Fri, 01 April 2016, 21:59 UTC — Sat, 02 April 2016, 21:59 UTC 

On-line

Nuit du Hack CTF Quals event.

Format: Jeopardy Jeopardy

Official URL: https://www.nuitduhack.com/

This event's weight is subject of public voting!

Future weight: 35.69 

Rating weight: 35.69 

Event organizers 


Not a joke! This year, the qualification round for "Nuit du Hack" private CTF will start on April 1 1159PM (CEST, UTC+0200) and will end on April 2 1159PM (CEST UTC+0200). Top 10 teams will be qualified for the final round held during the Nuit Du Hack in Paris July 2nd and 3rd.

About the qualification round, it will be jeopardy-style (crack and paste the flag) challenges, with a standard scoring system. Detailed rules and registration will be published 1 week before the challenge. Be ready to join us!

Prizes

Top 10 teams will qualify for the final round and get a set of 5 free tickets for the "Nuit du Hack" 2016 event (July 2nd and 3rd 2016).

Sysdream will offer the top 3 teams an additional set of 5 free tickets provided access to the "Hack In Paris" event, held in Paris from June 27 to July 1st (more information on the event's website).

Scoreboard

447 teams total

PlaceTeamCTF pointsRating points
1 Shellphish 3150.00071.380
2 Dragon Sector 2950.00051.269
3 Rdot.org 2950.00045.321
4 Tasteless 2900.00041.780
5 0ops 2800.00038.862
6 scryptos 2700.00036.540
7 StratumAuhuur 2700.00035.690
8 dcua 2650.00034.486
9 Samurai 2500.00032.291
10 Hexpresso 2500.00031.894
11 khack40 2500.00031.570
12 Fourchette Bombe 2500.00031.300
13 LC↯BC 2350.00029.371
14 Hacknam Style 2350.00029.175
15 int3pids 2350.00029.005
16 c00kies@venice 2350.00028.856
17 ASIS 2350.00028.725
18 Digital Beegiz 2300.00028.042
19 TokyoWesterns 2200.00026.805
20 ChocolateMakers 2200.00026.711
21 Bushwhackers 2100.00025.493
22 Antichat 2100.00025.416
23 ISITDTU 2050.00024.779
24 ShellThugs 2050.00024.714
25 MistouflOWN 2050.00024.654
26 Snatch The Root 2050.00024.600
27 sec0d 1900.00022.849
28 0daysober 1850.00022.235
29 p4 1800.00021.625
30 Bornova Merkez 1800.00021.584
31 Pwnium 1650.00019.846
32 0xbadf00d 1650.00019.810
33 CyKOR 1650.00019.776
34 DeliciousHorse 1650.00019.744
35 Zenk-Security 1650.00019.714
36 Spiderz 1600.00019.120
37 Plaid Parliament of Pwning 1550.00018.526
38 bitbitbit 1550.00018.501
39 Tower of Hanoi 1400.00016.777
40 217 1400.00016.754
41 HackXore 1400.00016.733
42 Lilac 1350.00016.145
43 squareroots 1350.00016.126
44 du1iqvw 1350.00016.107
45 .elite 1300.00015.522
46 KzUs 1300.00015.505
47 pony7 1300.00015.489
48 dodododo 1250.00014.906
49 Cyber Kitten Attack Squad 1250.00014.891
50 hxp 1250.00014.876
51 OldTeam 1250.00014.863
52 MonkeyFlagger 1250.00014.849
53 dipso 1250.00014.836
54 TKOX 1250.00014.824
55 w0pr 1200.00014.245
56 gentlemen 1150.00013.667
57 !SpamAndHex 1150.00013.656
58 BabyPhD 1150.00013.645
59 LSE 1150.00013.635
60 irGeeks 1150.00013.625
61 oneup 1150.00013.615
62 OpenToAll 1150.00013.605
63 Capture the Swag 1100.00013.030
64 CLGT 1050.00012.454
65 KITCTF 1050.00012.446
66 Raccoons 1050.00012.437
67 MV9rwGOf08 1050.00012.429
68 amn3s1a 1050.00012.422
69 LosFuzzys 1050.00012.414
70 [censored] 950.00011.274
71 9447 950.00011.266
72 REU 950.00011.259
73 DCI-ETS 950.00011.253
74 lumen 950.00011.246
75 /dev/randoge 950.00011.240
76 MSU-CTF 950.00011.233
77 takaki 950.00011.227
78 fullmetalfouad 950.00011.221
79 ****** 900.00010.649
80 noraneco 900.00010.643
81 QuokkaLight 900.00010.638
82 TeamTFH 900.00010.632
83 Insanity 850.00010.061
