|Location||Event Room 3|
How to Play
Assist JPanic on his crusade to cleanse the Internet or help Buo stop JPanic before it is too late! Welcome to Ruxcon Capture the Flag: Operation Sizzlechest, a hacking game where you can test your skills, compete against other players, and win some great prizes.
The CTF game is made up of a series of levels based on the scallywag behaviour of JPanic, and the heroics of our white-knight Buo. All the levels can be played at your own leisure and level difficulty ranges from easy to moderate.
You can register as team or hit the trail as a lone wolf. The CTF registration site will be available on the CTF Network at Ruxcon. See the handbook for more details on how to connect to the CTF network.
CTF will launch at 1:00PM on Saturday in the bar room and finish up at 3:00PM on Sunday. We will be taking the CTF competition with us to the Ruxcon Saturday night party so you can continue playing throughout the night and enjoy a bunch of free drinks while you're at it.
Players will tackle a series of levels of varying difficulty which can be played in any order. Each level contains a token which you will receive on completion (or you might be lucky to stumble across some during your journey). You’ll need to submit the token to the CTF Scoreboard in order collect points and increase your over-all ranking. Not all tokens are created equally, token value is based on the difficulty of the level.
Submit a token via http://opsizzlechest/submit
The player or team with the most points at the end of the competition will be declared the winner.
Ruxcon CTF has been designed to accommodate all levels of skill and experience, but most importantly the CTF has been designed as a fun challenge which anyone can play. So even if you’re not the competitive type and you’re just a bit curious, please register and have a bit of a poke around. We will provide solutions for all levels once the competition is over.
Some of the challenges you can expect to come across include:
- Client-Side Ownage
- SQL Injection
- Dotslash Technique
- Reverse Engineering and Binary Analysis
- Basic Exploit Development
- Basic Forensics
- Unix Insecurities
- Network Attacks
- Logic Bugs
- Ascii Jump!
During the competition we will have a live scoreboard located in the bar area, or you can view via it at http://scoreboard. The scoreboard displays some real-time action of our players attempting to complete challenges courtesy of some sneaky terminal sniffing we have set up on the competition servers.
We’ve also set up a Ruxcon CTF Twitter bot @RuxconCTF so you can follow the competition at home or on the move.
There are no software requirements but if you have never played a CTF before then installing Backtrack and Metasploit will be enough to get you started.
We have archived a local copy of Metasploit and Backtrack available on the CTF Network.
There’s no rules here. Rules, *no*. Robbo?
Robbo: No rules.
There are no rules! But some of the following dick-moves are discouraged:
- DoS'ing other competitors or servers
- Trashing servers and dropping tables
- Coaching - team collaboration is encouraged but external mentors need not be consulted
The following awesome guys help put together CTF: