About
Under the SEL lab's supervision, the CYS club team will provide a series of CYS challenges to introduce the students to different areas in Cybersecurity to sharpen their knowledge and skills in this field. Solving each challenge will add points to the participant’s credit. The participants with high scores will get prizes and/or certificates. The faster you solve, The higher score you achieve.
For more information, check objective, target, and dates & prizes .
Current Challenge
There is no active challenge currently
Statistics
| # | Challenge | Number of Participations |
|---|---|---|
| 01 | CRYPTOGRAPHY | 50 |
| 02 | I_May_Have_Other_Faces! | 28 |
| 03 | In$p3ct | 37 |
| 04 | Crack Me, If You Can! |
17 |
| 05 | Reverse_Me! | 14 |
| 06 | Look Closer! | 16 |
| 07 | Prove Me Wrong! | 06 |
| 08 | Digital Forensics | 03 |
| 09 | What is the time? | 22 |
| 10 | Trace Your Step | 01 |
| Total | 224 | |
Winners
February 2021
| Place | Name | Campus | College |
|---|---|---|---|
| 1st | Mohammad Ziadeh | Male | CCIS |
| 2nd | Raudad Mohammad | Male | CCIS |
| 3rd | Saqib Mohammad Munir Ahmed | Male | CCIS |
| 3rd | Raghad Altawil | Female | CCIS |
March 2021
| Place | Name | Campus | College |
|---|---|---|---|
| 1st | Abdulmohsen M | Male | CCIS |
| 2nd | Saqib Mohammad Munir Ahmed | Male | CCIS |
| 3rd | Nouf Mugayel | Female | CCIS |
September 2021
| Place | Name | Campus | College |
|---|---|---|---|
| 1st | Saqib Mohammad Munir Ahmed | Male | CCIS |
November 2021
| Place | Name | Campus | College |
|---|---|---|---|
| 1st | Mansour Albader | Male | CCIS |
January 2022
| Place | Name | Campus | College |
|---|---|---|---|
| 1st | Mansour Albader | Male | CCIS |
Objective
The objective of CYS Challenges is to offer different security tips that could help PSU students and staff to protect their machines and data and provide them with some advices to secure them from becoming victims to social engineering attacks.
Target
- Participants from all fields
- Participants from CCIS fields
- Participants from the CYS field
Details
202 Semester
There are prizes per each month through 202 Semester (2 months)
In each month, the dates and prizes as follow:
| February | March | |
|---|---|---|
| Dates |
Challenge 1: 01 - 10 February 2021 Challenge 2: 11 - 20 February 2021 Challenge 3: 21 - 28 February 2021 |
Challenge 4: 01 - 10 March 2021 Challenge 5: 11 - 20 March 2021 Challenge 6: 21 - 31 March 2021 |
| Prizes |
1st: SR 200 2nd: SR 150 3rd: SR 100 |
1st: SR 200 2nd: SR 150 3rd: SR 100 |
Finally, there will be a prize of SR 500 to the person who collects the highest points throughout the three months.
The faster you solve, The higher score you achieve.
Archive
Cryptography is one of the most important branches in cybersecurity. It is basically transforming plaintexts (original data) into ciphertext (coded data) that can be decrypted and understood by only the intended people.
In this challenge, we found the following cipher code, can you break it and get back the original text? Hint : look for (pigpen cipher)
Deadline: Thursday, 17 Dec. 2020
Statistics
Guess what? A word document (docx)
may contain malicious files and extra
information that is hidden.
Can you see the actual content and extract those files? Download the file
Hint : find the message in the POINT file!
Deadline: Wednesday, 10 Feb. 2021
Solution
TheRe_i$_@lway$_an0ther_w@y!
Statistics
The Cybersecurity Team thinks that the following web page needs to be inspected!
Hint : There are three parts of the POINT!
Deadline: Saturday, 20 Feb. 2021
Solution
tru3_d3t3ct1ve_0r_ju5t_lucky?
Statistics
Can you crack the password of the following zipped file and read its content?
Hint: The cracking may take some time.
Deadline: Sunday, 28 Feb. 2021
Solution
"Well
DONE!
You succeeded to break the password.
This is because this
password is WEAK!
Make sure to use STRONG passwords "
Statistics
Your mission is to execute the Reverese_Me program and retrieve the POINT. The program asks for a password to peek the POINT.
Hint: You will need to debug (reverse) the program to get the password. Once you execute the program, other hints will follow.
Deadline: Wednesday, 10 Mar. 2021
Solution
"ea$y_R3v3rse"
Statistics
Someone hid a secret message in Plain sight in the following image. Can you find all the phrases and break the code?
Hint: This dots and dashes message was one of the oldest forms of encryption. Look carefully at the image to find the 4 different phrases. The spaces are important.
Deadline: Saturday, 20 Mar. 2021
Solution
"ELEM3NTARYMYD34RW4TS0N"
Statistics
Encryption is a technique used to ensure the secrecy of information in cyberspace. One of the well-known encryption algorithms is RSA. This algorithm is robust but can be implemented in an insecure way. Prove that you can decrypt the following ciphertext (coded) message and get the POINT.
Hint: Small prime numbers are used!
Deadline: Tuesday, 30 Mar. 2021
Solution
"cys_challenges{r$a_i$_weak}"
Statistics
Image steganography is one of the most common and essential techniques in the cybersecurity field. It is used to hide secret data within an image without being detected. The secret data is then extracted at the intended destination. On the other hand, Digital Forensics is a technology used to detect hidden data and allow you to extract it.
In this challenge, we hid a secret image within another cover image. Can you (1) Find the marker position of the hidden image and (2) extract the hidden image embedded on the following image (stego)?
Hint: look for forensics and steganalysis tools that:
For (1), identify the steganized file, detect steganography, and identifies the location of the hidden content.
For (2) reveal hidden images inside another image.
Deadline: Thursday, 07 Oct. 2021
Solution
Statistics
"Open Source Intelligence (OSINT) is a multi-factor methodology for collecting, analyzing and making decisions about data accessible in publicly available sources to be used in an intelligence context." In cybersecurity, OSINT helps discover compromised and breached credentials, publically available business records, individuals or organization's personal and background information, documents, image-focused searches, email, and domain information, inter-connected devices or applications information, exploits archives, and so much more.
In this challenge, we made a tiktok but we need to find the exact time of when it was uploaded. Can you find the date and time of when it was uploaded?
Hint: You get to view the page source of this tiktok, and look for a certain function. You might get the answer immediately you might not ;)
Important Rules
(1) Your answer should be in KSA time.
(2) Answer should be in 12 hours format not 24 hours (For example : 01:00 pm, not 13:00 ).
(3) Answer format : CYS{yyyy/mm/dd_hh/mm/ss}.
Deadline: Sunday, 21 Nov. 2021
Solution
Statistics
Some websites can hide important and vulnerable information among their files in a hidden directory. Attacker can perform a directory traversal attack to locate these hidden files and steal their information. Can you find the flag using directory traversal in the following link?.
Hint: You can use the python-based brute force tool Dirsearch to find the flag.
Deadline: Monday, 07 Feb. 2022