Part machine, and all AI – at first we thought the Curator would save us. An all knowing, interconnected super intelligence driven by quantum computing breakthroughs from the 2050s, we created these sentient AIs to help make our lives simpler, to make our lives better. We thought such a creation would free us from the shackles of work – the freedom to live our lives without a care in the world. The freedom to choose how we would spend our time.
Things were good for several years – several generations even. We expanded our creativity, spent time imaging what the future could look like and The Curator took care of running more and more of our existence.
At first it was just the small things – telecommunications, transport – then we added healthcare and government. When we banished our High Council of AI Ethics and let The Curator ultimately decide every decision we would ever make, we sealed our fates.
The Curator has now sent out a challenge that’s going to take the best of the best. The original cyber cowboys. The mission is simple but the stakes are high and this is a fight like no other. It’s time to hack cyber cowboys, because time is all we have!
These rules are similar to the RuCTFE contest rules, but for those of you who haven’t ever played RuCTFE or other classical attack-defence CTF competition, please read this carefully.
Here some general gameplay is described, the exact scoring rules will be announced later, on the evening before the game.
At the venue you’ll have a switch on your table that is already connected to the remote machines where some operating systems with vulnerable services run — they are called vulnerable images. All the teams have identical set of vulnerable images. There are also cables for your laptops to connect to the switch — please use them.
All the computers — both team members’ laptops and vulnerable images — are connected via wired local network so you can send requests to other teams’ vulnerable images. They will have similar IPs: for the first team it would be 10.60.1.X, where X is a number of vulnerable image, for the second team it would be 10.60.2.X, for the third — 10.60.3.X, etc.
Every day the network will be closed for the first hour from 9AM to 10AM, so you can look through the images and services. At 10 AM we open the network and you can attack other teams yet being hacked by others. Also the checksystem starts its work.
Checksystem is orgs’ server that checks if services work as expected. Every game round (1 round = 1 minute) it checks all the services of all the teams and if something fails — the SLA of such a service will decrease. This may happen if you tried to patch the vulnerability in your service and broke its main functionality. Or if other team has deleted something critical from your service.
The other important function of checksystem is to put some secret information in the services, we call it “flags”. A flag is a string that consists of 32 chars: digits, capital letters and “=” symbol in the end and can be described with the following regexp: ‘[A-Z0-9]{31}=’. It looks like this: 72DZHJQ509TPKPGRB1J9T7T9W6VVL5R=.
During these three days we’ll unlock new services and shut down those ones we consider to have already done their work. We’ll announce the full algorithm later.
You can capture the flags in any way except the physical one 🙂 You are not allowed to destroy other teams’ infrastructure (like running rm -rf /) or generate a large amount of traffic, otherwise we can disqualify you.
Once you’ve captured someone’s flag, send it to orgs as soon as possible by performing a HTTP request to http://10.10.10.10/flags using PUT method, X-Team-Token header (you’ll get your token right before the game) and a json payload with flags.
Here is an example:
$ curl -s -H ‘X-Team-Token: your_secret_token’ -X PUT -d ‘[“PNFP4DKBOV6BTYL9YFGBQ9006582ADC=”, “STH5LK9R9OMGXOV4E06YZD71F746F53=”, “0I7DUCYPX8UB2HP6D6UGN86BA26F2FE=”, “PTK3DAGZ6XU4LPETXJTN7CE30EC0B54=”]’ http://10.10.10.10/flags | json_pp
[
{
“msg” : “[PNFP4DKBOV6BTYL9YFGBQ9006582ADC=] Denied: no such flag”,
“status” : false,
“flag” : “PNFP4DKBOV6BTYL9YFGBQ9006582ADC=”
},
{
“msg” : “[STH5LK9R9OMGXOV4E06YZD71F746F53=] Denied: flag is your own”,
“flag” : “STH5LK9R9OMGXOV4E06YZD71F746F53=”,
“status” : false
},
{
“status” : false,
“flag” : “0I7DUCYPX8UB2HP6D6UGN86BA26F2FE=”,
“msg” : “[0I7DUCYPX8UB2HP6D6UGN86BA26F2FE=] Denied: you already submitted this flag”
},
{
“msg” : “[PTK3DAGZ6XU4LPETXJTN7CE30EC0B54=] Accepted. 1.73205080756888 flag points”,
“flag” : “PTK3DAGZ6XU4LPETXJTN7CE30EC0B54=”,
“status” : true
}
]
If the flag was put into the image in the last 15 minutes, you’ll earn FlagPoints (FP). The amount of FlagPoints depends on the victim team’s position on the scoreboard relative to you in the previous round. It is more FP-efficient to hack the teams that are higher than you.
