News
Exercise 3 PointsWritten on 16.01.25 by Simeon Hoffmann Hi all, we released the grading of exercise 3 Simeon |
Exercise sheet 5 releaseWritten on 15.01.25 by Alexander Ponticello Dear students, I just released exercise sheet 5, covering the topics of today's lecture on authentication as well as usable security. Sorry for the slight delay, on challenge created some issues which we had to get rid of first. I hope you enjoy this slightly different style of practical… Read more Dear students, I just released exercise sheet 5, covering the topics of today's lecture on authentication as well as usable security. Sorry for the slight delay, on challenge created some issues which we had to get rid of first. I hope you enjoy this slightly different style of practical exercises, as always, we are very happy about your feedback (also for the lecture), which you can send either directly to me or my colleagues or anonymously via CMS.
Have a great week! Alexander |
Scoreboard challenges disabled when solutions releasedWritten on 06.01.25 by Till Schlüter Hi all, Just a quick update on the CTF scoreboard: we've decided to disable the challenges for which we already published solutions. This means that flags for these challenges can no longer be submitted. The reason is that we want to reward those students who solve the challenges on their own, but… Read more Hi all, Just a quick update on the CTF scoreboard: we've decided to disable the challenges for which we already published solutions. This means that flags for these challenges can no longer be submitted. The reason is that we want to reward those students who solve the challenges on their own, but we can no longer distinguish flag submissions based on original work from flag submissions based on our solutions once the solutions are out. We've also applied this rule retroactively and invalidated all flag submissions that we received after the solution to a challenge had already been published. The scores on the scoreboard have been recalculated accordingly. We note that you can still test whether a flag is correct or not, even for disabled challenges: go to the flag submission page and insert the flag. If you get the message "Challenge is disabled", the flag was correct. Otherwise, you will see the message "Invalid flag". You will not receive scoreboard points for such submissions though. Naturally, this change only affects the scoreboard and does not have any effect on your exercise sheet points or grades. Happy hacking! |
Points for sheet 2, sample solutions for sheet 3Written on 23.12.24 by Till Schlüter Dear students, We've released the points for sheet 2 and the sample solutions for sheet 3. Till |
All Tasks Back OnlineWritten on 21.12.24 by Lea Gröber Dear all, all tasks are online again. Happy hacking! |
Tasks Online and Additional Hints on Sheet 04Written on 20.12.24 by Lea Gröber Hello everyone, the exercises E4: XSS Attacks and E4: Advanced XSS 1 are active again. Further, we updated exercise sheet 04 with additional hints. We are still working on the remaining two exercises. |
CSRF + XSS Challenges down for maintananceWritten on 19.12.24 by Alexander Ponticello Dear students, due to some technical issues, the CSRF + XSS challenges are currently not working as expected. We are working on the issues, for the time being, these challenges are deactivated in the scoreboard and not exploitable on the website. The affected front-end will still show as usual,… Read more Dear students, due to some technical issues, the CSRF + XSS challenges are currently not working as expected. We are working on the issues, for the time being, these challenges are deactivated in the scoreboard and not exploitable on the website. The affected front-end will still show as usual, however the corresponding back-end services are offline. We apologize for the inconvenience and will release another news once the issues is resolved.
Best, Alexander |
Tutorial 5 cancelled todayWritten on 09.12.24 by Simeon Hoffmann Hi all, unfortunately, Joys is sick today and thus tutorial 5 is cancelled. Roman offered that flexible students can join his tutorial session (tutorial 4, E2 5, SR 3, 10:15) instead today. Simeon |
Update to "canary" challenge, scoreboard prizesWritten on 06.12.24 (last change on 06.12.24) by Simeon Hoffmann Dear students, In addition, let me take this opportunity to… Read more Dear students, In addition, let me take this opportunity to announce that there will be small prizes for the top 3 scoring teams on the scoreboard at the end of the lecture ;) |
Points for sheet 1, sample solution for sheet 2Written on 03.12.24 by Simeon Hoffmann Dear students, we just released the points for sheet 1 and the sample solution for sheet 2. Also, please remember to submit on time as we cannot take any late submissions. You can always upload a preliminary solution early, and reupload in case you make changes. Simeon |
Submissions: No hand-written notes and no LLM-generated content, please.Written on 29.11.24 by Till Schlüter Dear students, We have two more requests regarding the exercise sheet submissions: 1. No hand-written submissions To make our tutor's lifes easier, please do not submit (scans/pictures of) hand-written notes. For exercise sheet E2, we strongly discourage handing in such documents, but will… Read more Dear students, We have two more requests regarding the exercise sheet submissions: 1. No hand-written submissions To make our tutor's lifes easier, please do not submit (scans/pictures of) hand-written notes. For exercise sheet E2, we strongly discourage handing in such documents, but will still accept them (as the deadline is already approaching). Starting from exercise sheet E3, however, we will no longer accept hand-written notes in submissions. 2. No LLM-generated content In addition, we want to remind you of our policy regarding the use of large language models (LLMs) to solve the exercises (as outlined in the intro lecture): you may use LLMs to polish your writing or make your submission more readable, but not to generate any actual content. Keep in mind that one purpose of the exercises is to prepare you for the exam, where no LLMs will be available. Thanks, |
Screenshots in submissionsWritten on 21.11.24 by Till Schlüter Dear students, When you submit code, please only submit it as source files. Do not submit screenshots. You can upload a ZIP file as submission to CMS. |
Tutorial detailsWritten on 31.10.24 (last change on 31.10.24) by Simeon Hoffmann Hey everyone, after manually reassigning the tutorials for some people, tutorial assignments are now fixed. If you want to attend another tutorial, please find someone from your preferred tutorial to swap with. Short reminder that tutorials start on Nov 7th, so there are no tutorials on Monday.… Read more Hey everyone, after manually reassigning the tutorials for some people, tutorial assignments are now fixed. If you want to attend another tutorial, please find someone from your preferred tutorial to swap with. Short reminder that tutorials start on Nov 7th, so there are no tutorials on Monday. The first sheet will be released next week Wednesday, on Nov 6th. Checkout the timetable for the latest details. Simeon |
Tutorials assignedWritten on 29.10.24 by Till Schlüter Dear students, The tutorials have been assigned. You should now see the tutorial slot assigned to you on your personal status page. Till |
Question Sheet 0Written on 15.10.24 (last change on 15.10.24) by Simeon Hoffmann Hey all, we just uploaded question sheet 0. This sheet is not graded, and meant to make you familiar with the tooling. It will be discussed in the tutorials. Simeon |
Introduction and general lecture scheduleWritten on 15.10.24 by Nils Ole Tippenhauer Dear student of Security'24, for this week, we have prepared an introductory lecture as video, as Katharina and Nils are both traveling. You will find the link to the video/slides in the material collection here on CMS. From next week on, all lectures will be in-person, starting with the lecture on… Read more Dear student of Security'24, for this week, we have prepared an introductory lecture as video, as Katharina and Nils are both traveling. You will find the link to the video/slides in the material collection here on CMS. From next week on, all lectures will be in-person, starting with the lecture on October 22nd. We also plan to release an ungraded tutorial exercise (Q0) soon - you will also find it in the material collection. Please use the Askbot feature on CMS if you have any questions after watching the intro video! Regards, Nils |