Welcome to the End of the World (EotW) CTF, a basic cybersecurity competition themed around an AI regime resistance movement. This CTF was designed for SS CASE IT Cyber Security Society in Islamabad, featuring 23 challenging problems across multiple cybersecurity domains.
In this dystopian scenario, an oppressive AI regime has taken control, and you play as 0x4m4, a skilled hacker leading the resistance movement. Your mission is to infiltrate their systems, extract critical intelligence, and help bring down their digital infrastructure.
- Event: End of the World Capture the Flag Competition by Sir Syed C@SE Institute of Technology Cyber Security Society
- Technical & Event Sponsor: Muhammad Osama | 0x4m4 | contact@0x4m4.com
- Location: Islamabad, Pakistan
- Date: May 27, 2025
- Theme: AI Regime vs. Resistance Movement
- Total Challenges: 23
- Flag Format:
sscit{...}
Buffer overflow and binary exploitation challenges targeting AI regime mainframes.
Web application security challenges involving AI regime monitoring systems.
Binary analysis and algorithm reversal of AI regime security systems.
Cryptographic analysis and hidden message extraction from regime communications.
Investigation of AI regime digital evidence and system artifacts.
- Difficulty: Easy
- Points: 100
- Description: Buffer overflow in AI regime mainframe login system
- Skills: Buffer overflow, Return address overwrite, GDB debugging
- Flag:
sscit{h4ck1ng_th3_m41nfr4m3_r3s1st4nc3_w1ll_pr3v41l}
- Difficulty: Easy
- Points: 150
- Description: Terminal access control bypass through buffer overflow
- Skills: Stack-based buffer overflow, Function redirection
- Flag:
sscit{r3s1st4nc3_h4ck3d_th3_m41nfr4m3_4nd_br0k3_fr33}
- Difficulty: Medium
- Points: 200
- Description: Server-Side Template Injection in AI regime data analysis system
- Skills: SSTI, Flask/Jinja2, Admin panel access
- Flag:
sscit{t3mpl4t3_1nj3ct10n_3xp0s3s_r3g1m3_s3cr3ts} - URL:
challs.0x4m4.com:8081
- Difficulty: Medium
- Points: 200
- Description: SQL injection in AI regime surveillance database
- Skills: SQL injection, SQLite, Database enumeration
- Flag:
sscit{SQL_1nj3ct10n_r3v34ls_h1dd3n_syst3m_s3cr3ts} - URL:
challs.0x4m4.com:8002
- Difficulty: Medium
- Points: 200
- Description: HTTP header analysis and flag reconstruction
- Skills: HTTP headers, Burp Suite, Traffic interception
- Flag:
sscit{h1dd3n_1n_pl41n_s1ght_4cr0ss_http_h34d3rs} - URL:
challs.0x4m4.com:8003
- Difficulty: Easy
- Points: 100
- Description: Source code analysis and Base64 decoding
- Skills: Source code review, Base64 decoding, JavaScript analysis
- Flag:
sscit{h1dd3n_c0d3_1s_n0t_s3cur3_js0n_s3crets} - URL:
challs.0x4m4.com:8001
- Difficulty: Medium
- Points: 200
- Description: Position-dependent Caesar cipher algorithm analysis
- Skills: Algorithm analysis, Caesar cipher, Binary reverse engineering
- Flag:
sscit{r3v3r53_4lg0r1thm}
- Difficulty: Easy
- Points: 100
- Description: Hardcoded password discovery in binary
- Skills: Strings analysis, Static analysis, Password extraction
- Flag:
sscit{b4ckd00r_4cc3ss_gr4nt3d}
- Difficulty: Medium
- Points: 200
- Description: Obfuscated Python algorithm reverse engineering
- Skills: Code deobfuscation, Mathematical analysis, Algorithm reversal
- Flag:
sscit{n3ur4l_c1ph3r_br34k3r}
- Difficulty: Medium
- Points: 200
- Description: XOR encryption analysis with network service backdoor
- Skills: XOR cryptanalysis, Network services, Binary analysis
- Flag:
sscit{x0r_1s_r3v3rs1bl3_w1th_kn0wn_pl41nt3xt} - URL:
challs.0x4m4.com:1337
11. Hidden Signal
- Difficulty: Easy
- Points: 100
- Description: Steganography in JPEG image using steghide
- Skills: Steganography, steghide, Image analysis
- Flag:
sscit{h1dd3n_s1gn4l_1n_th3_n01s3}
- Difficulty: Easy
- Points: 100
- Description: ROT13 Caesar cipher with multiple encoding layers
- Skills: ROT13, Caesar cipher, Hex decoding
- Flag:
sscit{r0t4t10n_1s_n0t_s3cur3}
- Difficulty: Medium
- Points: 200
- Description: Advanced steganography challenge with hidden data in PNG image
- Skills: Advanced steganography, Image analysis, Data extraction
- Flag:
sscit{sh4d0w_c1ph3r_h1dd3n_1n_p1x3ls}
- Difficulty: Hard
- Points: 300
- Description: Disk image analysis with multiple hidden partitions
- Skills: Disk forensics, Partition analysis, File recovery
- Flag:
sscit{h1dd3n_p4rt1t10ns_r3v34l_s3cr3t_d00rs}
- Difficulty: Medium
- Points: 200
- Description: Memory dump analysis of AI drone systems
- Skills: Memory forensics, String extraction, File carving
- Flag:
sscit{m3m0ry_n3v3r_f0rg3ts_wh4t_y0u_w4nt_h1dd3n}
- Difficulty: Hard
- Points: 300
- Description: PCAP analysis with fragmented flag across protocols
- Skills: Network forensics, PCAP analysis, Protocol analysis
- Flag:
sscit{w1r3sh4rk_n3v3r_m1ss3s_th3_p4ck3ts}
- Difficulty: Medium
- Points: 200
- Description: Corrupted file analysis and data recovery from regime communications
- Skills: File analysis, Data recovery, Hex analysis, Corruption repair
- Flag:
sscit{h1dd3n_1n_pl41n_s1ght_tr4nsm1ss10n}
- Docker and Docker Compose
- Python 3.8+
- Basic cybersecurity tools (Burp Suite, Wireshark, etc.)
