INS'HACK 2019


TL;DR

Classic Jeopardy style CTF, from 02 May to 05 May 2019.


What? When? Where? Who? How?

Welcome stranger! Don't worry, we have an answer for each of your questions.

What?

A classic Jeopardy style CTF (aka Capture The Flag).

When?

On site & Online
There will be a different scoreboard for on site and online players. Moreover there will be free drinks/food on site! So come along ;)

Where?

On site : @INSA Lyon, département informatique (computer science building).
Online : On this website.

Who?

This CTF is brought you by InSecurity, a student society from INSA Lyon (France).

If you have any question feel free to contact us.

How?

With a computer and an internet connection. And a brain!


Rules

  1. It will be a Jeopardy-style CTF.
  2. Players may never:
      - flood or spam the Telegram chatroom.
      - destroy flags or prevent other players from accessing them.
      - attack other players.
      - share or trade solutions, hints, or flags to any challenges during the CTF with players from other teams.
    Note that any infraction to the previous rules may result to disqualification.
  3. There will be on-site-only challenges. These challenges will not award CTF points.
  4. Any degradation of service may result in disqualification, please do not use automated tools as dirbuster or sqlmap which would increase the network traffic. Note that we might have some mitigation against those tools.
  5. Players are awarded points by capturing flags. These flags must be entered into the respective locations. If a flag is correct, points will be awarded automatically by the system. If you have captured a flag and the system is not accepting your answer, please notify us via Telegram. Note that because of web caching, you might not see your points right away, please be patient.
  6. Bugbounty points will be given to any team finding a security bug in the infrastructure as long as the team did not disrupt the challenge and immediately reported it to an admin with full details. The number of points (if any) given to the team will be entirely decided by the admins (based on the bug impact and the team's actions regarding this bug).
  7. Players should remain respectful to all other CTF players in the chatroom. A warning will be given if an admin deems a player’s behavior in the chatroom to be inappropriate. If the player’s inappropriate behavior persists after the warning, the player will be banned and disqualified from the competition.
  8. CTF admins and challenges writers will not play in the CTF. They are only allowed to provide support.
  9. Flag format is INSA{...}
  10. The number of points given for a solved challenge is dynamic. If the challenge is flagged a lot of times its number of points will decrease (in a linear fashion).
  11. Challenges and writeups will be released at the end of the CTF as a Github repository. Yet we encourage you to publish your own writeups. It's always interesting to see several ways to reach a flag.

Contact

We will be on Telegram during the whole CTF, please join in: Here!
Otherwise you can reach us here: contact@insecurity-insa.fr