84 0xc0ffee 850.00010.056
85 WiNA is no acronym 850.00010.051
86 d0tslashpwn 850.00010.046
87 b01lers 850.00010.041
88 duks 800.0009.470
89 WeAreSecSy 800.0009.465
90 0x90r00t 800.0009.461
91 SIGINT 750.0008.890
92 Eaters 750.0008.886
93 Wiremask 750.0008.881
94 CSI 750.0008.877
95 Bono_iPad 750.0008.873
96 Shady Hats 750.0008.869
97 Le££e 750.0008.866
98 omakase 750.0008.862
99 RingZer0 Team 750.0008.858
100 SUSlo.PAS 700.0008.288
101 KrackUrM0M 700.0008.284
102 PKTeam 700.0008.281
103 brucel33t 700.0008.278
104 DjigIT 700.0008.274
105 zx 650.0007.705
106 Mammon Machine 650.0007.701
107 Vidar 650.0007.698
108 hackgyver 650.0007.695
109 Sw1ssFr13nds 650.0007.692
110 FAUST 650.0007.689
111 SiBears 650.0007.686
112 xil.se 650.0007.683
113 CTF-infinit 650.0007.680
114 Team IB 650.0007.678
115 Deepsea 650.0007.675
116 Retired - Fast Affine Projection 650.0007.672
117 SwissMadeSecurity 650.0007.670
118 cyberkastike 650.0007.667
119 Securimag 650.0007.665
120 RooterX 650.0007.662
121 curl | sudo bash 650.0007.660
122 Slug Security 650.0007.657
123 jeannedhack 600.0007.088
124 r00ts 600.0007.086
125 ALLES! 600.0007.084
126 osu.sec 550.0006.515
127 mage 550.0006.513
128 Honeypot 550.0006.510
129 d4rkc0de 550.0006.508
130 err0r-451 550.0006.506
131 6l0ry 550.0006.504
132 bi0s 550.0006.502
133 Owe 550.0006.500
134 NIS 550.0006.498
135 CorpOfHack 550.0006.496
136 ascii overflow 550.0006.494
137 Come To Fight 550.0006.492
138 JDIS 500.0005.924
139 fsim2015 500.0005.922
140 Invulnerable 500.0005.920
141 maf-ia 500.0005.918
142 Sandbox 500.0005.916
143 PunKeel 500.0005.915
144 smoke leet everyday 450.0005.346
145 HackingForSoju 450.0005.345
146 fd 450.0005.343
147 Delusions of Grandeur 450.0005.341
148 Asuwiel 450.0005.340
149 D3afMut3s 450.0005.338
150 HackKing 450.0005.337
151 Toxic Bandits 450.0005.335
152 mainro 450.0005.333
153 BrieflyX 450.0005.332
154 ia0 450.0005.330
155 PeakChaos 450.0005.329
156 xSTF 450.0005.327
157 ByteBandits 450.0005.326
158 covart 450.0005.324
159 Contagion 450.0005.323
160 m1z0r3 450.0005.322
161 nada8 450.0005.320
162 efiens 450.0005.319
163 Sunset 450.0005.318
164 blukat29 450.0005.316
165 p0wontnx 450.0005.315
166 pm-hibernate 450.0005.314
167 babou22 450.0005.312
168 OPT 450.0005.311
169 ECHO 450.0005.310
170 dqi 450.0005.309
171 BITSkrieg 450.0005.307
172 Magic Hat 450.0005.306
173 okudo3 450.0005.305
174 zzoru 450.0005.304
175 pie 450.0005.303
176 skyer 450.0005.301
177 BreakPoint 450.0005.300
178 InfoSecIITR 450.0005.299
179 marcs0h 450.0005.298
180 PandHack 450.0005.297
181 minhty123 450.0005.296
182 b1n4ry4rms 450.0005.295
183 sbs3 450.0005.294
184 M57 450.0005.293
185 Brutewoorse 450.0005.291
186 Dystopian Narwhals 450.0005.290
187 Koibasta 450.0005.289
188 c21h30o2 450.0005.288
189 RPISEC 450.0005.287
190 MojoMaster 450.0005.286
191 lintile 450.0005.285
192 b0tch_sec 450.0005.284
193 cafecomleite 450.0005.283
194 n0pstar 450.0005.283
195 InNameOfLulz 450.0005.282
196 TheGoonies 400.0004.714
197 SpartHackUs 400.0004.713
198 P_TE 400.0004.712
199 pavel 350.0004.145
200 Erio 350.0004.144
201 DATATECH 350.0004.143
202 vanhelsing 350.0004.142
203 0x8F 350.0004.141
204 CafardNahum 300.0003.574
205 ecto 300.0003.573
206 PeterPEN 300.0003.572
207 Teammi 250.0003.005
208 LesT4rt1nes 250.0003.004
209 cyrilbruder 250.0003.003
210 bakup 250.0003.002
211 nessie09 250.0003.002
212 giraffee 250.0003.001
213 2nit 200.0002.434
214 soma 200.0002.433
215 FATTYPUTTY 200.0002.432
216 red dream 200.0002.431
