HITB PRO CTF

World’s top 25 CTF teams battling for US$100,000
Days
Hours
Minutes
Seconds
GET READY TO HACK

TLDR;

Who?
25 winning teams (3 - 5 members per team) from various Capture the Flag contests from around the world.
What?
a new style of attack and defense CTF contest over 3 days with an IoT ‘real world hacking’ bonus contest.
When?
15th, 16th & 17th October
Where?
HITB+CyberWeek @ Emirates Palace, Abu Dhabi

Prizes

1st Place - US$50,000

2nd Place - US$30,000

3rd Place - US$20,000

In The Year 3030, time is more valuable than currency. Time is life.

We thought the curator would save us...

Part machine, and all AI – at first we thought the Curator would save us. An all knowing, interconnected super intelligence driven by quantum computing breakthroughs from the 2050s, we created these sentient AIs to help make our lives simpler, to make our lives better. We thought such a creation would free us from the shackles of work – the freedom to live our lives without a care in the world. The freedom to choose how we would spend our time.

Things were good for several years – several generations even. We expanded our creativity, spent time imaging what the future could look like and The Curator took care of running more and more of our existence.

At first it was just the small things – telecommunications, transport – then we added healthcare and government. When we banished our High Council of AI Ethics and let The Curator ultimately decide every decision we would ever make, we sealed our fates.

Now time is running out to save ourselves.

The Curator has now sent out a challenge that’s going to take the best of the best. The original cyber cowboys. The mission is simple but the stakes are high and this is a fight like no other. It’s time to hack cyber cowboys,  because time is all we have!

Join The Worlds' Best CTF Teams

Rules that govern our system

Teams are allowed to:

  • Do whatever they want within their network segment. You are expected to patch vulnerabilities in your services or block exploitation of vulnerabilities through some other mechanism.
  • Attack other teams.
  • Find 0days in the bonus category devices.

Teams are prohibited from:

  • Generating large amounts of traffic that poses a threat to network stability or the visualization system, or stability of any other teams server.
  • Attack teams outside of the VPN.
  • Attack the game infrastructure facilities operated by organizers.
  • Send attack traffic out onto the Internet / beyond the game network.

Game flow

  • The game starts when organizers provide the identical servers with a set of vulnerable services to the playing teams. Within the first hour of the game, the network will be closed and teams will be given an hour to focus on their server administration and vulnerability search. After this initial hour, the main game network will be opened. Teams will have 8 hours per day in order to find and exploit vulnerabilities and obtain opposing team flags.

Join and win one of the contests on the right, and we'll fly you to HITB+CyberWeek!

Time is not on your side

Time Attack – Bonus Challenges

  • A range of consumer grade IoT devices will be made available for teams to attack over the 3 day period.
  • Between 10 and 12 devices will be made available and the complete list of attack targets will be released on the 1st of September.
  • Teams are given 180 minutes at the start of each game day in order to ‘spend’ focusing on the target device of their choice.
  • Target slots for devices are on a first come, first served basis.
  • A team is welcome to attack the same device repeatedly until they successfully exploit it.
  • A team must successfully gain remote code execution on at least 1 device to be in the running to win.

    Pre-qualified teams

    All invited teams will receive 3 x flight tickets (up to USD1500 per team member) and hotel accommodation for 4 nights / 5 days! 

      1. Eat Sleep Pwn Repeat (HITB2018 Overall Champions & Winners of HITB2019AMS CTF) 
      2. RedRocket (CyberSec Challenge Germany & HITB2019AMS CTF 2nd Place)
      3. Hack.ERS (HITB2019AMS CTF 3rd Place)
      4. dotRA (Winners of PHDays 2019)
      5. DEFKOR00T (Winners of DEFCON 2018 & HITCON CTF 2018 2nd Place)
      6. PPP (Winners of TokyoWesterns CTF 2018 & Code Blue CTF 2018 2nd Place)
      7. True0x3A (WInners of PHDays 2019 CTF)
      8. TokyoWesterns (Winners of BCTF 2019)
      9. CyKor (Winners of CODEBLUE CTF 2018)
      10. Tower of Hanoi (Winners of RUCTF 2019)
      11. saarsec (Winners of RUCTFE 2018)
      12. 217 (Winners of CODE BLUE CTF 2017 & PlaidCTF 2019)
      13. tasteless (Winners of DragonCTF 2018)
      14. A*0*E (Winners of PlaidCTF 2018)
      15. Bushwhackers (Winners of iCTF 2019 & RuCTF 2018)
      16. Dragon Sector (Winners of 0CTF 2018 & HITCON 2018)
      17. r3kapig (Winners of 0CTF 2019 & BCTF 2018 & XCTF Finals 2018)
      18. LC↯BC (Winners of Insomni’hack 2019)
      19. TBA (Winners of HITBGSEC 2019 CTF)
      20. TBA (Winners of DEFCON 2019)
      21. TBA (Winners of Arab Regional CTF)
      22. RESERVED
      23. RESERVED
      24. RESERVED
      25. RESERVED

