
Facebook CTF Is Now Open Source - Liblor
https://www.facebook.com/notes/facebook-ctf/facebook-ctf-is-now-open-source/525464774322241?_fb_noscript=1
======
ShaneWilton
Huge props to Gulshan and Javier for launching. This is an incredibly cool
platform, and the work they've been doing to introduce people to security
through CTFs is hugely important: the only way we're going to build a more
secure internet is by training all developers -- not just security engineers
-- to understand exactly what it takes to attack an application.

I often meet people who wish they knew more about security, but they feel as
though things like cryptography are beyond their grasp. Nothing could be
further from the truth, and CTFs are evidence of this fact.

You can always find upcoming CTFs on CTF Time [0]. Give one a try sometime,
and you might surprise yourself with how quickly you're able to pick things
up. Even if you don't solve any problems, you'll have an absolute blast.

If you ever have questions about getting involved in CTF or you're looking for
resources on learning security, don't be afraid to reach out to me. My contact
info is on my profile.

[0] [https://ctftime.org/](https://ctftime.org/)

------
newjersey
[https://i.imgur.com/sx3trYK.png](https://i.imgur.com/sx3trYK.png) for those
who can't open facebook.com for one reason or another

[https://github.com/facebook/fbctf](https://github.com/facebook/fbctf)

> The Facebook CTF is a platform to host Jeopardy and “King of the Hill” style
> Capture the Flag competitions.

btw, I wonder if greater integration with lets encrypt is possible perhaps
with a flag?

> Be ready to provide the path for your SSL certificate's CSR and key files.

~~~
gulshan-fb
> btw, I wonder if greater integration with lets encrypt is possible perhaps
> with a flag?

That's a great idea. I can't say when or whether we'll get to it, but I've
created a tracking issue:
[https://github.com/facebook/fbctf/issues/24](https://github.com/facebook/fbctf/issues/24)

~~~
newjersey
Wow Gulshan. Youre the best. Thank you much. (:

~~~
dadrian
Go Gulshan!

------
Liuser
Man, that is some nice looking UI.

Having participated in a few CTFs, they are a bit intimidating up front.
Having this more visually like a 'game' (which CTF is, really) will garner a
lot more attention to get people to dig in and learn.

------
samwestdev
never heard about this CTF before. Where can I find more info?

~~~
gulshan-fb
You can read a short summary about what a CTF is here
([https://ctftime.org/ctf-wtf/](https://ctftime.org/ctf-wtf/)), but the best
thing to do is to go out and start playing CTFs.
[https://ctftime.org/](https://ctftime.org/) is a great site that lists all
upcoming CTFs. Note that a lot of these CTFs are meant for industry
professionals, so don't feel discouraged if you find the problems tough. There
are also some high school level and college level CTFs you can participate it.

------
STRML
Really cool. Tried to run it, unfortunately the code is broken at the moment-
saw this error:

    
    
        May 11 19:42:11 fbctf hhvm[12971]: [Wed May 11 19:42:11 2016] [hphp] [12971:7f304b7ff700:6:000001] [] \nFatal error: Class undefined: AsyncMysqlConnectionPool in /var/www/fbctf/src/Db.php on line 19
    

Very much looking forward to trying it out.

~~~
gulshan-fb
After doing some more investigation, I'm suspecting you're running this on
Ubuntu 16.04, and not 14.04. Is this correct?

HHVM doesn't provide a 16.04 package yet in their dl.hhvm.com repo, so what's
happening is that the provision script installs the system version of HHVM,
which is 3.11. On 14.04, you'll get the correct version which is 3.13.

~~~
STRML
Thanks - it was indeed on 16.04. Thought I'd try something new while doing
fbctf. Will revert to 14.04 and try again.

------
mattste
I had the opportunity to do two CTFs using this platform during college. Hats
off to Gulshan and Javier for releasing this.

------
afleegman
Anyone know why they didn't use react or flux or any of the other facebook
tool in this? I'm just curious about their decsion making process. I see
jquery, d3, and HHVM.

------
BaNzounet
Kudos guys !

It would be great if the you/the community could provide more examples :) (I
get that it's a platform to host your own competition, nevertheless more
examples wouldn't hurt)

------
coroutines
So who's going to make a Docker image of this? :-)

~~~
gulshan-fb
[https://github.com/facebook/fbctf/pull/36](https://github.com/facebook/fbctf/pull/36)

~~~
haha2211
This one is good!!

------
tkubacki
UI looks like Ufo Enemy Unknown game :)

------
razvan_moldovan
poor code !

------
anfroid555
What a Capture The Flag Facebook!!!

When is Death Match???

Well come the the Arena!!!

