Stripe: Capture the Flag – Complete

Just completed the Stripe: Capture the Flag security challenge!! It was good fun, involved groking JavaScript, PHP, Python and Ruby code and figuring out attack vectors to proceed through the levels. It was a good mix of XSS, CSRF, SQL Injection, Crypto and Side Channel attacks.

All the tinkering and reading I keep doing helped a lot as I had local environments on which I could easily setup the test code and play around with. I learned 100x more by doing this challenge than I ever did by reading through a lot of security books and articles.

Overall, I thought the contest was very well organized and run, the level of hardness was just right for this challenge and the staff from Stripe were very active in the forums and were prompt with support on technical issues. Kudos to them.

Screenshot of CTF complete
  • satellite phone

    wow, that’s quite a
    challenge I don’t think I can make if I were in your position, congrats!

  • iridium 9555

    that’s good for you, this challenge is too tough for me right now.

    http://www.satellitephonesales.com.au/