RuCTF [english]

RuCTF_En @ telegram, 113 members, 288 posts since 2017

RuCTF is annual open intercollegiate competition and conference on information security.

Feel free to ask any questions @ktwzk or on email info@ructf.org

Версия на русском: @RuCTF

RuCTF_En (вик ктвцк), November 23, 19:13

Forwarded from RuCTFE:

RuCTFE 2019 is over! Thank you for a good game!

Forwarded from RuCTFE:

Please, rate us at CTFTime and leave feedback

RuCTF_En (Вик Ктвцк), November 10, 11:55

Forwarded from RuCTFE:

Time to remind you of a couple of important things!

This year we again have RuCTFE Cloud, here is a short FAQ about it: ructfe.org/cloud-faq/

It is really good way for novice teams to start rocking at attack/defence. Pros can also use it, because it’s handy!

And tomorrow will begin @ZeroNights 2019!

ZeroNights is an annual international conference devoted to the practical aspects of cybersecurity. The aim of the conference is to spread information about new attack methods and defenses, as well as to create space for communication.

BAY, our Cloud creator and admin, can’t go to ZN this year, but he said, that the program is cool, most of all he likes "Principles in software testing and some bugs that others did not notice", "A Monkey in the Sandbox: Exploiting Firefox Through IonMonkey JIT and Kernel Sandbox Escapes", "Opwnsource: VNC vulnerability research".

So if you’re on the Saint Petersburg, come and buy tickets right now (or tomorrow at A2 club)! Also you can buy tickets to St. Petersbutg first, but hurry up 🙂

RuCTF_En (Вик Ктвцк), November 05, 13:02

Sorry, not last year, but in 2017! But last year we had an apocalypse and another strange things with time, so this year had disappeared 😄

RuCTF_En (Вик Ктвцк), November 05, 11:58

Forwarded from RuCTFE:

Last year we had invited you to rule your own boat. So now it's time to go deeper! How about a submarine? The 23rd of November, 10:00UTC, Ocean of the Internet, VPN Sea

youtu.be/NNzA5twf3n4

Don't forget to register your warship! Registration is open now at RuCTFE.org/registration

RuCTFE 2019: registration is open!
In 2017 we had invited you to rule your own boat. So now it's time to go deeper! How about a submarine? The 23rd of November, 10UTC, Ocean of the Internet, V...

RuCTF_En (Юлия Славнова), July 03, 15:28

Hi:) Finally, we are ready to send you certificates, not even an eternity.

They are already on your mail.

If it not, fill out the form.

forms.gle/R632PA3HdjeSiJ7A6

If you want a physical version, then too, please fill out the form.

RuCTF_En (Vik Kotwizkiy), April 29, 09:36

github.com/HackerDom/ructf-2019

HackerDom/ructf-2019

RuCTF 2019. Developed with ♥ by Hackerdom team. Contribute to HackerDom/ructf-2019 development by creating an account on GitHub.


RuCTF_En (Юлия Славнова), April 29, 07:21

All the participants in the hall (almost my). Last point - rewarding.

RuCTF_En (Vik Kotwizkiy), April 28, 17:42

Quiz: myquiz.ru/p/028369

Part the only one


RuCTF_En (Юлия Славнова), April 28, 16:34

If you come to the “Dom Pechati”, and have forgotten, have not found how to get to the loft, follow this direction! (done so amateur, from heart, understand me and forgive)

RuCTF_En (Vik Kotwizkiy), April 28, 14:50

10 minutes till the end!

RuCTF_En (Vik Kotwizkiy), April 28, 14:22

WeatherD seems to become up. But we’re not sure

RuCTF_En (Vik Kotwizkiy), April 28, 14:14

What happens here?!

RuCTF_En (Vik Kotwizkiy), April 28, 14:08

RuCTF_En (Vik Kotwizkiy), April 28, 14:00

WeatherD will be down till the end. Your farms are too intensive 🙁

RuCTF_En (Vik Kotwizkiy), April 28, 13:02

geoapi was hacked by VoidHack

Congratulations!

