On January 25th, with the help of many volunteers, we hosted the first Mozilla Capture The Flag (CTF). The Mozilla CTF will be a recurring security event, although we are not yet prepared to announce when the next iteration will be. CTF participants competed against each other trying to research flaws, exploit vulnerabilities or find hidden messages embedded in different (web) applications.
The CTF consisted of 22 challenges. Most challenges involved little hacking experience to present newcomers a low bar to overcome.
The covered topics included reverse engineering, cryptography, web application hacking, exploitation and trivia.
We had 211 teams participating from all over the world, of which 119 stole at least one flag. Many teams consisted of small groups up to 5 people.
The overall traffic amounted to 11 GiB and our servers handled it quite well
Within 24 hours, every challenge got solved. We had a close fight for the first place with LeetMore ending up on first and Eindbazen on second place, being only 4 points apart by having solved everything. You can see some nice graphs about the standings and how they evolved throughout the CTF. A lot of teams performed well and many did a great job to sum up all the tasks and their solutions.
Besides all the hacking, we also had a fun challenge where people were supposed to dress up in a swim-suit.
Fortunately, no serious security flaws were misused to break other people’s experience and we hope that everybody had a safe ride 😉 Ultimately we would like to thank all the participants for making this event so enjoyable!