Others solutions soon available
THIS CONTEST IS AN OPPORTUNITY FOR YOU TO SHOW YOUR SKILLS. THE CLOSED ENVIRONMENT PROVIDED FOR THIS CONTEST IS DEDICATED FOR THIS EVENT. A RESTRICTED AND MONITORED INTERNET ACCESS WILL BE PROVIDED FOR YOU TO PERFORM SEARCHES, TOOLS UPDATES AND TO DO WHATEVER YOU’LL NEED TO PLAY THE GAME. HOWEVER, NO ATTACKS TOWARDS TARGETS OUTSIDE OF THE TARGET NETWORK WILL BE TOLERATED. THE RULES MUST BE FOLLOWED AT ALL TIME AND ANYONE VIOLATING THESE RULES WILL BE KICKED OUT OF THE CONTEST.
WE STRONGLY DISCOURAGE ANY ILLEGAL ACTIVITIES AT ALL TIME AND RECOMMEND THAT YOU SHOULD ALWAYS GET PERMISSION BEFORE SCANNING, PROBING OR ATTACKING ANY DEVICE OR NETWORK.
THE HACKING CONTEST
- It’s a good idea to team up as you will have the possibility to play on three different tracks at the same time which are:
- Capture the Flag
- Web Applications
- When you find a flag, you must record it on the score board.
Please go to the subscription page and follow the instructions.
B07 | \ | 37
In this track, the participants will have to perform the analysis of a botnet specially designed for the Hackfest. Participants will have to analyze things like behaviour, network traffic, binary, etc.. in order to understand the botnet and identify the weaknesses and vulnerabilities in it’s command-and-control (C & C) infrastructure. The event is divided into ten levels that require different approaches.
\ / \ / 3B 4PPL1 (4710 | \ | $
A corporate Web site is available with some advanced features. The website represents the reality as much as possible. The teams will have to exploit the vulnerabilities to the find the hidden flags.
(4P7Ur3 7 | - | 3 PhL49 (CtF)
This track is a traditional Capture the Flag (CtF). The participants have to find the different target systems in the CtF target network, break into those systems and find the flags (CtFflag1.txt, CtFflag2.txt, CtFflag3.txt, etc...). And who knows, there “might” be some bonusflag(s) hidden on some systems…
All flags are located in the top of the directory structure (C:\ for Windows and in “/” for *NIX like OS)
THE ATTACKING NETWORK (Participants)
- The IP adresses range of the attacking network will be provided to just before the contest.
- We will assign you a subnet. Do not pick one up yourself.
- ANYONE VIOLATING THESE RULES WILL BE KICKED OUT OF THE CONTEST IMMEDIATELY AND WITHOUT APPEAL.
THE TARGET NETWORK (Servers and applications to be attacked)
- The target network for the Capture the Flag track
- The target network for the Web Applications track
- The target network for the Botnet track
YOU ARE NOT ALLOWED TO ATTACK UNTIL YOU GET THE PERMISSION TO DO SO. BE ADVISED THAT THE NETWORK WILL BE MONITORED AT ALL TIME.
- Until you’re being given the permission to do so, you are not allowed to scan, probe or attack any machine.
- The only traffic that will be allowed before the beginning of the contest will be clean ICMP echo requests to an IP address that will be provided to you just before the beginning of the contest to make sure you have proper connectivity with the target network.
- You are only allowed to attack machines on the target networks.
- NO Denial of Service attacks are allowed on any systems. By doing so, you wouldn’t really be demonstrating any skills, and would alter the contest environment.
- NO ARP-cache-poisoning attacks are allowed on any systems.
- You are not allowed to delete, modify or plant any bogus flags.
- Installing Rootkits on target machines is STRICTLY PROHIBITED.
- ATTACKING ANY OTHER EQUIPMENT THAN THE TARGET MACHINES SUCH AS THE NETWORKING, THE MONITORING, THE SCOREBOARD OR THE SECURITY INFRASTRUCTURE IS STRICTLY PROHIBITED.
- ANYONE VIOLATING ANY OF THESE RULES WILL BE KICKED OUT OF THE CONTEST IMMEDIATELY AND WITHOUT APPEAL.
Each standard flag gives one point. Some flags that represent a significant degree of difficulty will have a greater value. The flags that will be obtained by assembling multiple parts, will give one point by part that compose it.
Each flag has a multiplication factor.
The first factor of multiplication is based on the speed of the flags discovery. The first team to find a flag will have there point multiplied by 5, the second by 3 and no multiplication will be granted to the others.
The second factor is based on the speed of execution. All the flags found in the first 30 minutes will multiplied by 10, the flags found in the second 30 minutes will be multiplied by 5, the flags found in the third 30 minutes will be multiplied by 3. No point multiplication for speed execution will be granted after that period.
HAVE FUN AND SHOW THE WORLD WHAT YOU’RE MADE OF !!!
During the night from 6pm to midnight there will be a lockpicking contest and demo.
- No subscribtion required
- No Tool required
- Just look and try ;)