Новости The SiBCTF 2011 finals. The game rules

, 10 September 2011

The game process

The rules of SiBCTF'11 Finals are similar to classical CTF rules (DEF CON CTF, Da0p3n, RuCTF(E)). However, there is a number of things that are different.

Each of participating teams has its own subnet, and one vulnbox with running services. There is a jury system that regularly stores and retrieves flags in these services, and there are vulnerabilities in services that can be used to steal flags from other teams' vulnboxes.

However, the firewall between team subnets _drops all incoming connection attempts to the services_ most of the time. To access (and attack) service S on team B vulnbox, team A can make an “attack request” to the jury system. The team B then has 1 minute to accept this request or to reject it. Not responding to the request equals to rejecting it. If the team B rejects a request to the same service N times in a row (N is a number of participating teams), it will be forced to accept the next attack request to this service. Furthermore, if the team A has advisory points, it can spend them to make a request that cannot be rejected.

When attack request is accepted by the team B, the central firewall allows incoming connections from the A subnet to the corresponding port on vulnbox B for 10 minutes. Now the team A can perform an attack against service S. At the same time check scripts are run against S. They check state of the service S on the B team's vulnbox and stores fresh flags. The aim of the team A is to steal at least one fresh flag (fresh means that it was stored during this round) from the service S and post it to the jury checksystem. When 10 minutes are over, the central firewall blocks all incoming connections to S again.

How the scores are calculated

There are only two kinds of points: regular points and advisory points. Team with the largest amount of regular points wins. Advisory points are received for posting advisories © K.O. They can be used to make “non-rejectable attack requests”, but they do not affect the team ranking.

Assume the team B has accepted an attack request from the team A. If the team A steals at least one fresh flag during this round, it gets N points (N is still the number of participating teams). If A doesn't manage to steal a fresh flag and the attack request was not a “non-rejectable”, the team B gets (N K) points (K is the number of rejects after the previous defense round). If the round was initiated by “non-rejectable request”, the team B doesn't get points. In both cases, however, the team B loses K + 1 points if the service is down or works incorrectly.

Teams are provided with web interface for making attack requests and responses.