      Contest Organizers

      RUCTF + HITB CTF

      Polina Zonova

      hackerdom team

      Polina has Master’s degree in Mechanics and Mathematics of Perm State University. Now she works as a senior software engineer at SKB Kontur specializing in distributed fault-tolerant services. To bring some security-related tasks into everyday work she has started creating a SSDLC (security software development lifecycle) at her department. She also teaches computer science courses to both students and newbies at work.

      Polina was a service developer in RuCTFE and task developer for jeopardy-style RuCTF Olymp.

      Github Linkedin

      Konstantin Plotnikov

      hackerdom team

      Konstantin was a member of HackerDom team from the very beginning. He took part as a team player in a lot of CTFs including DEF CON CTF and Nuit du Hack CTF. He also participated as a service developer or techlead in nearly all of RuCTFs and RuCTFEs.

      Konstantin together with Dmitriy Titarenko has created a popular B2B service for contractors inspection and works as a senior software developer at SKB Kontur.

      He also had taught computer science at the Ural State University.

      Github

      Dmitriy Titarenko

      hackerdom team

      Dmitriy works as senior software engineer and has more than ten years of .NET development experience, building scalable services with high availability. Last five years he has been involved in secure development and researching at SKB Kontur.

      As a part of HackerDom team Dmitriy took part in RuCTF and RuCTFE as a service developer since 2014.

      Github

      Aleksander Bersenev

      hackerdom team

      One of the oldest members of HackerDom team. He has Master’s degree in Mechanics and Mathematics and works as a cluster administrator and  teaching assistant in the Ural Federal University. He enjoys both playing CTFs and also finding vulnerabilities in real services. Thus he belongs to top 5% hackers on HackerOne – a popular bug bounty platform. Ha also has found an important vulnerability in Siemens Hardware.

      Aleksander took part in tons of CTFs as a player and was involved in developing of all the RuCTF and RuCTFE since 2009. He often combines roles of service developer and network administrator.

      Github Linkedin

      Mikhail Vyatskov

      hackerdom team

      During the university years, besides being involved in playing and developing CTFs, Mikhail was participating in competitive programming competitions. Nowadays Mikhail has experience working on security-related projects in production, most notable examples being audit logging subsystem in Kubernetes cluster management system and authentication/authorization systems.

      He was a service developer in RuCTF every year between 2013 and 2018 and in RuCTFE between 2014-2017.

      Github Linkedin

      Andrey Gein

      hackerdom team

      Andrey works as a senior software engineer at Yandex company. He is a very enthusiastic member of HackerDom team and spends a lot of time teaching and training new hackers. He has created an online course on information security that has about 5000 views on youtube.com. He also gives onsite classes to students and organizes a special CTF for newbies who want to practice their hacking skills.

      He has developed a lot of CTFs, including RuCTF, RuCTFE, PHDays CTF and QCTF.

      Github Linkedin

      Arthur Khanov

      hackerdom team

      Arthur has a lot of academic interests. During his postgraduate studies in Saint-Petersburg State University he created a fast disassembler for ARM codes, a neural network on chip, a virtual machine for operating with attribute trees and an operating system for testing algorithm.

      He took part in a number of CTFs as a member of HackerDom team both as a player and as a service developer.

      Linkedin

      Andrey Khozov

      hackerdom team

      Andrey is co-founder and Chief Technology Officer at RYDLAB IT company since 2012. He has Master’s degree in Mathematics in Computer Science at Ural State University. He also had been teaching programming at the same university for five years. He had been developing services and checksystem for RuCTF and RuCTFE for ten years, moreover, he was one of techleads of the developers team.