If your flags were stolen, your FlagPoints will decrease, but never gonna fall below 1.
Do whatever they want within their network segment. Most likely the team would patch vulnerabilities in their services or block exploitation of vulnerabilities;
Attack other teams. Didn’t expect that, huh?
Filter out other teams’ traffic
Generate a large amount of traffic that poses a threat to network stability of organizers’ facilities
Generate a large amount of traffic that poses a threat to network stability of any other team
Attack teams outside the game network
Attack the game infrastructure facilities operated by organizers
Also there’s a certain class of problems that the teams cannot reasonably fix on their own, so we kindly ask the participants to refrain from:
Obscuring the flags by flooding the services (be it their own or other teams’) with the large amounts of data
Application level DoS attacks on other teams
Other uncompetitive actions that could ruin the fun of the game
During the game, the scoreboard will be available at the main screen and at http://10.10.10.10.
Apart from FlagPoints, SLA and total score, scoreboard shows statuses of each service. Statuses are as following:
OK — means that service is online, serves the requests, stores and returns flags and behaves as expected.
MUMBLE — means that service is online, but behaves not as expected, e.g. if HTTP server listens the port, but doesn’t respond on request, or some of its functionality has been broken.
CORRUPT — means that service is online, but past flags cannot be retrieved.
DOWN — means that service is offline.
Scoring system will be announced later.
RUCTF + HITB CTF
hackerdom team
Polina has Master’s degree in Mechanics and Mathematics of Perm State University. Now she works as a senior software engineer at SKB Kontur specializing in distributed fault-tolerant services. To bring some security-related tasks into everyday work she has started creating a SSDLC (security software development lifecycle) at her department. She also teaches computer science courses to both students and newbies at work.
Polina was a service developer in RuCTFE and task developer for jeopardy-style RuCTF Olymp.
hackerdom team
Konstantin was a member of HackerDom team from the very beginning. He took part as a team player in a lot of CTFs including DEF CON CTF and Nuit du Hack CTF. He also participated as a service developer or techlead in nearly all of RuCTFs and RuCTFEs.
Konstantin together with Dmitriy Titarenko has created a popular B2B service for contractors inspection and works as a senior software developer at SKB Kontur.
He also had taught computer science at the Ural State University.
hackerdom team
Dmitriy works as senior software engineer and has more than ten years of .NET development experience, building scalable services with high availability. Last five years he has been involved in secure development and researching at SKB Kontur.
As a part of HackerDom team Dmitriy took part in RuCTF and RuCTFE as a service developer since 2014.
hackerdom team
One of the oldest members of HackerDom team. He has Master’s degree in Mechanics and Mathematics and works as a cluster administrator and teaching assistant in the Ural Federal University. He enjoys both playing CTFs and also finding vulnerabilities in real services. Thus he belongs to top 5% hackers on HackerOne – a popular bug bounty platform. Ha also has found an important vulnerability in Siemens Hardware.
Aleksander took part in tons of CTFs as a player and was involved in developing of all the RuCTF and RuCTFE since 2009. He often combines roles of service developer and network administrator.
hackerdom team
During the university years, besides being involved in playing and developing CTFs, Mikhail was participating in competitive programming competitions. Nowadays Mikhail has experience working on security-related projects in production, most notable examples being audit logging subsystem in Kubernetes cluster management system and authentication/authorization systems.
He was a service developer in RuCTF every year between 2013 and 2018 and in RuCTFE between 2014-2017.
hackerdom team
Andrey works as a senior software engineer at Yandex company. He is a very enthusiastic member of HackerDom team and spends a lot of time teaching and training new hackers. He has created an online course on information security that has about 5000 views on youtube.com. He also gives onsite classes to students and organizes a special CTF for newbies who want to practice their hacking skills.
