On-Campus ROUNDS
Location: UOW, Hamilton Date: 07 - 08 July
**On-Campus Rounds Prizes Info**
1. Grand Winner sponsored by Bhojraj Parmar: $1500
2. Grand Runner-up: $750
Round 1 Winners:
•Secondary Category: $600
•Tertiary Category: $600
•Industry/Open Category: $600
Round 2 Winners:
•Secondary Category: $600
•Tertiary Category: $600
•Industry/Open Category: $600
Young Cyber Champions Awards for Secondary and Tertiary:
•Round 2 First Runner-up: $300
•Round 2 Second Runner-up: $150
PLATINUM SPONSORS
GOLD SPONSORS
SILVER SPONSORS
ORGANISERS
CHALLENGE OVERVIEW
ROUND 0 (QUALIFYING ROUND)
Location: Online
Date: May 29th - June 12th
Round 0 is a qualifying one of capture-the-flag. Participants will individually search for flags hidden in each challenge
Topics Round0 will cover, but not limited to:
- Cryptography
- Steganography
- Web Application Security
- Forensic
Tutorials & Networking Lunch
Date: 7th July
Location: The University of Waikato, Hamilton campus
ROUND 1 & 2
Date: 8th July
Location: The University of Waikato, Hamilton campus
Participants will be competing for capture-the-flag in teams or individually.
The Schedule
Day 1
Day 2
RESOURCES
Tools
The tools that can be used for solving sepecific topics are listed below, but not limited to:
- Cryptography: dcode.fr
- Steganography: Audacity, GIMP
- Networking: Wireshark
- Forensic: hexdump, HexEditor e.g., Visual Studio Code with Hex Editor Extension, Volatility, GDB
- General Tools: Kali Linux, CyberChef
Linux and Python Tutorial
Cryptography Tutorial
Forensic Tutorial
Interesting External Channels
- John Hammond: https://www.youtube.com/c/JohnHammond010/videos
- HackerSploit: https://www.youtube.com/c/HackerSploit/videos
- Cryptography for Everybody: https://www.youtube.com/c/CrypTool2/videos
- IppSec: https://www.youtube.com/c/ippsec/videos
- Networks - David Bombal: https://www.youtube.com/c/DavidBombal/videos
- Forensics - DFIRScience: https://www.youtube.com/c/DFIRScience/videos
SOLUTIONS
New Zealand Cyber Security Challenge
What is NZCSC?
NZCSC is a multi-round New Zealand Cyber Security competition. Two of the rounds are CTFs and one is a Quiz based on Incident Response.
What is a CTF?
A CTF (Capture The Flag) is a cyber security exercise consisting of multiple puzzles/challenges. Each puzzle has a flag hidden somewhere and the challenge is to find the flag. The flag usually is a sequence of alphanumeric characters. Once you find a flag you get some points. The objective is the find as many flags as possible and collect points.
Who can participate in NZCSC?
Anyone in New Zealand can participate in NZCSC.
Can I participate in NZCSC online?
NZCSC takes place in two stages. The first stage is online and open for everyone in New Zealand. The top 150 challengers will then be invited to the next stage which will take place at the University of Waikato’s Hamilton Campus.
Do I participate solo or in teams?
In the first stage (online) participation is individual while you’ll participate in teams of 1-3, in the on campus event. If you know people who have qualified for the on campus stage you can team up with them, if you want to team up but don’t have a team we’ll help you find one.
Each team will belong to one of the following three categories (ranked):
- Open/Industry
- University
- High School
Participants may form a team with other participants of different categories; However, the highest-ranked category will be used. For example:
Team A:
- Bob (High School)
- Alice (High School)
- Clair (Open/Industry)
Would I need to bring my own machine if I am invited for the second stage?
No. You will use a standard university machine for the second stage.
Are there any prizes?
Yes! There are plenty of prizes. See our homepage.
What is a side challenge?
Side challenges at the NZCSC are small challenges with opportunities to win more prizes. You will need to bring your own machine for the side challenge though.
Is there a participation fee?
No. There is no fee to participate.
Do you provide any support for students travelling to Hamilton?
NZCSC will give out 10 travel grants, each worth 250 NZD to high school or tertiary students travelling to Hamilton.
CROW-NZ's First Cyber Security Lab
Established in 2012, CROW is a research group located in the Department of Computer Science at The University of Waikato.
With the emergence of cloud computing technologies and prevalent mobile device usage, we are witnessing the diminishing effectiveness of traditional cyber security approaches such as perimeter defence, intrusion detection and infrastructure hardening.
To address this, CROW focuses on six major themes: Provenance, User-Centricity, Visualisation, Economics, Hardware, and Tools & Datasets. Together, these six themes enable the return of control of data to users, thereby reducing reliance on third-party vendors or trust relationships commonly found in most cyber security contracts today
HISTORY
NZCSC 2022
WHAT HAPPENED?
