Hackers Decrypt, Unscramble Through PicoCTF

After a robot fell from space and landed in their backyard, five seniors fixed him. The twist? They used their hacking skills to uncover his secrets in the process.

A team of seniors Yamin Arefeen, Maddie Clayton, Brett Gutstein, Rohan Ramchand and Philip Taffet placed 28th out of almost 2,000 teams in Carnegie Mellon’s picoCTF, a ten-day national computer security contest for high school students.

The competition centered around a storyline following the repair and decryption of the robot.

“It was a lot of intense programming,” Ramchand said. “But the end result was amazing.”

The contest lasted from the morning of April 26 to May 6 at midnight, beginning just days before synthesis papers were due.

“The biggest obstacle for us was schoolwork,” Gutstein said. “There was a ton of work to do as senior year drew to a close, so we only had two days to really devote to the competition whereas other teams had more.”

The team spent nearly 20 hours working on the problems during the last two days of the competition, despite the frequent shortage of team members.

“I think the biggest problem was that we were competing against giant public schools that could afford to have five students (the maximum amount) working on the problems at all times,” Ramchand said. “At our best, we had three people working.”

Pieces of information, or flags, were encrypted, hidden or stored in obscure places on servers, and students had to “capture the flags” through reverse engineering, breaking, hacking, decrypting or using other techniques, including vulnerability exploitation and network traffic analysis.

“Some problems could be solved with only logic, while others needed an intimate knowledge of how computers run and store programs, but they all required cunning and ingenuity,” Upper School Director of Technology Jeff Ritter said.

The team encountered a wide variety of programming challenges, many were types they had never seen before. Of the almost 2,000 participating schools, only three had solved one of the problems on which Ramchand was working.

“We literally had no understanding of hacking-oriented programming before the competition started,” Ramchand said, “so most of the time spent on the competition involved researching methods by which we could solve the problems; however, the biggest problem by far was just the sheer difficulty of some of the problems.

In the end, the team amassed 4,030 points out of a possible 5,485.

Gutstein said, “My favorite part was the feeling you get when you finally figure out the last step needed to get the flag you’re after.”

Cara Maines
Assistant Online Editor

Leave a Reply

Your email address will not be published. Required fields are marked *