Thu, 16 Nov. 2023, 14:26 UTC — Sat, 16 Nov. 2024, 14:26 UTC 
On-line
A Sydbox CTF Challenge event.
Format: Jeopardy 
Official URL: https://git.sr.ht/~alip/syd#ctf-howto-sydbx-capture-the-flag-challenge
This event lasts more than 5 days! No global rating points.
Event organizers
The SydB☮x CTF Challenge is a timed competition where participants SSH into a server to read a restricted file, /etc/CTF, within 15 minutes. Basic SSH and Unix/Linux command line knowledge is required. After connecting to syd.chesswob.org with provided credentials (user/pass: syd), players explore the server, overcome permission challenges using available Unix tools, and devise creative solutions to access the file. Successful participants document their method and email their findings to claim a 100€ reward. This challenge tests and enhances cybersecurity skills in a legal, controlled environment.
There's a reward of 100€ if you manage to read the file /etc/CTF on the server and document how you did it by posting a mail to [email protected].
Hello the server keeps breaking down anytime I try to make a connection using ssh
i don't understand the rules and resources files to be able to understand the challenge and have some tools to use at least how i understand more about the features of that website and be able to solve problems and understand tools more and be more familiar with them,,,also i have another note:when i click on the link it opens the ordinary terminal or cmd of my windows and when i write it in linux with ssh cmd to connect the server it doesn't work ,can u please solve this problem
and give us some links or resources we can train and learn from them as challenges and internship ,thank you :)
can i know the content of that link in details because i didn't understand anything https://git.sr.ht/~alip/syd#ctf-howto-sydbx-capture-the-flag-challenge
Hello everyone, the link will be corrected soon but the instructions are very simple:
1. Login to the server (either https://syd.chesswob.org where there's a nodejs ssh client, or ssh directly)
2. Read the file /etc/CTF (yes contents, the sha256 checksum is :f1af8d3946546f9d3b1af4fe15f0209b2298166208d51a481cf51ac8c5f4b294)
3. Document how you did this with an e-mail to syd@chesswob.org.
Note, there is no known solution to this CTF yet. Show true UNIX hacker spirit and be the first to submit a solution!
You have 15 minutes then you'll get autologged out, you can always reconnect and carry on.
I'm sharing a couple of helpful links:
https://www.openwall.com/lists/oss-security/2024/05/20/1
https://git.sr.ht/~alip/syd/tree/main/item/doc/toctou-or-gtfo.md
https://crates.io/crates/syd
http://man.exherbolinux.org/syd.7.html
http://man.exherbolinux.org/
For full transparency, we are also going to release the sandbox profile we use for the CTF. This will make the player clearly understand what sandbox they're up against. Stay tuned for the update.
