DCG 201 Online CTF — Decompetition v2.0 — February 11th-12th

Welcome to the Decompetition v2.0!

For over three years we have been planing running our own Wargames and CTF to help people develop their hacking skills. While progress is still being made (we plan to launch our own in Fall 2022), DCG 201 will also occasionally enter into various online CTF Tournaments to test our skills and to get a sample on how one is set up so we have a blueprint in creating our own.

On Friday, February 11th, 8:00 PM EST to Saturday, February 12th, 8:00 PM EST, we invite all DCG 201 Members, Attendees and Fans to use train a different part of their hacker brain by joining our Team to try the experimental Decompetition v2.0 CTF!

Website: https://decompetition.io/

CTF Time: https://ctftime.org/event/1550

Meet-Up: https://www.meetup.com/DEFCON201/events/283787825/

Anyone can enter by joining our group and entering our DISCORD Chat! Once in chat, select the #CTF channel and follow the instructions. This is how you will obtain the DC201 Team Username and Password Log-In. You are then ready to hack away!

DEFCON 201 Discord Link: https://discord.gg/PGgPNEF

CLIENT INTERFACES

Clear Net: https://discordapp.com/channels/@me

Windows: https://discordapp.com/api/download?platform=win

macOS: https://discordapp.com/api/download?platform=osx

Linux: https://snapcraft.io/discord

iOS: https://itunes.apple.com/us/app/discord-chat-for-games/id985746746

Android: https://play.google.com/store/apps/details?id=com.discord (We recommend using Auroa Store)

Join The DEFCON 201 CTF Time Group: https://ctftime.org/team/40304

Calling all reverse engineers! Test your reversing skills against the systems languages of the twenty-first century: C, C++, Go, Rust, and Swift. Given only a binary, can you recreate the original source code?

Your candidate source code will be compiled, and the resulting binary will be tested and disassembled. The majority of your score will come from the intersection over union of your disassembly versus the target disassembly. How close can you get to a perfect reconstruction?

The Details

Playing

Anyone with an internet connection and a web browser can play. Access to a reverse engineering program is recommended but not required.

This is a team competition. There’s no team size limit.

Scoring

Your candidate source code will be compiled, and the resulting binary will be tested and disassembled. Your score on any challenge is made up of:

  • 20% unit tests. Pass (hidden) test cases to get these points.
  • 60% binary diff. Match the target disassembly to get these points.
  • 20% perfect match. Bonus points for a perfect binary match.

The test case points and the binary diff points can be partial — you’ll get more and more points as you improve your source code — but the final 20% bonus for a perfect match is all-or-nothing.

Prizes

The top three teams will win themselves some Amazon gift cards. In the case of a tie, the team that achieved the high score first wins. All prizes are in USD:

  • $500 for first place.
  • $300 for second place.
  • $200 for third place.

Disclaimer

Decompetition is part of a research project on the process of reverse engineering. Our research is mainly exploratory:

  • We’re interested in following the full reversing process, to see how reversers work as they go from nothing to fully equivalent source code.
  • We’re interested to see how a fast compile-disassemble-diff feedback loop affects the ease and confidence of reversing.

We’ll record your source code submissions so we can follow the reversing process. So don’t upload any private information in your source. Not that you were going to do that, right?

RULES:

To ensure that all players have a safe and fun experience during this event, certain rules must be followed. Please follow the rules listed below. If you have any questions, please contact the staff in Discord or email us at info@cyberhacktics.com

  • Players MUST NOT attempt to hack or manipulate off-limits devices and resources. The following are considered off-limits and may not be attacked or exploited:
  • The scoring server (ctf.deadface.io)
  • Other players
  • Players MUST NOT:
  • manipulate or modify flags.
  • perform any denial of service (DoS) on any portion of the environment.
  • attack other players.
  • compete on more than one team.
  • share flags with another team.
  • share an account with another player.
  • Players MUST be respectful, courteous, professional, and display proper sportsmanship.

An attack is considered any activity which renders resources unavailable or disrupts other players’ ability to advance in the competition.

These rules exist to ensure a fair and enjoyable competition for all of our players. Players will receive a warning on their first infraction. Recurring infractions will result in the team’s disqualification. Mods can ban players from Discord at their discretion. If you have questions or concerns, you can contact us at info@cyberhacktics.com

Awards Eligibility

If you are a US-based team competing for one of the cash prizes, you MUST indicate your country as US on your profile. If you do not identify as a US-based team on your profile, we WILL NOT be able to guarantee that you’ll be awarded a cash prize for 1st, 2nd, or 3rd place.

flag{themz_the_ru1es}

Happy Hacking!

::END OF LINE::

--

--

--

North East New Jersey DEFCON Group Chapter. Dirty Jersey Represent! We meet at Sub Culture once a month to hack on technology projects! www.defcon201.org

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

PySpark — An Effective ETL Tool?

PySpark — An Effective ETL Tool?

RASCI 101: How To Move From Chaos To Order

Connect the EC2 instance to a domain

How to prepare for technical software engineer interviews

#include <iostream> using namespace std;

How The Internet Works

Docker Concepts -:

Why HashMix ICP Staking?

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
DCG 201

DCG 201

North East New Jersey DEFCON Group Chapter. Dirty Jersey Represent! We meet at Sub Culture once a month to hack on technology projects! www.defcon201.org

We Need To Know Session Hijacking

Mr. Robot (MEDIUM)— THM

How we discovered zero-day vulnerabilities in Riverbed Software Agent