National Cyber League Overview

Over the last 6 weeks, I have competed in National Cyber League Fall Pilot.  This is the second pilot they have run.  This pilot was focused around individual challenges which made it very interesting.  It can be difficult to create a team of people with similar devotion to a challenge.

National Cyber League was broken in 3 – 3 hour rounds each separated by 2 weeks and a different focus.

Round 1: Capture the flag: 23 flags spread among 6 targets, 20% weight
Due to connection issues, only worth 20 weighted points per flag.
Max Weighted Score: 460
Max Participant Score: 300

Round 2: Logfile Analysis: 50 flags spread among 5 log files, 30% weight
Max unweighted Score: 30,000 total
Max Weighted Score: 9,000
Max Participant Score: 8,070

Round 3: Crypotgraphy: 25 flags including a chunk of challenges not yet solved, 50% weight
Max unweighted Score: 40,000 total
Max Weighted Score: 20,000
Max Participant Score: 6,250

550 students from 85 two/four year schools in 27 states signed up to be in the Fall Pilot. The top 10 participants from each of the 3 regions move on to a championship round: Eastern, Midwest and Western Regions.

Championship Round: : Mixed Topics: 25 flags spread among 6 categories

  • Web Exploitation – 7 flags totaling 13,000 points
  • Network Data Analysis – 5 flags totaling 7,500 points
  • Linux Passwords – 3 flags totaling 6,000 points
  • Basic Cryptography – 3 flags totaling 1,900 points
  • Advanced Cryptography – 2 flags totaling 10,000 points
  • Steganography – 5 flags totaling 6,600 points

Final Order is determined by Score then Accuracy then Time.

This challenge was a lot of fun and made me realize some areas that I really need to improve in. They announced they would publish official write-ups on how to solve the problems, but they have yet to be released. In the meantime and in the spirit of showing different methods fellow participants came up with, I am posting a few solutions to challenges from myself and people I met to help people in the meantime.

Leave a Reply

Your email address will not be published. Required fields are marked *