Student CTF Rules
Student CTF is a Capture the Flag competition for students of St. Petersburg, organized by SPbCTF meetups crew and supported by St. Petersburg Committee for Science and Higher Education. Partners of this year's Student CTF are ITMO University, Rostelecom Solar and Digital Security.
Capture The Flag
CTFs are competitive hacking events: like ACM ICPC, but in computer security. Teams get a number of tasks or challenges about cryptography, binary reverse engineering, web vulnerabilities, network security, digital forensics, etc — all the topics that computer security engineers work with.
Each challenge has a goal, e.g. find a vulnerability and extract the administrator's password from website database. Upon solving the challenge, team gets a flag — some secret string like
To be successful in a CTF, you basically need to know computer systems good and deep.
More info about CTFs on CTFtime website.
Classically, the CTF will consist of two rounds.
Qualifying Round — Jeopardy CTF
Sunday, November 15th, 9:00–18:00 UTC, online
The quals will have two separate tracks:
The qualifying round will be a Jeopardy CTF. Teams will get 18 challenges in different areas of computer security, ranging from easy ones to interesting pieces.
The challenges are scored dynamically: the more Official teams have solved the challenge, the less it will be worth in the end.
Final Round — Attack-Defense CTF
Sunday, November 29th, 9:00–18:00 UTC, online
Top 10 teams in each Quals track are eligible to compete in Finals. Official teams and Free-to-play teams are playing on the same vulnbox images but in separate game networks.
The final round will be an Attack-Defense CTF. Teams will get identical servers with specially crafted vulnerable services. The contestants will look for vulnerabilities and exploit them to steal flags from opponents' boxes, at the same time defending against their attacks.
Official track finalists will be able to use a ready-to-use Attack-Defense setup:
A week prior to the finals Official teams will get access to a bootcamp infrastructure to get grasp of the game and tools.
Official track participants are awarded with:
It's frowned upon