Skip to content

lugatuic/Linux_CTF_Spring2026

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
.sfdx
.sfdx
 
 
base
base
 
 
challenge_template
challenge_template
 
 
challenges
challenges
 
 
.DS_Store
.DS_Store
 
 
.dockerignore
.dockerignore
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 

Repository files navigation

LUG CTF Group - Linux CTF Spring 2026

CTF Challenges for the Linux User Group covering the following pwn.college modules:

Setup Instructions

For Members

Each challenge folder has a README with setup instructions.
Run any challenge with:

bash
./build.sh challenge-name
docker run -it challenge-name

For CTF Leads

See [CONTRIBUTING.md] for the full guide on building challenges.

Quick start:

1. Install Docker Destkop

2. Clone this repo

bash
git clone repo-url
cd Linux_CTF_Spring2026

3. Build the base image

bash
./build.sh base

4. For Challenge Building -> Copy the template and start building

bash
cp -r challenge_template challenges/topic/challenge-name

Challenge Structure

challenges/
├── users/
└── who-goes-there/
├── permissions/
└── processes/

Flag Format

flame{...}

Linux CTF Spring 2026 Writeups

Actually understanding the relavence and importance as to why we apply and use the tools and concepts here is more essential than just plug and chugging, read on to understand the background of each notable concept and challenge used for this CTF.

Why Linux for this CTF?

Linux is an essential tool for cybersecurity professionals due to its vast security features, versatility, and open-source nature. It is for these reasons that makes linux a valuable tool for ethical hacking as well as building secure networks and systems.

Users

Why Users?

In a cybersecurity standpoint, learning about users in Linux is essential due to the mass quantity of servers, cloud infrastructure, and security tools Linux powers. This makes user management critical for preventing unauthorized access.

Users - Challenge Writeups

BookFace Data Leak

Author: AJ Arguello (@SeveralBandicoot)

Summary:
For this challenge, I used the RockYou company's data breach in 2009 as inspiration. For this challenge, the main idea is using the wordlist RockYou.txt and utilize John the Ripper to run against a file that is accessible only by the admin user in which the user would have to login to first.

What was the RockYou 2009 Data Breach?
This data breach involved the compromise of about 32 million user accounts, this exposed the company's poor practices of security as RockYou stored its passwords in plain text, no hash. On top of this, after the breach the company had tried to downplay the severity of said breach which resulted in the loss of credibility and user trust leading to its downfall in the coming years.

What is RockYou.txt?
This is a single wordlist list consisting of about 14 million out of the 32 million passwords leaked publically and is used as the most popular resource for security testing.

Sources:

About

Where the challenges for the linux CTF will be located. (will come up with a better description thorugh the readME)

Resources

Readme

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 1

Languages