The 2022 NZ Cyber Security Challenge was held online with Round 0, Round 1 and 2 were on-campus.
- Waikato x Cardiff winners -
Congratulations to the winners of Waikato x Cardiff round. The Waikato University winner is DoingGood. The Cardiff University winner is heartburn.
- Round 1 and 2 winners -
Grand Prize Winner, 1500 NZD : Covid_Brain
Round 1 Category Winner, 750 NZD
- HighSchool Category: WHS's finest
- Tertiary/University Category: Unluggy Uce
- Industry/Open Category: The Prototype Polluters
- HighSchool Category: stAk
- Tertiary/University Category: Unluggy Uce
- Industry/Open Category: Covid_Brain
- HighSchool Category: Team 3
- Tertiary/University Category: The Pi Guys
- Industry/Open Category: The Prototype Polluters
- HighSchool Category: BeefStew
- Tertiary/University Category: NightmareRats
- Industry/Open Category: anthonycp
- Medium and Hard Challenges -
Medium Challenges, 75 NZD- Challenge 4: Team 6
- Challenge 9: SaladPants
- Challenge 11: anthonycp
- Challenge 2: The Interns
- Challenge 7: Covid_Brain
- Challenge 12: The Prototype Polluters
NZCSC 2021
WHAT HAPPENED?
The 2021 NZ Cyber Security Challenge was held online with Round 0, Round 1 and 2 were on-campus.
Grand Prize Winner - Sponsored By Bhojraj Parmar: Rhys Davies
Round 2 Category Winner
- HighSchool Category: Andrew Rider
- Tertiary/University Category: Cale Budd
- Industry/Open Category: Rhys Davies
- HighSchool Category: Misha Pavlov
- Tertiary/University Category: Sam Redmond
- Industry/Open Category: Grady Hooker
- HighSchool Category: Finn Robinson
- Tertiary/University Category: Ethan Mckee-Harris
- Industry/Open Category: Brendan Laing
Medium Challenges
- Challenge 6: Logan Krippner
- Challenge 7: Kushan Fernando
- Challenge 13: Sam Redmond
- Challenge 15: Logan Warner
- Challenge 8: Jamie McClymont
Notice regarding NZCSC 2021: After the culmination of NZCSC'21 it was brought to our attention that some challenges were plagiarized from sources on the internet. The NZCSC organisers reported this to the employer of the person who created and submitted the challenges to be used in NZCSC. The employer took swift and strictest possible action for the misconduct. The NZCSC values integrity above everything else and the team was deeply saddened with the discovery. We apologise to all NZCSC'21 participants for this oversight and assure everyone that we have now put measures in place to ensure this does not happen again.
NZCSC 2020
WHAT HAPPENED?
The 2020 NZ Cyber Security Challenge was held online with Round 0, Round 1 and a purple team challenge all held online
Grand Winner: Jamie McClymont
Category Winners
- HighSchool Category: Technocoder(Zhiyuan Qi)
- Tertiary/University Category: Dast(Daniel Stokes)
- Industry/Open Category: Jamie McClymont
- Dast (Daniel Stokes)
- Tomais Williamson
- Jamie McClymont
- Logan Krippner
- Technocoder(Zhiyuan Qi)
- ZerOne (Sam Redmond)
- Samdaman (Sam Hogan)
- Fromage (Joshua Hogan)
- Michael Jang
- RavSS (Ravjot Singh Samra)
Medium Challenges
- Challenge 4: Fromage (Joshua Hogan)
- Challenge 5: Toby Heitland
- Challenge 7: Gittarackur (Ryo Sugiyama)
- Challenge 8: Fromage (Joshua Hogan)
- Challenge 10: Jamie McClymont
- Challenge 11: Jamie McClymont
- Challenge 12: Jamie McClymont
NZCSC 2019
FIRST PLACE
Team 'The Password Inspectors' - Jamie McClymont, Rhys Davies.
WHAT HAPPENED?
Congratulations to all the Cyber Security Challenge competitors of 2019. This year, the challengers took on the Internet of Things with the focus on - forensics, reverse engineering, steganography, web-application security and cryptography.
RUNNER-UP OF TERTIARY CATEGORY
Now UC Me (Joshua & Sam Hogan, University)
WINNER OF SECONDARY CATEGORY
Thonking (Cameron Li & Jason Xu)
RUNNER-UP OF SECONDARY CATEGORY
Arrays start at 1 (Ethyn Gillies & Marshall Patty)
RUNNER-UP OF SECONDARY CATEGORY
Frozen Orange (Orion Edwards & Thilanka Priyankara)
RUNNER-UP OF INDUSTRY CATEGORY
Gradyhooker (Grady Hooker).
NZCSC 2018
FIRST PLACE
Team Elliptic Curveballs - Logan Krippner, Jacob Cheatley and Michael Jang.
