5 comments

[ 4.3 ms ] story [ 23.5 ms ] thread
It would be nice to have a better explanation of the types of problems being solved here, because the security space is so massive.

Is this websec? appsec? Reverse engineering?

hey hyperplane, that's an excellent point. I'll see about clarifying the contest description.

To answer your question directly though, it's a bit of a mix of mostly introductory concepts with the goal of introducing crypto and breaking/defensive programming to people who might not get much exposure to it. The first challenges are simple crypto-based challenges to get participants into the right frame of mind, and they culminate with exploiting a hash length extension vulnerability. Hopefully, we'd like to introduce more challenges like this in the future.

Sounds like fun I signed up! Question though how long does the contest run for? How many challenges are there and how long should each one take?
Glad you signed up! :) The contest is going to run for 4 hours, and there are 4 challenges. The first two should take about an hour total, with the remaining 3 hours split over the remaining harder two challenges.
The contest is for 4 hours and there will be 4 challenges. The challenges will be later archived and posted on the security track at hackerrank.com (to be created after the contest)