Fri, 10 April 2015, 15:00 UTC — Sat, 11 April 2015, 00:00 UTC 


UCSB iCTF event.

Format: Attack-Defense Attack-Defense

Official URL:

Rating weight: 42.00 

Event organizers 

no logo


88 teams total

PlaceTeamCTF pointsRating points
1 !SpamAndHex 92.74484.000
2 Bushwhackers 89.44461.506
3 WE_0WN_Y0U 87.07353.432
4 FAUST 78.54346.069
5 FluxFingers 63.58537.195
6 More Smoked Leet Chicken 62.46835.289
7 CInsects 50.28428.771
8 H4x0rPsch0rr 38.61022.735
9 Hanoiati 31.77519.056
10 saarsec 28.58717.146
11 squareroots 24.95815.120
12 Hacknam Style 24.36014.532
13 SiBears 23.74213.983
14 CISSP Groupies 23.70313.734
15 C00KIESVENICE 22.18212.845
16 dcua 20.04911.704
17 vubar 17.79210.528
18 Noobs4Win 13.2598.338
19 WizardsOfDos 11.4387.390
20 disekt 11.2717.204
21 dsns 11.1417.045
22 iamaturtle 11.0386.908
23 1338-offbyone 10.8416.735
24 EPICLYONS 10.6606.577
25 IngloriousMonkeys 10.6186.488
26 AFiniteNumberOfMonkeys 10.3876.319
27 M.I.S.T 9.0895.672
28 blue-lotus 8.9995.575
29 WeAreScientists 8.9585.505
30 Delusions of Grandeur 8.9295.444
31 KHCZUULABS 7.8284.900
32 keva 7.2204.582
33 SYPER 6.0704.022
34 Batman's Kitchen 5.8003.862
35 Honeypot 5.1223.520
36 Ulm Security Sparrows 4.7713.327
37 pwndevils 4.7363.280
38 PeterPEN 4.7213.243
39 BUILDS 4.7013.206
40 heks 4.1902.948
41 Colonelx20 4.1262.893
42 PeakChaos 4.0542.836
43 in23canation 4.0512.811
44 AFTIUPMC 3.3112.454
45 WOLFPACK 3.3022.428
46 ufologists 2.8702.213
47 HTWG 2.7882.156
48 GeeksSpeak 2.6922.094
49 Hackademics 2.6142.041
50 NorseRg3 2.5762.007
51 SIGINT 2.1551.799
52 LearningByDoing 2.0401.731
53 anesec 1.8241.619
54 d4rkc0de 1.7351.564
55 xSTF 1.7191.542
56 STT 1.6181.483
57 M57 1.0681.221
58 7HxzZ 1.0521.200
59 Tasteless 0.7191.038
60 WhiteHat 0.5790.962
61 GMUCTF 0.5320.929
62 ituGM 0.4100.863
63 rentjong 0.3480.824
64 XORcists 0.2200.756
65 Linfield 0.2120.742
66 LovableSecurityCrackers 0.1950.725
67 Layer8 0.0820.664
68 faketeam 0.0000.000
69 Churchof0x41414141 0.0000.000
70 RavenSec 0.0000.000
71 CSWAT 0.0000.000
72 Plaid Parliament of Pwning 0.0000.000
73 WCSC 0.0000.000
74 bucsec 0.0000.000
75 LUCKERS 0.0000.000
76 MLP 0.0000.000
77 RPISEC 0.0000.000
78 7U53c 0.0000.000
79 REDACTED 0.0000.000
80 Gallopsled 0.0000.000
81 ChrisSheep 0.0000.000
82 SDSLabs 0.0000.000
83 n00ber 0.0000.000
84 desteam 0.0000.000
85 49thSecurityDivision 0.0000.000
86 wildHatz 0.0000.000
87 OlinCyberDefenders 0.0000.000
88 ENOFLAG 0.0000.000
hjh4638 – April 9, 2015, 7:49 a.m.

How can I enter thecontest?

s1m0n – April 10, 2015, 3:30 p.m.

s0ngsari – April 10, 2015, 11:54 p.m.

how can i play the contest?

sqall – April 11, 2015, 7:19 a.m.

This was definitely the worst iCTF. Though I see the work the organizers have when hosting an attack/defense CTF and I appreciate it, this was just not a fair and fun competition.

First they just reused old services from older CTFs. This means the first 2-3 hours your team just spent googleing for write-ups and adjusting their exploits. Then the CTF had over 40 services. This is just too much for a 9 hour competition. Your team has certainly no chance to look at all services (unless you have a really large team). The reusing part was just the worst of all. This makes this CTF hardly a competition because older teams that played the CTF regularly have a huge advantage because they know the challenges, while new teams first have to read the write-ups and understand everything.

Though, they also had new services. I solved a new one and it was fun. And that is the reason I do not understand why they put up over 40 services ...

I would like to end this comment with a quote: ;)

KT. – April 11, 2015, 11:38 a.m.

@Andre: although we won this year, (and I am speaking in my name only, not in my team) you are absolutely right in many aspects. Usually we are playing in a very small team on CTFs, iCTF is our big 'only once a year' gathering, when we invite everyone who is interested in security to see what we do at CTFs. So now there were 30 of us, instead of the usual 2-3-4 ( I would be very, very mad for example if only two of us had to process (although the new faces were less effective than us, but their help clearly meant a lot).

On the other side I think we learned a lot and it was our best iCTF so far and not because we won, but because we had enough experience to deal with it. We can manage bigger team better than before, we can choose better strategy over the time. We were the first who successfully uploaded an exploit, because we spend 10 minutes smashing F5 and uploading the collected exploits from the internet (we almost forgot the echo exploit LOL). We did this because it gave us a lot of points of timeliness category. Later we switched to patching, then exploiting.

