This weekend we participated in the annual CSAW CTF hosted by NYU-Poly. PPP actually participated as three separate teams — two teams of four undergraduates, and one team of any one else who was interested (mostly a few grad students). This was the very first competition that a few of our members have participated in, so we were thankful everyone at NYU-Poly made such a fun competition.
CSAW was a grueling, 48-hour competition, with a lot of great teams from across the US as well as other countries. However, at the close of the competition, all three of the PPP teams managed to place in the top 10 spots! (note: this is before awarding any possible bonus points)
Our ppp1 team, which won first place at CSAW last year, managed to get first place in the prequals this year, beating our good friends Nibbles by only a few points. The second undergrad team and graduate/miscellaneous teams also were able to earn the ninth and tenth places overall, respectively.
We had a lot of really interesting challenges in this competition, including creating some exploits for Windows Internet Explorer, a new type of challenges called “Recon”, and some cross site scripting exploits. Even after two days of working, there were still challenges left unsolved.
Everyone had a great time participating, and learned a few cool new tricks. We look forward to representing PPP against some other great teams at the final round of CSAW at the end of October! A graph (created by StalkR, from the French team Nibbles) of scores at the end of the competition can be found here (note that these are scores at the end of the 48 hour period, and may not factor in bonus points).