“Accio Flags!” — A Harry Potter Themed CTF Challenge
Introduction
The CTF box “Accio Flags!” is based on J.K Rowling’s Harry Potter universe. Harry Potter is a series of fantasy novels written by the British author, J. K. Rowling. These novels chronicle the lives of a young wizard, Harry Potter, and his friends Hermione Granger and Ron Weasley, all of whom are students at Hogwarts School of Witchcraft and Wizardry. The series was later made into 8 movies which are popular all around the world.
This CTF is called “Accio Flags!”; the word “Accio” means “I summon” in Latin. So, the meaning of this CTF name is “I summon Flags”.
In this CTF, Harry Potter along with his friends Ron and Hermione go through various challenges in order to defeat the dark wizard, Lord Voldemort. To defeat him, Harry has to discover and destroy 7 Horcruxes. A Horcrux is an object formed by dark magic that is used by a wizard or witch to achieve immortality by splitting their soul into separate pieces.
The CTF Structure
There are 7 categories namely:
- Horcrux 1 — The Diary
- Horcrux 2 — The Ring
- Horcrux 3 — The Cup
- Horcrux 4 — The Locket
- Horcrux 5 — The Diadem
- Horcrux 6 — The Diadem
- Horcrux 7 — The Snake
Each Horcrux has two levels dedicated to them. In the first level, the player has to discover the Horcrux and in the next level, the player has to destroy it, both by finding flags in each level. There is an additional level, Level 15, where the player will finally defeat Lord Voldemort by combining several findings from the previous 14 levels.
Information Security Aspects Covered
This CTF covers the following the Information Security aspects:
- Cryptography
- SQL Injection
- Cross — site Scripting (XSS)
- Social Engineering
- Digital Forensics
- Programming
- Steganography
- Reverse Engineering
I hope you would enjoy Accio Flags!
Reach out for the walkthrough if you’re interested! :)
Accio Flags! is a CTF created by two undergraduates from Sri Lanka Institute of Information Technology (SLIIT) in 2020 for their 3rd year — 2nd semester Information Security Project (ISP) module.
Please Note: This CTF is Harry Potter themed and was created for educational purposes only. No copyright infringement intended.