      Github Linkedin

      Dmitrii Simonov

      hackerdom team

      Dmitrii works as a software developer at Yandex company and at Regional Education and Science Center “Intellectual systems and Information security” of Institute of Mathematics and Computer Sciences, so he has massive experience in both programming and information security.

      He also teaches operation systems at the Ural State University.

      He has a lot of experience not only in developing services for our CTFs, but also in network administration, assembling and administration of vulnerable images.

      Github Linkedin

      Artem Zinenko

      hackerdom team

      Artem works as a senior research developer at Kaspersky Lab, in an Industrial Systems Emergency Response team. He has reported a lot of vulnerabilities to well-known instruments including but not limited to: TeamCity, Octopus Deploy, Mosquitto. He also contributes to some open-source projects, for example: chronograf, kapacitor, ansible.

      Artem has a huge enterprise experience – he worked as a team lead in two high-performance projects: a search engine system and EDS issuing center.

      Github Linkedin

      Roman Bykov

      hackerdom team

      Roman works as a Software engineer at SKB Kontur. His work is connected with system reliability and failure incident investigation. He had been developing services for RuCTF and RuCTFE since 2016 and as early as in 2017 he managed to become a team lead of developers team.

      Github Linkedin

      Ingmar Steen

      hitb.nl / CONTEST coordinator

      Ingmar is a software developer turned security consultant, turned back to software developer to ensure best practices get introduced at an early stage in the development cycle.

      Besides doing paid-for work, he is also an enthusiastic creator and contributor to several open source projects. Before entering the security industry professionally, he participated as a team player in various CTFs.

      He is also a member of the HITB.nl Capture the Flag main organizing team authoring challenges and building the infrastructure to run the challenges on. He is the lead coordinator for the PRO CTF contest at HITB CyberWeek.

      Twitter Github Linkedin

      CTF VIZUALIZATION TEAM

      GENERAL ARCADE

      Andrei Topilin

      Project Manager

      He has 10 year experience as network engineer. Andrei worked as a senior software engineer and team lead on projects for the biggest network equipment manufacturers and telecommunication companies.
      For the last two year, Andrei works as project manager for General Arcade.

      Anton Savinov

      Art Direction, Concept Art, UI Design

      Co-founder, art director and game designer of General Arcade. Has a Master’s degree in Architecture at SSTU and ten years of experience as an illustrator, graphic designer and comic book artist. Worked on projects for Unity Technologies, 3D Realms, Devolver Digital, From Software and many others.

      Stanislav Vlasko

      Gameplay Programmer

      He has bachelor’s degree in Applied Math and Informatics of Saratov State University. He took part in ACM ICPC competitions. With this algorithmic and math background Stanislav became experienced data scientist. Three years, he worked as software engineer at “Otkritie” bank (one of the biggest banks of Russia) and next two year at General Arcade.

      Georgy Reshetnikov

      System Engineer

      A newcomer in General Arcade, Georgy worked in a company, specialized in flaw detection.  As a software engineer with experience for about 9 years, he participated in the development of products, which are now used in gas and oil companies in the different countries.  His main area of expertise is a data analysis and signal processing.

      Alexander Novikov

      Backend Engineer

      He has a bachelor’s degree in Robotics of Saratov State Technical University.
      Alexander worked as an embedded software engineer on projects for avionics and EV manufacturers. For the last year, he works at General Arcade.

      Lead Organizer

      HackerDom

      HackerDom appeared in 2005 at the Faculty of Mathematics and Mechanics of Ural State University. Our main interests is studying of information security, participating in Capture the Flag competitions and organizing our own competitions. Besides RuCTF, we’re making international online Attack/Defence challenge RuCTFE and task-based CTF for newbies QCTF.

      Co-Organizer

      HITB

      Visualization System & Support

      General Arcade

      General Arcade is a porting house and co-development studio with offices in Russia and Singapore. General Arcade was involved in development of following titles and IPs: Metal Wolf Chaos XD, Duke Nukem 3D, Dragons Dogma, Shadow Warrior, Tooth and Tail, Tacoma, Hotline Miami 2, Gone Home, Luftrausers, Project Zomboid, etc.
      Facebook Twitter Linkedin Youtube

      https://cyberweek.ae