About exploiting and what I don't really like about attack / defense CTF (in spite of jeopardy): you can steal other team's exploits. It's clearly the best strategy. Much more effort to be the first who successfully exploit a service, than the second one. So we prepared a system which automatically splitted every service traffic and we just grepped for FLG, and copied the exploit payload. In some of the cases, we did not even know which language was the challenge written on. Of course we also exploited services which AFAIK nobody else did (talkun/talkserver and maybe yeesbutno), but it was negligible compared to a jeopardy CTF.

Every iCTF is totally different than the previous ones, but I think it's important that we have this special CTF which brings a large diversity into the CTF scene. In my opinion maybe iCTF changed over the time, but it is still much more better than some other shitty stego / misc jeopardy CTFs nowadays...

str – April 14, 2015, 10:19 p.m.

Although we didn't take part in UCSB iCTF (we somehow didn't notice the registration deadline) - I think that this CTF is an awesome reason, to finally start the discussion, how the rating weight is awarded to CTFs listed on

Let's check the definition - "weight is an subjective per-event value, depends on tasks and organization level, participated teams" (from

A subjective opinion has got one disadvantage - people like to ask "why". In the light of the events (it has been said that old challenges had been reused) I got a few questions.

"depends on tasks" - do you really think solving problems to which solutions had been already written-up deserves a lot of points? So what is your measurement of the challenges' quality? Copy-pasting solution is neither entertaining nor difficult.

"depends on organization level" - giving a CTF with reused challenges more points than others (who every single year put an effort to create new, challenging problems to solve) doesn't sound quite respectful for other Orgs, who had been spending a lot of time on preparing their own competitions. There are tons of CTFs here with smaller ranking-weight but which had unique challenges.

"depends on participated teams" - no teams from TOP6 took part in this CTF. Moreover, only 10 teams from TOP50 played it. Again - what is your measurement of the teams' quality, which increase the rating-weight of this CTF?

root – April 15, 2015, 7:18 a.m.

str str, I haven't answered to your private letter b/c think I should answer in public to clear the air:
1. You haven't participated in this event - what are we talking about?
2. CTF is a time, also a players time, so if people plaid this event (and mostly there were student teams) and got some experience from it - why can't this event have some weight?
You'd understand specific number 42 if you played this CTF, but you haven't.

3. Please, change the tone of the conversation - I don't owe you (or anybody other) anything and don't like the idea to be lectured by strangers for my decisions.
Feel free to join the discussion and propose more clear rating mechanics here:

str – April 16, 2015, 7:15 p.m.

OK, I'll be answering line by line (hope, you will fix the formatting issues, as new-lines probably won't be displayed).

Ad. "I haven't answered to your private letter b/c think I should answer in public to clear the air":
Nope - we were discussing about rating-weight via email. Then the idea to move that topic in public appeared. You asked about publishing the conversation, I proposed that I would write the shorter version of it - as people tend to read smaller blocks of text (and more people will read - more opinions appear). Funny fact - your comment, which you called "the answer to clear the air" doesn't contain a single answer to my questions :)

Ad. 1:
Yup, I didn't participate in this event. Neither you did. But I've read comments about this CTF here, on IRC and some other places. That's why I do have an opinion about it. So do you. The only difference here, is that our opinions are different. I've already listed you my reasons, why I think that the rating-weight in this case is too high. However, you are avoiding to present your reasoning.

Ad. 2:
Yeah, "CTF is a time", I would even say: every CTF is a time. So if it's the only factor of calculating the rating-weight, then every CTF should have the same weight.
To make it clear - I've never said, that rating-weight should be zero'd in this case. It just should be decreased to 10-20 points max.

Ad. "You'd understand specific number 42 if you played this CTF, but you haven't.":
No, I wouldn't understand your enigmatic number 42. Because, sometimes I even don't understand your rating-weight in the CTFs, which we played. That's the reason of my comment. I was wondering, how rating-weight works and I wanted to encourage people to start a public discussion about it. Yeah, I'm using past-tenses on purpose, I did care - now I don't (the reason in the next paragraph).

Ad. 3:
If you feel somehow offended - sorry, I didn't mean to insult you. Honestly, more offending is your clear disregard for my politely asked questions. Yup, you don't owe anyone, anything. The same - I don't owe you any explaination that attidiute like that will put the deadlock on every possibile conversation, on every possibile topic. I'd rather spend my energy on googling writeups for CTFs, which I missed, rather than trying to change the level of this discussion. EOT - unless you answer my above questions [hint: these ones that end with char "?"].


KT. – April 17, 2015, 10:41 a.m.

Just some thoughts:

- "giving a CTF with reused challenges more points than others" -> we counted at least 10 new challenges. There are no more challenges on other attack / defense CTFs. So the reused challenges were more like a plus than replacing the "real" challenges. The problem is that it worth more to solve old challenges than new challenges, so I think a lot of team haven't got to the new challenges and this was not fair.

- "do you really think solving problems to which solutions had been already written-up deserves a lot of points" -> solving a lot of them can be a challenge. Also writing an exploit from a writeup can be just as hard as finding an easier vulnerability and writing an exploit for that. So it was more like a lot of easier challenges. Also they are fixed some old vulnerabilities, so you had to find new vulns in the same challenge.

- "doesn't sound quite respectful for other Orgs, who had been spending a lot of time on preparing their own competitions" -> I think the iCTF organizer team worked at least if not more with this than other CTF organizers. I think you are comparing apples and oranges.

One question though: if they would not reuse the old challenges, only used the new ones would you give more or less points for the CTF? (Pro: it would be more fair to new team and team with less people; con: maybe it would be more easy with less tasks?)