THE RULES /

First of all, the aim of this challenge is not to find out the best team. We sincerely believe that true professionals are incomparable. The main goal of RuCTFE is to share experience and knowledge in computer security, and to have some fun together. Nevertheless, the luckiest team will become a winner.

It is difficult to give a complete set of rules for a CTF challenge, so these rules can change at any moment before the challenge starts. Be sure to check with this page once again. Just in case :)

DEFINITIONS /

TEAM /

A group of people with a captain.

SERVICE /

A vulnerable application written for the challenge.

FLAG /

A string that matches regex: /^\w{31}=$/.

GAME ROUND /

A period of time for checksystem to check and score all the teams. It usually takes about 2 minutes.

ORGANIZERS /

A group of people that run the whole competition. Organizers do their best to provide quality and fun to all participants. Still organizers are to penalize/disqualify teams for rules violation and to solve the critical situations not described in these rules. Teams should be prepared to meet such decisions with understanding. Also organizers do determine the winner. In general, this decision is based on the scoreboard.

TEAMS ARE ALLOWED TO /

  • Do whatever they want within their network segment. Most likely the team would like to patch vulnerabilities in their services or block exploitation of vulnerabilities;
  • Attack other teams. Didn't expect that, huh?

TEAMS ARE PROHIBITED TO /

  • Filter out other teams' traffic;
  • Generate large amount of traffic that poses a threat to network stability of organizers' facilities;
  • Generate large amount of traffic that poses a threat to network stability of any other team;
  • Attack teams outside of the VPN;
  • Attack the game infrastructure facilities operated by organizers.

GAME STRUCTURE /

The competition begins when the organizers announce vulnerable image decryption key. Since then the whole game time is divided into two periods:

  1. For the first hour network segments are closed, and teams should concentrate on initial vulnbox administration and vulnerabilities analysis.
  2. For the next 8 hours network segments are opened.

SCORING SYSTEM /

Key params in scoring system are SLA and FlagPoints. Their values are individual for each service of each team. Team's score is calculated as the sum of the products of the corresponding SLA and FlagPoints of all team's services.

SLA(team, service) is the percentage of the game time, during which that service of that team was in the UP state. E.g. if the service was always UP, SLA would be 1. If 4 hours passed from the game start and the service was up only during the first hour and then was not UP for the rest 3 hours, SLA would be 0.25. At the beginning all teams have SLA equal to 1.

FlagPoints(team, service) is a non-negative number, which correlates with the team's 'understanding' of that service. If the team can exploit service's vulns to get flags and has fixed those vulns in its own service, its FlagPoints will increase during the game. On the other hand if the team can't exploit service vulns and doesn't bother itself with fixing them, its FlagPoints will rapidly approach zero while its service is being exploited by other teams. If the team can only fix vulns but not exploit them, its FlagPoints will not change. At the beginning all teams have equal FlagPoints. During all game the sum of FlagPoints of all teams for each service is constant.

Flag's price is the number of FlagPoints got by attackers for stealing the flag from the victim. It is equal to the number of all playing teams.
Flag's lifetime is the amount of time during which the flag should be available in the service for checksystem. Teams should steal the flag and post it to checksystem until it is expired.

Flag scores only if the attacking team has this service in the UP state at the moment of posting this stolen flag to the checksystem.

FlagPoints(team, service) of the victim decreases by the flag's price for each flag stolen (and successfully posted to the checksystem) from this service of this team until it reaches zero.

FlagPoints(team, service) of the attacker increases by the flag's price for each flag stolen (and successfully posted to checksystem) from this service of another team if that team has non-zero FlagPoints for this service. If the same flag is posted by several teams, each of them receives an equal portion of the flag's price.

FlagPoints score at the moment of each flag's expiration.

Luckily all this complex text can be expressed in pseudocode:

def on_game_start(team):
    team.sla = [1] * number_of_services
    team.flagpoints = [BAZILLION] * number_of_services

def on_flag_post(attacker, flag):
    if attacker.service_states[flag.service] == 'UP':
        flag.attackers.append(attacker)

def on_flag_end_of_life(flag):
    team = flag.owner
    service = flag.service
    if team.flagpoints[service] == 0:
        return
    flag_score = min(number_of_teams, team.flagpoints[service])
    team.flagpoints[service] -= flag_score
    flag_score /= len(flag.attackers)
    for attacker in flag.attackers:
        attacker.flagpoints[service] += flag_score

def get_score(team):
    return sum(map(lambda x: x[0] * x[1], zip(team.sla, team.flagpoints)))
    

SCOREBOARD /

During the game, scoreboard will be available at http://monitor.e.ructf.org/

Teams are ranged by total score.

Apart from FlagPoints, SLA and total score, scoreboard shows statuses of each service. Statuses are as following:

  • OK — means that service is online, serves the requests, stores and returns flags and behaves as expected.
  • MUMBLE — means that service is online, but behaves not as expected, e.g. if HTTP server listens the port, but doesn't respond on request.
  • CORRUPT — means that service is online, but past flags cannot be retrieved.
  • DOWN — means that service is offline.

Before the game and during the game, network checks are available at http://vpn.e.ructf.org/