For UIUCTF 2021, I led a small group of colleagues to design and deploy a CTF challenge wherein competitors had to fool an image classifier based on resnet18.

The challenge asks you to upload an image to the “pwny bouncer”, who will then classify “pwny” or “not a pwny” using a naive classifier model, and a robust classifier model. To win the flag, you must submit 10 images that “fool” the nonrobust classifier (i.e. cause a mismatch between the classifiers).

See a full writeup by the prize-winning first blood solver here: