Introduction to CTFs
New to CTFs? Looking to participate in one? Check out this article.
Ryan Gordon avatar
Written by Ryan Gordon
Updated over a week ago

What is a CTF?

A CTF (aka Capture the Flag) is a competition where teams or individuals have to solve several Challenges. The one that solves/collects most flags the fastest wins the competition.

Once each Challenge has been solved successfully, the user will find a flag within the Challenge that is proof of completion. Submitting this flag will award the team with a set amount of points. Often, if a team is the first to complete a Challenge and submit a flag, they will earn what is called a Blood (short for first blood), and this will award additional points.

At the end of the CTF, teams will be ranked by how many points they have acquired, and the team with the most points will place 1st in the CTF.

Types of CTF Content

Content on the CTF Platform is broken up into two primary types. The first type of content is Boxes / Machines, which can be found under the Fullpwn category. These work the same way Boxes do on the Main Platform; they are full-fledged virtual machines that require a VPN connection to access.

Docker Instances, the second kind of content, accounts for all other categories. This type of content functions the same way Challenges do on the Main Platform; a Docker instance is spawned, and you are given an IP and port to access it on.

These Docker instances use a public IP, and thus no VPN connection is required.

Spawning Boxes / Machines

To spawn a Box, click on the its name in the Machine List under the Fullpwn category and press Spawn Machine.

[video-to-gif output image]

Whenever someone on a Team spawns a Box, a notification will be sent to all Team Members. This will include both the name of the Box and the teammate who spawned it. All members of a Team share the same instance spawned Boxes.

Once the Box has spawned, you will be given the IP of the Box's instance. This instance is exclusive to your Team.

There is a limit to how many Boxes / Machines can be spawned by a Team at any given time, which can vary depending on the CTF. If you attempt to spawn an additional Box after you have already reached this limit, you'll receive an error.

After a Box has been spawned, you'll have the ability to Reset or Terminate it if you choose.

Spawning a Docker Instance

Spawning a Docker Instance is similar to spawning a Box. Navigate to the Challenge you'd like to spawn, and press the Spawn Docker button.

[video-to-gif output image]

Once it's been spawned, you'll be given an IP and Port. This IP address is public, meaning it can be accessed without the need for a VPN connection. Docker instances are only accessible at the port specified and will not respond to a ping, so keep that in mind.

Just as with Boxes, spawning a Docker will notify all team members, who will all share the same instance. However, unlike with Boxes, there is no limit on how many Dockers can be spawned at once.

Challenge Info and Downloadable Content

For some CTF content, you start with more than just the IP address of the target system. Specifically, sometimes Challenge Info and/or Downloadable Content is available.

Challenge Info

Some Challenges are accompanied by additional information, called the Challenge Info. This information is usually a brief description of the Challenge and may even hint at the technology or methods the Challenge involves.

To view any available Challenge Info, press on the description underneath the Challenge Name to expand it.

[video-to-gif output image]

Downloadable Content

Some Challenges include both a spawnable instance as well as downloadable files. In these cases, both the downloadable files and the spawnable instance are typically required to solve the Challenge.

Often, the downloadable files are a copy of the source code running on the server instance. In cases where there is no spawnable instance, the downloadable files are the Challenge.

If the downloadable zip requires a password, the password will be hackthebox

Connecting to the VPN

If you want to access content from the Fullpwn category or any other category that uses Boxes/Machines, you'll need to connect to our internal lab network using the VPN file we provide.

Downloading the VPN File

We offer our VPN in the form of OpenVPN packages, which come in the .ovpn file format. To download this VPN file, press the Connect to HTB button at the top right of the page.

[animate output image]

You'll have the option to select either Pwnbox or OpenVPN. Selecting OpenVPN will give you the option to download a file you can use to connect to our network.

Connecting with OpenVPN

Connecting to the VPN can be done easily using OpenVPN, installed on most Linux distributions (including Parrot OS).

To connect, run sudo openvpn /path/to/vpnfile.ovpn in your terminal. If you see Initialization Sequence Complete, that means OpenVPN has successfully established the connection.

For more information on troubleshooting VPN connection issues, see the dedicated article on the subject.

Click the button below for help with diagnosing connection issues!

Connecting using Pwnbox

Pwnbox is our in-browser, Parrot Security virtual machine. It comes equipped with the vast majority of tools you could ever want and makes it easy to get hacking no matter where you are or what type of hardware you have at your disposal.

Pwnbox is automatically connected to the VPN, so there is no need to worry about manually connecting.

You can connect to Pwnbox from the same VPN Selection Menu you found OpenVPN.

[video-to-gif output image]

Once you've spawned Pwnbox, you'll be able to work from within it the same way you would any other VM.

The Scoreboard

If you'd like to see your Team's place in the CTF or which teams are claiming the top spot, you can view the Scoreboard. Press the Scoreboard at the top of the page.

[video-to-gif output image]

Did this answer your question?