RuCTF_En (Vik Kotwizkiy), April 28, 12:33

Sandbox hint

struct AddUnitStackFrame
{
sockaddr_in addr;
CommandHeader h;
CommandAddUnit cmd;
CommandAddUnitResponse response;
int sock;
size_t size;
};

fd = 3

RuCTF_En (Vik Kotwizkiy), April 28, 11:27

Oops, another first blood was 15 minutes ago. Saarsec hacked WeatherD

RuCTF_En (Vik Kotwizkiy), April 28, 10:11

First Blood on BrainHugger by Tower of Hanoi!

RuCTF_En (Vik Kotwizkiy), April 28, 10:01

Forwarded from RuCTF:

Index fix!

Forwarded from Alexey Dubrovin:

stability patch

replace index.dll and index.pdb in /home/index and restart service

Download index_fix.zip 0.02 MB

Link to fix for RuCTF Live page: yadi.sk/d/nOt_XY-DEl-Trg

replace index.dll and index.pdb in /home/index and restart service

index_fix.zip

View and download from Yandex.Disk


Hint
WeatherD:
weatherD (Rust):
POST: /create_source
body example:
{
'name': source_name,
'password': password,
'is_public': bool,
'landscape' : string,
'race' : string,
"population" : string
}

RESPONSE: token to subscribe on source with name source_name (see NotificationsAPI /subscribe)
(token is generated by NotificationsApi)



POST: /push_message
body example:
{
'name': source_name,
'password': password,
'message': message
}



NotificationsAPI:
GET /subscribe?source={sourceName}&token={token}

token from create_source method.

RESPONSE:
Protocol: SSE (Server-side-events)
messages from source with source_name

RuCTF_En (Vik Kotwizkiy), April 28, 09:34

We know about Index problems. Fixing.

RuCTF_En (Vik Kotwizkiy), April 28, 08:56

We’re not sure is this hint or fix, but

WeatherD:
NotificationsAPI has method:
GET /subscribe?source={sourceName}&token={token}

RuCTF_En (Юлия Славнова), April 28, 08:26

RedBull with us today! Come on, energy is not superfluous.

RuCTF_En (Vik Kotwizkiy), April 28, 08:01

Lunch time!

RuCTF_En (Юлия Славнова), April 28, 07:38

Comics are available! Follow the link: yadi.sk/i/BuEEkq6uJFBotw

Enjoy!

RuCTF_En (Vik Kotwizkiy), April 28, 06:11

Totally first first blood is by VoidHack on index!

VoidHack! Congratulations!

And SiBears got second firstblood

RuCTF_En (Vik Kotwizkiy), April 28, 06:02

Oldschool scoreboard: monitor.ructf.org/board

Two firstbloods:

1. Index service: by VoidHack or Lights Out (we will check it right now)

2. Beacon: by SiBears

(it was so fast, I’m shocked)

RuCTF_En (Vik Kotwizkiy), April 28, 05:57

Network will be opened in 3 minutes!

Let’s go!

monitor.ructf.org/

RuCTF_En (Vik Kotwizkiy), April 28, 05:49

Flag's lifetime is limited by 15 rounds

RuCTF_En (Vik Kotwizkiy), April 28, 05:42

During the game, scoreboard will be available at monitor.ructf.org/

You can submit your flags after 11:00:

1. to 10.10.10.10 TCP port 31337,

2. to 10.10.10.10/flags, here is an example: ructfe.org/http-flags/

RuCTFE 2019 > HTTP flags submitting system example

RuCTFE is an annual online international challenge in information security. It has been held 10 times already.


RuCTF_En (Vik Kotwizkiy), April 28, 05:32

If you want to get token for http flag submission system, please contact @ktwzk

older first