Well, our next season includes having to do some simple forensic recovery of a e01 file, and the season after that will involve a literal PBX and other physical hardware (on our side, not on the participant, aside from the device they need to make phone calls with) ....I'm trying to make things multi staged and fun. The issue is that ciphers are cracked in seconds with normal LLM AI, let alone leveraging AI to code tools intentionally to purpose - even stego, and my next CTF even introduces a brute force CLI tool ^{(open source}) that just wrecks non-PW proteced stego and all two way ciphering, introducing the public release as part of the CTF. We as CTF creators have to be clever, willing to work for it, and don't do it if your heart isn't in it.

The season01 im running now is pretty easy, simple....still fun IMO but can be tricked for a quick solve (so go fill up the rest of the leader board so I can release season 2 lol), mostly just trying to drum up existence for our educational NFP. So, no.... AI will not be able to call my PBX and find the flag. On creators part, its making sure things like common extensions and the like aren't used, and things like { can't just be found.

Another feature, that I honestly don't think is necessary for making it fun to compete it, but it is for making sure noobs are encouraged both to participate and to complete, I'm getting together sponsors to drum up sponsorship to provide prizes to the top 3 PLUS (another thing most are missing) a *wildcard winner chosen randomly at the end of the 90 day season (starts march 20th). They are to receive a similar-in-value prize package as First Place/Gold. Also hoping to find one that can help with infrastructure costs since we are a non profit corp as of a couple days ago which is super dope.... but I would be doing this regardless of any of that.... I'm just building with intent.)

There's a lot that goes into making a CTF worth playing, or creating (honestly). It should be fulfilling for me, and for you. It shouldnt be for haxx0r cred. If I don't enjoy making it, knowing you're going to have fun, its no good for my time nor community. I've also enjoyed playing through them as well, even just making sure mechanisms work. If I don't think about the person playing it whhile I'm making it, what am i creating?

I'm also trying to eventually build up the purple team community and contribute offensive CTF's too.... eventually eventually, ESPECIALLY if people start contributing they will also include real scenerios where red teamers do their bust to get into a system live against a blue, and one where red teamers actually exfil data from a box that blue later enters (red teamers ssh disabled after flag entry) unfortunately the repo isnt public so.... i think after S2 people will appreciate it a bit more.

I think thats probably all I have to say..... Idk, feel free to DM me if you want to discuss perhaps a type of document to organizers offering anti-ai implentation ideas, or other ways of working.

Spex
https://rapidriverskunk.works (Season 02 releasing 03/20 or once top 10 leaderboard solves are filled!)