CTF WMD: WAR OF THE WORLD
Congratulations to the winners of #HITB2013KUL Capture the Flag War of the World!!!
3rd Place (Two teams tied with the same points)
Team Postronic Quadrant
A BIT OF HISTORY
In our previous CTF (Fallout Apocalypse), each team had a set of daemons (called the Reactor Cores, or RC) running on their machines. Every solved RC granted the solving team with a Weaponized SCADA Exploit (WSE) that can be used to damage rival team
’s RC. Teams could also bid for exploits of certain RC on the Black Market using the currency LeetCash (LC). Each team started with an equal amount of LC and they generated LC by keeping their RCs up and running.
Sponsored again by Trustwave Spiderlabs, CTF WMD: War of the World (referred to as WMD:WotW) will see teams given a ‘country’ which they’re required to protect their daemons represented by Government Centers (GC), Finance Centers (FC), and Business Centers (BC). They are also required to launch attacks against rival teams’ countries. Teams will also be given side challenges (from categories such as forensic, reversing, network analysis (pcap), steganography and cryptography) that can be accessed by solving daemons. Nukes that are capable of completely destroying a rival team’s daemon can be unlocked by solving bonus challenges.
Each team will start the game with an equal amount of HP. The HP can be regenerated back to 100% by keeping their GC daemons up and running. Teams will also have FC and BC daemons that generate cash. Cash generated can be used to buy shields and to repair any damaged daemons. Cash can also be earned by solving daemons and challenges. Firepower is required in dealing damage to a rival team’s HP.
By solving a daemon, a team will be granted cash and access to challenges. Teams will have to use firepower obtained from solving challenges to attack rival teams. Each challenge has its own level relative to the level of the daemon (E.g.: daemon 1 unlocks challenge 1 and so on). Damage dealt by firepower will be determined by the levels of challenges solved, such that:
Challenge for daemon 1 = firepower level 1
Challenge for daemon 2 = firepower level 2 and so on
Also, each team will be given a bonus challenge that can only be solved once. Solving a bonus challenge grants nuke that can be used to cause “total loss” to a particular daemon. A daemon that is in the state of “total loss” must be rebuilt instead of the regular repair. Once a GC daemon has been attacked, it will stop generating HP and must be fixed for it to function again. If a team’s HP reaches zero (0), the team will be automatically eliminated from the game (how can one country fight if its government has fallen?). For defensive measures, teams can use shields to reduce the impact of firepower, except for nuke, which always causes “total loss” to a particular daemon.
At the end of the competition, the team with highest HP will be the winner of the war. In case of two different teams having the same HP amount, whoever sustained the HP value the longest till the end of the game will be the winner. Hence, teams must keep their GC daemons up and running at all times. The CTF network will be isolated from the rest of the conference network, and we will NOT provide Internet on the CTF network. However, you are free to use the HITB conference wireless network.
If you are confused or unsure about the format of this CTF, don’t fret! We’ve prepared a handbook that will clarify how the game works, how scoring is done and what is needed to win. You can obtain a copy from the link below:
WHAT TO BRING
- A network switch
- Network cables
- Extra power sockets.
The game will run for 16 hours NON STOP over the 2 days of the conference. Each team is limited to a maximum of 3 people and at the end there can only be the top 3 winners.
We try hard to keep the competition as free and exciting as possible; however we do require teams to adhere to simple rules such as:
Show up on time or you’ll miss the briefing
No off-the-shelf automated scanning tools such as Nessus, OpenVAS etc. It’s useless and we’ll kick you out for being lame
No flooding and / or DoS attacks.
No ARP spoofing.
No physical attacks against other players.
All participants must obey to PIT STOP calls. PIT STOP calls are rest intervals where all the players must leave the CTF area to facilitate for the CTF Crew to perform maintenance work.
Teams who don’t adhere to the rules will be penalized or disqualified from the competition.
PRIZES & RECOGNITION OF YOUR MAD SKILLZ
CTF prizes sponsored by Milton Security Group
1st Place – USD2000
2nd Place – USD1000
3rd Place – USD500
HOW DO I REGISTER?
To register for War of the World, please send an email to firstname.lastname@example.org with the following details. Do note that registration closes on the 25th of September 2013.
- Team Name + Country of origin
- Team Leaders Name / Handle + Email Address
- Team Members Names / Handle + Email Addresses
- Dystopian Knights (SINGAPORE)
- Methodology (SINGAPORE)
- Postronic Quadrant (MALAYSIA)
- Rentjong (INDONESIA)
- Belalang Tempur (INDONESIA)
- ITQ (NETHERLANDS)
- WTF (VIETNAM)
- Kazusa (JAPAN)
- Ryou Inc. (SOUTH KOREA)
- dynobot (VIETNAM)
At all times, the decision of the CtF Organizing Team is final on any matter in question.