- Linux environment (recommended)
EotW_CTF/
βββ Challenges/
βββ crypto_stego/ # Cryptography & Steganography (4 challenges)
βββ digital_forensics/ # Forensics challenges (4 challenges)
βββ pwn/ # Binary exploitation (2 challenges)
βββ reverse_engineering/ # Reverse engineering (3 challenges)
βββ web_exploitation/ # Web security (4 challenges)
cd Challenges/pwn/liberation_binary/
docker-compose up -d
# Challenge will be available on localhost:9999cd Challenges/pwn/resistance_terminal/
docker-compose up -d
# Challenge will be available on localhost:9998cd Challenges/web_exploitation/data_exfiltration/
docker-compose up -d
# Access at http://localhost:8081cd Challenges/web_exploitation/regime_monitor/
docker-compose up -d
# Access at http://localhost:8002cd Challenges/web_exploitation/signal_intercept/
docker-compose up -d
# Access at http://localhost:8003cd Challenges/web_exploitation/resistance_hub/
docker-compose up -d
# Access at http://localhost:8001cd Challenges/crypto_stego/binary_oracle/
docker-compose up -d
# Service available on localhost:1337Hidden Signal
cd Challenges/crypto_stego/hidden_signal/
# Use steghide to extract hidden data from surveillance.jpg
steghide extract -sf surveillance.jpgcd Challenges/crypto_stego/regime_rotation/
# Analyze encrypted_message.txt and related filescd Challenges/crypto_stego/shadow_cipher/
# Analyze shadow.png for hidden data
# Use advanced steganography tools and techniquescd Challenges/reverse_engineering/algorithm_reversal/
# Analyze the algorithm_reversal binary
./algorithm_reversalcd Challenges/reverse_engineering/binary_backdoor/
# Analyze the backdoor binary
strings backdoor
./backdoorcd Challenges/reverse_engineering/neural_cipher_machine/
# Analyze cipher_machine.py
python3 cipher_machine.pycd Challenges/digital_forensics/ai_command_center/
# Analyze ai_server_disk.img using forensics tools
# Use tools like: mmls, fls, icat, strings, etc.cd Challenges/digital_forensics/memory_remnants/
# Analyze drone_memory.bin
strings drone_memory.bin
xxd drone_memory.bin | head -20cd Challenges/digital_forensics/network_intercept/
tar -xzf network_intercept.tar.gz
# Analyze the PCAP file with Wireshark or tsharkcd Challenges/digital_forensics/intercepted_transmission/
# Analyze corrupted files and transmission data
# Files: ai_regime_memo.txt, corrupted_header.bin, transmission_23467.dat- Burp Suite - Web application testing
- Wireshark/tshark - Network analysis
- GDB - Binary debugging
- Python 3 - Scripting and analysis
- Docker - Container management
- The Sleuth Kit (TSK) - Disk analysis
- Volatility - Memory analysis
- binwalk - Firmware analysis
- steghide - Steganography
- strings - String extraction
- xxd/hexdump - Hex analysis
- Ghidra - Binary analysis
- radare2 - Reverse engineering framework
- objdump - Object file analysis
- strace/ltrace - System call tracing
- steghide - Hide/extract data in images
- stegsolve - Image analysis
- zsteg - PNG/BMP steganography
- exiftool - Metadata analysis
Each challenge includes a detailed writeup explaining:
- Challenge analysis and reconnaissance
- Vulnerability identification
- Exploitation techniques
- Alternative solution methods
- Security implications and prevention
Writeups are located in each challenge directory as *_writeup.md files.
This CTF is designed to teach basics of:
- Buffer overflow exploitation
- Web application security testing
- Reverse engineering techniques
- Cryptographic analysis
- Digital forensics investigation
- Network traffic analysis
- Advanced steganography
- Secure coding practices
- Defense in depth
- Incident response
- Threat modeling
- Risk assessment
- The Resistance Hub
- Hidden Signal
- Regime Rotation
- Binary Backdoor
- Data Exfiltration
- Regime Monitor
- Signal Intercept
- Algorithm Reversal
- Neural Cipher Machine
- Shadow Cipher
- Memory Remnants
- Intercepted Transmission
- AI Command Center
- Network Intercept
- Liberation Binary
- Resistance Terminal
- Binary Oracle
- SS CASE IT Cyber Security Society - For hosting this cybersecurity competition
- 0x4m4 - Challenge design and development
- Resistance Community - Testing and feedback
- Open Source Tools - Making cybersecurity education accessible
- Blog: 0x4m4.com
- GitHub: Github
- Email: contact@0x4m4.com
Remember: The resistance depends on your skills. Every system compromised brings us closer to freedom. Good luck, hacker.
"In a world controlled by AI, the only way to fight back is with superior hacking skills and unwavering determination." - 0x4m4