Women's Technical Challenge Champions
Team Octocats - Jamie McClymont and Abigail Koay
Drone challenge winners
Team UniHack - Rajat Rokhade, Debac Manikandan and Arnav Gogia
WHAT HAPPENED?
The NZ Cyber Security Challenge 2018 (NZCSC'18) hovered into action with a drone challenge for Round 1 & 2 contestants at the University of Waikato campus.
Challengers tested their hacking skills as they attempted to take charge of a drone controlled by a host's smartphone and intercept photos taken by the drone's camera. Prizes were awarded to the successful hackers.
NZCSC'18 action also included training sessions with some of the best, opportunities to kickstart a cyber security career at the job fair and talks by some of the movers and shakers in the industry.
Round 0 online qualifying round took place from June 18-29, with the top 150 moving on to Rounds 1 and 2 on July 14 at the University.
CSC 2017
FIRST PLACE
2017 challenge known for Challenge Winner Repeat Performance .
It was a repeat performance by the overall champions team Arcton, Nathaniel Watson, Jeremy Symon and Grady Hooker took out last year's Challenge.
Representing industry, they walked away with a cheque for $2500 and NetHui fellowships. Jeremy is currently doing a Masters of Computer Science at Waikato and working at Gallagher, and Grady and Nathaniel are former Waikato Computer Science students now working in the computer science industry.
RUNNERS UP
Overall runners-up 418ShortAndStout - Michael Robertson and Brent Vollebregt - placed top in the tertiary division and took home $1800.
Top performers in the high school division after Rounds 1 and 2, SQL Sharks twins Sam and Josh Hogan also took out first place in the new Policy Round. Contestants were tested on responsible disclosures, asked to critique a really badly-written cyber policy, and suggest incident response next steps for a fictitious event.
The winning team from the industry division after Rounds 1 and 2 were Jack Haystead, Daniel Tebbutt and Declan ter Veer-Burke. They took home a cheque for $1800.
WHAT HAPPENED?
NZCSC'17 hit all the right keys with VIPs from the Government Communications Security Bureau (GCSB) and INTERPOL attending. GCSB director Andrew Hampton told the Challengers it wasn't long ago that people were saying cyber security should be on the agenda but now the agenda is cyber security.
Although, In this year's Challenge CROW collaborated with Japan's National Institute of
Communications and Information Technology ( NICT ) to up the ante in the visualisation of
the attack and defend networks of the competition. CROW member Cameron Brown worked with Koei Suzuki to customise the NIRVANA Kai visualisation to show network traffic between the Round 3 servers. The collaboration is mutually beneficial as NICT will utilise CROW technology in the future. NICT supply the visualisations for Japan's largest cyber security competition SECCON.
CSC 2016
FIRST PLACE
Team Name: Hodor (462,250 points)
Team Members: Sjoerd de Feijter, Matthew Stringer, Vladimir Petko
Industry category team, representing Gallagher Group
RUNNERS UP
First Runner-Up
Team Name: Solo Team(406,160 points)Team Members: Michael Robertson, 17 years old,
Secondary School Category team, representing Cambridge High School.
Second Runner-Up
Team Name: Arcton(386,300 points)Team members: jeremy Symon, Nathaniel Watson, Grady Hooker
Tertiary category team, representing University of Waikato Faculty of Computing And Mathematical Sciences
WHAT HAPPENED?
Due to the popularity of the competition in 2015, we introduced an online qualifying round, Round Zero. 267 participants registered for Round Zero and attempted the challenges between the 17 June - 1st July, after which the Top 150 were chosen to attend the competition on the 14 and 15 July.
Participants competed in two rounds: Round One, a capture-the-flag style challenge and Round Two, a Red team vs. Blue team game where the Blue teams had to defend their vulnerable servers from attacks from the Red teams, which consisted of an Industry Professional from Gallagher and two CROW members.
CSC 2015
FIRST PLACE
Team Name: Ter B
RUNNERS UP
First Runner-Up
Team Name: DoubleMCSecond Runner-Up
Team Name: Kanye4PrezWHAT HAPPENED?
NZCSC'15 was open to all of New Zealand and participants were split into 3 categories: Secondary, Tertiary, and Industry/Open.
The competition had 2 rounds: Round 1 was a capture-the-flag style challenge. Round 2, open to the top 5 teams of Round 1, was a Red team vs. Blue team style challenge where 5 Blue teams defended their systems against the Red team, which included Industry professionals from Insomnia Security and PWC Digital.
CSC 2014
The first instalment of the Cyber Security Challenge was open to University of Waikato students only.
CSC'14 had a single round - a capture-the-flag style challenge where the students participants solved challenges to acquire flags. The event served its purpose: to gauge students' interest in a Cyber Security-themed competition. Over 70 students registered, attended the training and paticipated in the competition, which encouraged the organisers to plan the next CSC.