CAPTURE THE FLAG (CTF)

Capture the Flag (CTF) is a cyber-security challenge and mind sport in which the competitors must exploit or defend a vulnerability in a system or application, or gain or prevent access to a computer system.

CTF contests are usually designed to serve as an educational exercise to give participants experience in securing a machine, as well as conducting and reacting to the sort of attacks found in the real world (i.e., bug bounty programs in professional settings).

Reverse-engineering, network sniffing, protocol analysis, system administration, programming, and cryptanalysis are all skills which are generally required.

In an attack/defense style competition, each team is given a machine (or a small network) to defend on an isolated network.


PLOT

   As he lay dying from his stab wound, the Manager grabbed a piece of paper and scribbled down the only clue he could think of, at that time, a series of numbers………

   Mr. Peterson, the Manager of Finance department, has been murdered with absolutely no traces or clues. From the crime scene, detectives were able to recover a corrupted pen drive along with a piece of paper containing a series of random numbers and a timer stating 8 hours. Further investigation led to the revelation of a huge financial scam wherein huge sums of money was being embezzled.

   The IP address was traced back to the server present on the campus of xyz University. Now, in a frantic race against time, the investigators must crack the server in order to retrieve the account information. Because once the timer runs out, all information will be lost!

This is a call for help to all the Hackers’ out there!! Join us on the journey of unravelling the mysterious death of Mr. Peterson and be a part of the CTF challenge!



RULES:

  •  Do NOT try to use Brute Force on the flag submission system because the flags are not possible to guess;
  •  Do NOT share recent discoveries related to challenges publicly on IRC channels, nor in any other way with contestants of other teams;
  •  All players, regardless of bracket or intention to qualify for Finals, must compete under only 1 team name; playing for multiple teams, including sub teams or alias teams, is not permitted and will result in team disqualification.
  • Automatic vulnerability scanners such as SQLmap are prohibited.
  • Flags should be submitted as they are found rather than hoarding flags and submitting them all at once. Teams that submit flags in quick succession may be asked to provide write-ups.
  • Should not carry out any attacks on the CTF infrastructure.
  • No DoS, DdoS, bruteforcing, automated scans or generating any large amount of traffic by any other means on any challenges and other contest infrastructure. It is not permitted and is never intended in any question.
  • No collaboration between different teams and flag sharing is not allowed.
  • Participants are NOT allowed to publish solutions during the course of game (blog, GitHub, YouTube, etc)
  • Any participants found violating the above rules will be disqualified from the contest
  • Strictly usage OpenSource tools are allowed

    By participating in the contest, you agree that you have read the above rules and fully agree to adhere to them.