What I learned from particpating in this year's "Aviation Capture The Flag" in Sofia
These boxes represented a 6-hour CTF challenge to 15 teams of the European Aviation stakeholders on 14th to 15th June 2023.
As part of one of the stakeholder teams I want to share my expercience with this year's challenge. Besides networking with all the other team members each of us learned a lot during our stay in Bulgaria.
The challenge itself was quite unconventional as it started with this mysterious black box containing a lot of controllers. The Capture the Flag Portal ( https://ctfd.io/) was used to enter flags and keep track of the team's progress.
Most of the box consisted of multiple different components therefore the variety of challenges was quite comprehensive. In total the following disciplines topics were covered:
- Hardware Hacking
- Penetration Testing
- IT Forensics
- Code Analysis
- OSINT
As I do not want to disclose technical details of this challenges I want to write about the lessons learned.
Competing in such a CTF is challenging. The clock is ticking and time is flying. The teams are experienced and 1 hour feels like 10 minutes. There was one break but I didn't take it. I just ensured to stay hydrated all the time to keep my brain working. We faced a good amount of pressure while seeing the other teams climbing the leader board. It was a real rollercoster. The whole challenge reminded me and some other participants of the OSCP certification. In the end it feels like a sports competition.
These are things that mattered the most for us. Some things went really well some of them can be improved.
Prepare
As soon as there is any information regarding the challenge get familiar with tools that could play a role. If the information tends to be more penetration testing-like, play Hackthebox. In the case of more blue team like hints get familiar with forensic toolsets. Practice makes perfect.
Define a team leader
Someone has to make decisions. This really depends on the working style. I was chosen as the leader but I could've done better. I tend to be too much focused which represents an issue in instructing other team members. It worked to some point but I need to improve.
Assign challanges
Challenges should be assigned to people who feel confident in tackling the challenge. This really depends on the strengths and weeknesses of each individual. Also hard challenges should be assigned to at least two members of the team.
Read the questions
Each team member should read the questions carefully. Mistakes can happen when overlooking single words.
Ask your teammates
If you're stuck ask your teammates if they have a clue. You should never stop communicating with each other. Do not overdo but do communicate.
Do not overcomplicate
Everything seems to be complicated in the beginning but in the end, everyone cooks with water. Search for obvious tracks before getting into the rabbit hole.
Do not destroy files
Create backups or dumps but be carefull while penetrating the system. Destroying files could prevent you from completing challenges.
Hydrate
If you do not drink or if you're tired you wont succeed. Your body has to work.
Do not panic
A different pace of each team is completley normal so do not panic when seeing the leaderboard. There are times your team is faster and there are times other teams are faster. It shouldn't have an impact on your teams performance. Mind your own business.
Collaborate
As this is a team challenge you can only succeed if you work together. To work together your target machine shall be accessible to everyone as quickly as possible. Make this your number one priority before continuing. In this challenge we used one laptop as a jump host to the box.
Have Fun
It's just a game. Don't take things too seriously.
In the End we placed in the upper third of the leaderboard. It was a lot of fun and I hope we can do this again in a different environment.
Special Thanks to Bulatsa and Eurocontrol for hosting this extraordinary event.