skip to main content

DEF CON Hacking Conference

CTF History

A history of Capture the Flag at DEF CON

CTF DC Year winner host - title / image (number of teams)

1 4 1996 AJ Reznor goons - ctf
2 5 1997 AJ Reznor goons - ctf
3 6 1998 SNI goons - ctf
4 7 1999 ghettohackers goons - ctf / up to team
5 8 2000 ghettohackers goons - ctf / up to team
6 9 2001 ghetto+digirev goons - ctf / up to team
7 10 2002 digirev ghettohackers - root fu / redhat 6.2 (8)
8 11 2003 Anomaly ghettohackers - root fu / openbsd (8)
9 12 2004 sk3wl0fr00t ghettohackers - root fu / windows (8)
10 13 2005 shellphish kenshoto - war gamez / freebsd 5.4 (8)
11 14 2006 1@stplace kenshoto - war gamez / solaris 10 (8)
12 15 2007 1@stplace kenshoto - war gamez / freebsd (8)
13 16 2008 Sk3wl0fr00t kenshoto - war gamez / freebsd (8)
14 17 2009 vedagodz ddtek - binjitsu / freebsd (10*)
15 18 2010 ACME Pharm ddtek - binjitsu / freebsd+debian (10)
16 19 2011 The European Nopsled Team - binjitsu / ????? (12)

*well actually 9, as the team "sk3wl0fr00t" was actually ddtek running the game from a team table

Capture the Flag is one of the oldest contests at Defcon dating back to Defcon 4. In the past few years, "capturing the flag" has become a popular moniker for all kinds of contests, and the sheer quantity of CTFs has been increasing steadily. Defcon CTF is one of the (if not the) oldest CTF that continues to run today. Here you can find a brief history of the contest and its evolution.

Defcon 4 was the first time CTF was really formalized into a contest - judges now decided when a points should be awarded. In Defcon 5 and 6, participants could either provide a target or attack provided targets for points, as you might imagine this amount of flexibility led to chaos on the game floor. Over the years, the game has matured and events such as point scoring have largely been automated (heavily in many cases), this maturity is largely a result of having dedicated, non-defcon organizers. Naming the organizer early allows the organizer to dedicate time to game structure and infrastructure.

After a display of dominance in DC7-9, the ghettohackers became contest organizers for three years, before giving the reigns up to Kenshoto. After winning twice (and coming very close to winning several other times) ddtek took over contest organization for DC17 (ddtek is a subgroup of Sk3wl0fr00t). During DC7-9 the contest seemed to be about equally as much about hacking the contest as hacking the game servers

Since DC10, CTF has been about custom services, pwn others', patch and protect your own. Each organizer has built on this model with technology aimed at preserving a fair game, additional twists such as scoring methods, and ever increasing difficulty. Recent organizers have chosen to keep the game layout secret until the game starts, participants do not necessarily know the scoring algorithm, network structure, or operating systems involved. At its core CTF is meant to test computer and network security. To some, that seems to be a fairly narrow focus area, but most Defcon attendees realize that "cyber security" is actually a very large and diverse field. Services range from poorly implemented or configured crypto, SQL-injection, cross-site-scripting, buffer overflows, timing attacks, heap exploits, malformed network constructs, custom interpreters, the list is truly endless. What will the contest bring this year?

As the contest matured, teams started participating regularly and more desired to play. A method of "qualifying" was implemented similar to the Olympics and other sporting events. For the past several years a qualification weekend has pitted teams against a set of challenges and the clock. Teams with the most points at the end are invited to participate in person at Defcon. There is really no excuse to not participate in quals, if you're reading this, you should register and participate next year. Phrases like "placing 132nd feels like quite an accomplishment" tend to appear on social networks.

In 2009 ddtek, an unknown name in the community, was announced as the CTF organizer. From the time of organizer announcement, through qualification round, a lot of google-translated IRC, and even through the entire contest during Defcon, nobody suspected that the folks sitting at the sk3wl0fr00t contest table were actually running the game! "Hacking the top hacker contest" seemed like a fun way to introduce ourselves to CTF organization. The yells of "bullshit" from CTF teams during the Defcon 17 awards ceremony were very gratifying.

more info at
more info at

Swing by the CTF Room and see what's going on. You'll never really know what it's about until you dive in.