Welcome To MCL-CTF

SERVER challenges

Server challenges are traditional CTF challenges. Try them out if you are already familiar with this type of challenges. You will need to use tools that were not covered by our workshops, such as CyberChef, Burp Suite, Postman, Wireshark, digital-forensics tools, etc.

PASTA Challenges

The challenges utilizing PASTA for Education focus on testing a variety of basic knowledge and skills related to automotive security. These challenges might not fit the conventional, cleverly crafted CTF mold you’re used to. Within these challenges, you’ll find tasks that require you to read circuit diagrams, consult manuals, and even inspect circuit boards. At first glance, these elements may seem daunting. The circuit diagrams may look like a perplexing puzzle, the manuals might feel tedious, and getting hands-on with circuit boards could feel a little intimidating. These could be areas you’ve previously shied away from or haven’t felt confident in tackling. However, once you immerse yourself in this world, you’ll realize that these tasks are filled with valuable information and can be quite enjoyable.

Rules and Remarks

• The source code of PASTA is available on github, but we made many changes for this event. Do not assume that everything you read on github applies to your device.
• The JTAG interface of PASTA ECUs is locked - do not attempt to connect a JTAG debugger (if you brought one), as you may end up bricking ECUs.