This is a scoreboard for CTF’s. It was built to be used for the SWC site and currently doesn’t support other sites. However the intention is to decouple it from SWC and build out an admin backend that will allow it to support any CTF, complete with unique flags and sessions. The site was built for simplicity, with only two pages – a sign in page and scoreboard page. The site is written in PHP and uses AJAX calls to continually poll the database to stay updated.
This site is intended to be hacked through the exploitation of various poor (yet common) web design mistakes. The site was built during the COVID-19 lockdown as a means for me to practice my coding and give my collegues something to practice hacking. It is beginner friendly and does not require any technical exploitations to hack in (i.e. no nmap, nikto, dirbuster or any other kind of file/directory scans or bruteforcing). There are 12 flags in total – user (5 points), root (5 points) and 10 bonus flags (2 points). Users can keep track of their points on the CTF site.