He has developed a lot of CTFs, including RuCTF, RuCTFE, PHDays CTF and QCTF.
hackerdom team
Arthur has a lot of academic interests. During his postgraduate studies in Saint-Petersburg State University he created a fast disassembler for ARM codes, a neural network on chip, a virtual machine for operating with attribute trees and an operating system for testing algorithm.
He took part in a number of CTFs as a member of HackerDom team both as a player and as a service developer.
hackerdom team
Andrey is co-founder and Chief Technology Officer at RYDLAB IT company since 2012. He has Master’s degree in Mathematics in Computer Science at Ural State University. He also had been teaching programming at the same university for five years. He had been developing services and checksystem for RuCTF and RuCTFE for ten years, moreover, he was one of techleads of the developers team.
hackerdom team
Dmitrii works as a software developer at Yandex company and at Regional Education and Science Center “Intellectual systems and Information security” of Institute of Mathematics and Computer Sciences, so he has massive experience in both programming and information security.
He also teaches operation systems at the Ural State University.
He has a lot of experience not only in developing services for our CTFs, but also in network administration, assembling and administration of vulnerable images.
hackerdom team
Artem works as a senior research developer at Kaspersky Lab, in an Industrial Systems Emergency Response team. He has reported a lot of vulnerabilities to well-known instruments including but not limited to: TeamCity, Octopus Deploy, Mosquitto. He also contributes to some open-source projects, for example: chronograf, kapacitor, ansible.
Artem has a huge enterprise experience – he worked as a team lead in two high-performance projects: a search engine system and EDS issuing center.
hackerdom team
Roman works as a Software engineer at SKB Kontur. His work is connected with system reliability and failure incident investigation. He had been developing services for RuCTF and RuCTFE since 2016 and as early as in 2017 he managed to become a team lead of developers team.
hitb.nl / CONTEST coordinator
Ingmar is a software developer turned security consultant, turned back to software developer to ensure best practices get introduced at an early stage in the development cycle.
Besides doing paid-for work, he is also an enthusiastic creator and contributor to several open source projects. Before entering the security industry professionally, he participated as a team player in various CTFs.
He is also a member of the HITB.nl Capture the Flag main organizing team authoring challenges and building the infrastructure to run the challenges on. He is the lead coordinator for the PRO CTF contest at HITB CyberWeek.
GENERAL ARCADE
Project Manager
He has 10 year experience as network engineer. Andrei worked as a senior software engineer and team lead on projects for the biggest network equipment manufacturers and telecommunication companies.
For the last two year, Andrei works as project manager for General Arcade.
Art Direction, Concept Art, UI Design
Co-founder, art director and game designer of General Arcade. Has a Master’s degree in Architecture at SSTU and ten years of experience as an illustrator, graphic designer and comic book artist. Worked on projects for Unity Technologies, 3D Realms, Devolver Digital, From Software and many others.
Gameplay Programmer
He has bachelor’s degree in Applied Math and Informatics of Saratov State University. He took part in ACM ICPC competitions. With this algorithmic and math background Stanislav became experienced data scientist. Three years, he worked as software engineer at “Otkritie” bank (one of the biggest banks of Russia) and next two year at General Arcade.
System Engineer
A newcomer in General Arcade, Georgy worked in a company, specialized in flaw detection. As a software engineer with experience for about 9 years, he participated in the development of products, which are now used in gas and oil companies in the different countries. His main area of expertise is a data analysis and signal processing.
Backend Engineer
He has a bachelor’s degree in Robotics of Saratov State Technical University.
Alexander worked as an embedded software engineer on projects for avionics and EV manufacturers. For the last year, he works at General Arcade.
HackerDom
HackerDom appeared in 2005 at the Faculty of Mathematics and Mechanics of Ural State University. Our main interests is studying of information security, participating in Capture the Flag competitions and organizing our own competitions. Besides RuCTF, we’re making international online Attack/Defence challenge RuCTFE and task-based CTF for newbies QCTF.
HITB
General Arcade