HackBack was our first UK University capture the flag (CTF) event that took place on March 9th. 16 Universities took part and we had over 200 participants on the day.
The CTF event involved Universities getting into teams of four to solve security questions designed for all skill sets. The categories for the event are below:
- Web Exploitation
- Reverse Engineering
Every University hosts a room at their own facility for the students involved. We pre-sent every University a pack of stickers and in some cases a tshirt for the organiser.
HackBack was luck enough to been sponsored by three amazing companies
Context Information Security - Is a cyber security consultancy that employs some of the best in the industry. Provided funding for the prizes, swag and event fees.
Sticker Mule - Is a custom sticker company that has delivered over 30,000 stickers worldwide. Provided the TryHackMe stickers.
Crowdstrike - Is a cybersecurity technology company that has customers in more than 170 countries. Provided accelerated interviews for summer internships.
It was because of these companies we were able to run the event and give away prizes/swag.
Every event has its hiccups and ours was that our livestream wouldn’t work at the beginning of the event. However we managed to get something working for the end. We had hoped every University would have live streamed their students hacking away. Watch from 11:08.
The next HackBack
As the event was so successful we have decided to run it again this October!
After HackBack had finished, we were overwhelmed by the amount of users that were affected by our event. It makes the hundereds of hours we put into making the platform and HackBack challenges all worth it. A few mentionable comments are below:
Congratulations to Sheffield University who won!
Below is the University of Portsmouth hard at work!
On the same day as HackBack, we ran an event for CyberReady. At one point our platform was handling over 400 users concurrently and running over 250 vulnerable machines!
Below is a digital poster I created to have pinned up at Unviersities.
We have listed some improvements for our next HackBack event in October.
- Team accounts could only deploy one machine at a time.
- Make the machines expiry dates more clear on the day.
- Have users download their personal OpenVPN config file, as the team one will not work with more than one user.
- Have a working live stream and give instructions to what accounts to log in with.
- Pre-send instructions to all users.
- Change question clarity and stop Yes/No type questions
A final message
I am truely proud of how HackBack turned out. We loved creating this and the participants loved it even more it seemed. Our next event will be even better… bring on HackBack October!
If you are interested in completing the challenges set on the day, check it out: tryhackme.com/room/hackback2019.