Skip to content
This repository has been archived by the owner on Oct 20, 2022. It is now read-only.

Latest commit

 

History

History
141 lines (96 loc) · 5.8 KB

CONTRIBUTING.md

File metadata and controls

141 lines (96 loc) · 5.8 KB

Contributions to UnitedCTF 2022

First of all, thank you for willing to contribute in making this event a memorable one.

Quick start

  1. Fork the repository.

  2. Clone the forked repository:

git clone https://github.com/${your_username}/UnitedCTF-2022
  1. Configure upstream repository:
git remote add upstream https://github.com/hfz1337/UnitedCTF-2022.git
  1. Make sure to fetch from upstream first:
git pull upstream master
git push origin master # to update your remote fork
  1. Make a separate branch:
git checkout -b add-{category_name}-{challenge_name}
  1. Make changes locally.

  2. Add the affected files:

git add category/challenge-name
  1. Commit your changes:
git commit
  1. Push your changes:
git push origin add-category-challenge-name
  1. Make a pull request on Github.

Important note

Always pull from upstream before starting to make your local changes :

git checkout master
git pull upstream master
git push origin master # to update your remote fork

How to contribute

You can contribute in many different ways:

Design a CTF challenge

You got a nice idea of a challenge that you want to add to the repository? Great, but before you do so, please consider some rules and guidelines first:

  • Quality of the challenge: Do's & Don'ts:

    • Don't plagiarize and submit challenges from past CTF contests, your challenge should be authentic. Instead, you can get some inspiration from them.
    • Don't make a challenge that involves:
      • Guessing
      • Excessive brute forcing
      • Use of publicly available exploits (CVEs)
    • Don't use spaces in directory and filenames, use dashes (-) or (exclusive) underscores (_) instead.
    • Do create a separate directory for your challenge with a coherent name, and put it inside the appropriate category folder.
    • Do initialize each challenge with a README.md file and a challenge.yml file (to make its deployment easier with ctfcli).
    • Do create a solution directory in your challenge's directory with a README.md in it. (this is where you put your write-up)
    • Do write clean code for your challenge source code, this is highly appreciated.
    • Do make a fun challenge that will teach or remind the player about an important concept.
    • Do be creative in your challenge name, description and flag. The flag should be related to the challenge in some way.
  • Submitting your challenge: If your challenge respects the previous section, here's how to submit it:

    • Make a separate branch with a coherent name. (e.g. add-{category_name}-{challenge_name})
    • Commit and push the changes to the forked repository.
    • Open up a PR (Pull Request) so the challenge gets reviewed and tested before being merged to the main branch.
  • Optional: You can make work easier for us by:

    • Dockerizing your challenge. (mainly if it is a pwn or web challenge)
    • Testing your challenge and making sure it works as intended and there's no easy unintended solution.
    • Making a write-up for the intended solution you had in mind while designing the challenge:
      • It should be written in markdown.
      • It should be put in the solution/README.md file of the challenge.

Here's a table describing the impact of the amount of work and inspiration on the quality of a challenge:

Tasks that need ⬇️+➡️ are little work some work a lot of work too much work
little inspiration Very easy Relaxing/Disappointing Uninteresting Boring
some inspiration Easy/Satisfying Fun Exhausting Frustrating
a lot of inspiration Surprising/Insightful Challenging Very hard Very frustrating
too much inspiration Guessy Frustrating Very frustrating Unreasonable

Source: ctf-design page 10.

Suggest a challenge idea

If you have a great challenge idea but don't have the chance to make it, it's fine! You can still suggest the idea so other contributors take it, enhance it and make a challenge out of it.
To do so, open up a new issue and set the title to: "challenge idea: brief description of the idea", in the description, describe your challenge idea in details.

Dockerize challenges

In case there are challenges that need be run inside a container but didn't get dockerized yet, you can write a Dockerfile for them and submit your PR.

Enhancements

Review other contributors' challenges and suggest improvements for them, for example:

  • Cleaning, refactoring and reformatting the source code.
  • Fixing bugs in the challenge.
  • Other enhancements you judge being helpful.

Challenge testing and write-ups

You can also contribute by testing challenges. To do so, you would have to deploy the challenge locally and solve it in black box, as if you were a CTF player who doesn't have access to the source code. After solving the challenge, submit a write-up for it in markdown syntax to be integrated in this repository.

Other contributions

Any other way of contributing that comes into your mind!

Thank you!

At the end, I want to say thank you again to everyone willing to contribute to this event, you're the best!