Capture The Flag

26-27 October 2013, CQ Function Centre, Melbourne, Australia

Date Saturday 26 October
Time 1:00 PM
Location Bar Room

How to Play

Welcome to Ruxcon Capture the Flag a hacking game where you can test your skills, compete against other players, and win great prizes.

The game is made up of a series of levels which can be played at your own leisure, with level difficulty ranging from easy to moderate.

CTF will launch at 1:00PM on Saturday in the bar and finish up at 3:00PM on Sunday.

You can register as team or hit the trail as a lone wolf. The CTF registration site is available on the CTF Network at Ruxcon. Please check the Ruxcon handbook for more details on how to register.

What’s In Store For CTF Players?

Ruxcon CTF is designed to accommodate all levels of skill and experience, but more importantly, the CTF is a fun challenge which anyone can play and it doesn’t require a whole lot of commitment. So if you’re not the competitive type, and you’re just a little bit curious, please register and have a bit of a poke around. We will provide solutions for all levels once the competition is over.

Some of the challenges you can expect to come across include:

  • Client-Side Ownage
  • SQL Injection
  • Dotslash Technique
  • Reverse Engineering and Binary Analysis
  • Basic Exploit Development
  • Basic Forensics
  • Unix Insecurities
  • Network Attacks
  • Logic Bugs
  • Ascii Jump!

Challenges, Levels, and Tokens

You will tackle a series of challenges of varying difficulty and the challenges can be played in any order. Each challenge contains a token which you will receive on completion (or you might be lucky to stumble across some). You will need to submit the token to the CTF Scoreboard in order collect points and increase your over-all ranking. Each challenge is worth the same amount of points, however, the point value is divided by the number of players that have already solved the challenge.

A level consists of a series of related and ordered challenges. You will receive bonus points for solving a level in the correct order. However, it is also possible to skip challenges within a level, you will just miss out on the level complete bonus points.

The player or team with the most points at the end of the competition will be declared the winner.

Watch

During the competition we will have a live scoreboard located in the bar area, or you can view via it at http://scoreboard.ctf. The scoreboard displays some real-time action of our players attempting to complete challenges courtesy of some sneaky terminal sniffing we have set up on the competition servers.

We’ve also set up a Ruxcon CTF Twitter bot @RuxconCTF so you can follow the competition at home or on the move.

Software

There are no software requirements but if you have never played a CTF before then installing Backtrack and Metasploit will be enough to get you started.

We have archived a local copy of Metasploit and Backtrack available on the CTF Network.

Supported by:

exploit-exercises.com