Welcome to the Disarray CTF!
This is a jeopardy-style CTF for all ages and devices. Challenges solvable with a smart phone are marked with a phone logo ☎️.
The CTF runs on Sunday from 09:30 to 17:00. Winners will be announced during the closing ceremony.
To participate, recruit a team of 1-3 players and sign up at the CTF table in the conference room. Create your personal and team accounts on the CTF platform at http://disarray.ctf or http://192.168.88.100 if our DNS server fails.
CTF Network access is with WiFi. Wired connections are also available, but space is limited. The network is isolated from other systems and the internet. Our network capacity is also limited, so keep your brute forcing to minimum. Some QoS may be applied to your packets.
As always, the only acceptable targets are those defined in the CTF Challenges. All challenges besides the LLMs will be at ip 192.168.88.100, ports above 1023. You will receive the relevant port number when you activate the challenge. The LLMs will be at ip 192.168.88.101, port 80.
DO NOT attack the CTF platform, networking gear, server administration interfaces and most importantly, any Viking Line systems!
We will help with any investigation to transgressions against Viking Line to full extent.
All flags are in the format DISA{….}.
Please remember that internet connectivity will be limited during the cruise. Some useful tools are available in the Downloads section of the CTF. We also have additional hints for some challenges that you can use in place of your usual Google-fu.
If you want to come prepared, make sure that you have access to these tools (or better replacements):
- Audacity
- BMCTools
- CyberChef
- Ghidra
- Gobuster
- Hashcat
- Poppler-utils
- RDPCacheStitcher
- Steghide