmen. But we've never held one of such scale.

 

2.       What were some challenges you faced throughout the whole process of organizing this competition?

Kel Zin: I think the most challenging part of the competition is the lack of challenge creators.

 

GreyCTF is different compared to the previous CTF we had. It has 2 phases - the qualification and the finals. The qualifications run for about 5 days and we need many challenges to keep the players excited. The finals on the other hand need to be difficult enough to better distinguish the top 3 teams from the rest.

 

For the qualifiers, we expect to have at least 7 challenges in each category (Misc/Pwn/Web/RE/Crypto) so that will be around 35 challenges in total. Then we also plan for at least 4 challenges in each category for finals, which is 20 challenges.

 

Daniel: The toughest challenge was with handling the logistics. We started preparation quite late as we were busy with school work. During the short period of time we had left, we needed to rush the purchase of freebies like tshirts, hoodies, thumbdrives, etc. Other than that, it was also challenging to come up with enough good quality challenges for both the qualification and final round.

 

3.       What achievement from the competition were you most proud of?

Kel Zin: I am very proud that the participants recognise some of my challenges. A few international participants messaged me on discord and told me that they like my challenge! It is the most satisfying feeling ever.

Other than that, I am also very proud that we managed to complete the event despite the shortage of manpower. Although there are some hiccups here and there, I think we did a really good job for our first large-scale event. The event went pretty smoothly overall. Thank you team!

 

Daniel: I'm very proud that we could bring 30 young talents to compete with each other inside one building. As far as I know, there hasn't been any in-person local CTFs in the past 2 years since the covid outburst.

 

4.       What inspired you to create challenges in a novel and interesting way for the participants?

Kel Zin: As a frequent CTF player, I have a rough idea of what kinds of challenges are good and bad. I try to make the challenge less guessy and fun to solve. Usually, my inspiration for a challenge comes from a simple concept that I learned in class. When my prof introduced a new mathematical theory or concept, I always try to think about how these theories can be used to construct a cryptographic scheme. After the construction then I attempt to break it myself or simplify it if it is too complicated.

Other than that, sometimes I also get inspiration when I am solving other CTF questions. I will mix and match the concepts that I have learned and try to create a more interesting one for the players.

I am not too sure whether these challenges that I have created are interesting to the participants, but at least it looks pretty interesting to me!

Daniel: For myself, I like to make challenges that are relevant to things we may see in our life. So, I take inspiration from the different types of software that I use. For example, I made some challenges where a player needs to cheat in a game to get a very high score.

 

5.       Were you surprised by the participation rate?

Kel Zin: Initially I was very worried that GreyCTF has too few participants. I remember a few days before the start of the competition, there were only around 120 official teams (3 people per team). This number is quite low considering that Welcome CTF 2021 also has around 100 teams (4 people per team), which is restricted to only NUS students. However, the number starts to grow when the CTF started. Many international teams joined, and the total team number increased to around 500.

So yeah, I guess I am surprised that the number of teams was not significantly higher than Welcome CTF 2021.

 

Daniel: Not very surprised, because although quite high, it may have been lower than other CTFs.

 

6.       Do you have any words of wisdom / advice for students who may be interested in organizing such events?

Kel Zin: Start earlier, plan earlier. Find more challenge creators. Don’t do things last minute.

 

Most importantly you need to have passion for CTF!

 

Daniel: The obvious advice would be to start preparing early. Other than that, I strongly recommend organizers to stand in the shoes of the players when creating challenges, to think from the perspective of a player, what would they learn from this challenge, and whether the challenge is worth their time for learning this concept.

 

7.       Any words of acknowledgement for the sponsors, participants and organizing committee?

Kel Zin: I would first like to convey my appreciation to the main sponsors of the event - CSA, Guardrails, and Ensign. This event will not run so smoothly without their financial support.

 

Next, I would like to thank the team behind GreyCTF. I am really grateful to NCL for providing logistic and admin support for us. Thank you, Hannah, for being the main person of contact and helping us out throughout the event. Also, thanks to the member of Greyhats for sacrificing their summer break to organize the event.

 

Daniel: Our whole team is very grateful for our sponsors' generous support. Thanks to them, our participants had an enjoyable time during the event.

I also want to thank all participants for playing our CTF, otherwise our efforts would have been wasted!

Lastly, I'm thankful for all the hard work of my teammates from Greyhats and NCL. Everyone was busy with life but took the time to make this event a successful one.

-end-

Once again, NCL thanks all sponsors and student leaders for making this event possible!

Platinum Sponsor: CSA
Gold Sponsors: Guardrails, Ensign InfoSecurity

The Grey Cat the Flag Exco: