CTF Scoreboard

CTF Scoreboard

This is the scoreboard script used in the NCSC-FI #tietoturvahaaste-hackathon / CTF. It’s a very simple script that you can set up to show scores in a competition. It requires a web server running PHP. Copy the files and folders to the directory that serves your webpages. Open in browser and F11 for full screen.

The folder ”’teams/”’ holds the teams and scoring. Create a text file for each team. A sample syntax looks like this:

Example Blue Team
# First line is the team name, you can use HTML.
# Subsequent lines are findings - one line per finding. Syntax is:
# score; finding; non-visible comment
# Icons: 1000 - Diamond, 500 - Trophy, 200 - Star, 100 - Heart
#
# Example: 
# 1500;SQLi in Web shop!; This is a comment.

For live scoring edit the text files under ”’teams/”’, the scoreboard will automatically refresh and show the changes at set intervals.

The easiest way to do this is to set the scoreboard machine to show a browser with the page open and ssh into it to edit the team files. You can set the competition deadline from the source file.

You can download the script from GitHub.

You might be interested in …

Daily NCSC-FI news followup 2020-10-20

Ruotsi rajaa kiinalaisyhtiöiden tekniikan pois 5G-verkostaan turvallisuuspoliisin ja puolustusvoimien suosituksesta yle.fi/uutiset/3-11603515 Ruotsi on päättänyt estää Huawein ja ZTE:n tekniikan käyttämisen maan 5G-verkkoa rakennettaessa. Kyseessä ovat kiinalaiset yhtiöt.. katso myös www.is.fi/digitoday/mobiili/art-2000006675870.html NSA: Top 25 vulnerabilities actively abused by Chinese hackers www.bleepingcomputer.com/news/security/nsa-top-25-vulnerabilities-actively-abused-by-chinese-hackers/ The U.S. National Security Agency (NSA) warns that Chinese state-sponsored hackers exploit 25 different vulnerabilities […]

Read More

Daily NCSC-FI news followup 2019-06-25

Operation Soft Cell a worldwide campaign against telecommunications providers www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers In 2018, the Cybereason Nocturnus team identified an advanced, persistent attack targeting global telecommunications providers carried out by a threat actor using tools and techniques commonly associated with the Chinese-affiliated threat actor APT10. This multi-wave attacks focused on obtaining data of specific, high-value targets and […]

Read More

Daily NCSC-FI news followup 2020-03-19

Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book blog.malwarebytes.com/social-engineering/2020/03/cybercriminals-impersonate-world-health-organization-to-distribute-fake-coronavirus-e-book/ The number of scams, threats, and malware campaigns taking advantage of public concern over the coronavirus is increasing each day. As a result, we’ve been actively monitoring emails within our spam honeypot to flag such threats and make sure our users are protected. Hackers […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.