We are both members of the CU Cybersecurity Club. The club regularly participates in CTF challenges however we have never built one. So we decided to mess around with equipment since our specialty is software and apply something to creating a CTF.
What it does
Our device holds a miniature CTF (Capture the Flag) competition at regular intervals. We use a remote server (in this case, a Raspberry Pi) to periodically compile and flash code for a new CTF to our Photon board. Once the new competition has been uploaded, players can try to attack it.
For instance, in one CTF the Photon board serves a static website on its LAN. The player tries to break in by finding vulnerabilities in the site: decrypting passwords, finding usernames, etc. If the player successfully breaks into the web page it sets off an alarm (The LED on the board). The player then can change a scrolling message on the OLED screen to whatever message they so choose.
How we built it
We first connected the Photon board and learned its various systems and how to run things on it. Then we experimented with the OLED screen attachment for the board and how to get it to display a scrolling message. finally, we constructed the CTF challenges and website.
Challenges we ran into
Electrical Engineering. Neither of us had any experience working with physical hardware beyond the basics of setting things up so wires were confusing. took half the day just to wire things correctly ("We think"). We also ran into challenges with the photon boards language and how it resembles C but...like isn't.
Accomplishments that we're proud of
A newfound appreciation of electrical engineering and the fact any of our wiring jobs worked at the end.
What we learned
Vaguely how to wire a board so as to function. Can't guarantee it won't burn a house down though. That we should probably stick to software.
What's next for Photon Board CTF
Add more challenges and functionality such as an audible alarm and better web integration along with upping the difficulty/number of challenges.