In computer security, a 'Capture The Flag' (CTF) is a game where competitors need to hack into a purposefully-vulnerable machine in order to steal the flags from it. The flags are secrets hidden in files located on the targeted system.

In an attack/defense style game, each team is given a machine (or a small network) to defend or to attack. Teams are scored on both their success in defending their assigned machine(s) and on their success in attacking the other team's machines.

Each CTF game on Brainshell has the following flags format :

User Flag : user.txt located in /home/user on Linux or C:UsersUserDocuments on a Windows machine

Root Flag : root.txt located in /root on Linux or C:UsersAdministratorDocuments on a Windows machine

Both flags are SHA1 strings.

A challenge is an exercice aimed at studying a specific subcategory such as Cryptography, Reverse Engineering, Forensiics and many more in the computer security field.

For example, in the Web Hacking category, each challenge focuses on a specific web applications vulnerability (SQL injections, XSS, CSRF, IDOR, etc...)

Players must find the one and only flag in a challenge to score the points.

Each challenge has the following flag format :

BS{flag} where 'flag' is the actual flag to submit