CyberCX Hackathon 2020 Reflections

I participated in the CyberCX Hackathon 2020 on 20th. It was a one-day CTF event focused on web-based challenges. I chose the easier Shadow Bank challenge and finished in 24th.

Although it was a web-based one but it also included some crypto and OSINT. I did better than my expectations considering I did not do any preparations beforehand. Due to some restrictions I cannot share the exact solutions here. Overall I had fun. I loved the crypto and the OSINT part, however, for the web part, SQL injections and XSS (Cross Site Scripting) problems took a big part in this event and my knowledge to both these fields are not enough. I believe pentesterLab is a good resource and I aim to study from them.

Some old problems that my first CTF event had are still persist in this event. Mainly the “work” environment and teams. I do not feel like work in a virtual machine so I still haven’t get myself familiar with Kali. I guess in the end I still need to use Kali. Because all the hacking stuff, although it is permitted by the organisers should be performed in an isolated environment. As for the team part, I don’t know, I’m still kind having social problems. I will to keep looking for a team or some teammates.