217 pwnplay 200.0002.431
218 TeamRedAce 200.0002.430
219 hacklib 200.0002.429
220 UCCU 200.0002.428
221 f0xtr0t 200.0002.428
222 MrGrey 150.0001.860
223 Just Hit the Core 150.0001.860
224 d0hwn3d 150.0001.859
225 G04tzZZ 150.0001.858
226 SHK 150.0001.857
227 krornus 150.0001.857
228 SHARK 150.0001.856
229 iD4rk 150.0001.855
230 hummingdrones 150.0001.855
231 noobs 150.0001.854
232 FR19 150.0001.853
233 s111 150.0001.853
234 rh0main 150.0001.852
235 .ROTC 150.0001.851
236 Master Ironbar 150.0001.851
237 GlandOS 150.0001.850
238 Hackdumb 150.0001.849
239 Meerkat 150.0001.849
240 hexfact0r 150.0001.848
241 koaidien 150.0001.848
242 taurus 150.0001.847
243 Men_In_The_Middle 150.0001.846
244 HackerHotel 150.0001.846
245 gooligans 150.0001.845
246 STT 150.0001.845
247 rkkautsar 150.0001.844
248 PHS Absol 150.0001.843
249 ApertureWorkers 150.0001.843
250 NullSpaceLabs 150.0001.842
251 grisha 150.0001.842
252 qqq 150.0001.841
253 flyingmonkey 150.0001.841
254 Yamagi.com 150.0001.840
255 random 150.0001.839
256 jeje-50 150.0001.839
257 Red Velvet Muffin 150.0001.838
258 spam0day 150.0001.838
259 hack.carleton 150.0001.837
260 Espacio 150.0001.837
261 9SOC 150.0001.836
262 0d0a 150.0001.836
263 pulchritudinouscell 150.0001.835
264 uiuctf 150.0001.835
265 4861636B6572 150.0001.834
266 Rick Astley Fan Club 150.0001.834
267 Batman's Kitchen 150.0001.833
268 PSBehrend 150.0001.833
269 feliam 150.0001.832
270 Vegan Zombies 100.0001.265
271 Checkmeout 100.0001.265
272 jody-frankowski 100.0001.264
273 TigerTeam 100.0001.264
274 rhinoceros 100.0001.263
275 yakinikyuu 100.0001.263
276 0xE44BEDDED 100.0001.262
277 isitdtu2 100.0001.262
278 karezma 100.0001.261
279 D3siprox 50.0000.694
280 The DHARMA Initiative 50.0000.694
281 IsiLabs 50.0000.694
282 piratesecurity 50.0000.693
283 esgi4asi1 50.0000.693
284 Jeramy 50.0000.692
285 Zboob 50.0000.692
286 Anthony 50.0000.691
287 udalov 50.0000.691
288 ./rideaux.pl 50.0000.690
289 GorillaHack 50.0000.690
290 nuc13us 50.0000.690
291 ascope 50.0000.689
292 Geostrike 50.0000.689
293 NuttinButLuv 50.0000.688
294 Isileaks 50.0000.688
295 totolapraline 50.0000.687
296 UcLanCYl33t 50.0000.687
297 akhalash 50.0000.687
298 Blue_Scr33n 50.0000.686
299 _---| Evil Computing |---| 50.0000.686
300 karroum 50.0000.685
301 awile 50.0000.685
302 Nayki 50.0000.685
303 Orange Mécanique 50.0000.684
304 Zylopfa 50.0000.684
305 cylarcy 50.0000.684
306 Lil'BobbyTables 50.0000.683
307 Knightsec 50.0000.683
308 Yop_solo 50.0000.682
309 Ramolino 50.0000.682
310 vulnhub-ctf 50.0000.682
311 qwebify 50.0000.681
312 lulZer 50.0000.681
313 luckyPenguins 50.0000.681
314 Yacine101 50.0000.680
315 z13db 50.0000.680
316 tank1st99 50.0000.679
317 d0we11 50.0000.679
318 The Cat is #1!! 50.0000.679
319 Angel-Amor 50.0000.678
320 KR3F1DP3 50.0000.678
321 c0t0r3pZ 50.0000.678
322 0x8BadF00d 50.0000.677
323 jacques 50.0000.677
324 ReallyNonamesFor 50.0000.677
325 rootman 50.0000.676
326 Mhackelis 50.0000.676
327 Unknown 50.0000.676
328 MrMugiwara 50.0000.675
329 hAIXer 50.0000.675
330 evanyeyeye 50.0000.675
331 virus69 50.0000.674
332 SKIN 50.0000.674
333 Hawks 50.0000.674
334 Hexistence 50.0000.673
335 tom 50.0000.673
336 digital_minority 50.0000.673
337 Magos 50.0000.672
338 PrivatePeople 50.0000.672
339 cardinalSins 50.0000.672
340 hy00un 50.0000.671
341 DaiveNuleu 50.0000.671
342 gtpp 50.0000.671
343 Hans 50.0000.671
344 nitamago 50.0000.670
345 nguyenhoangcung 50.0000.670
346 MonCoder 50.0000.670
347 cl4rk 50.0000.669
348 InZeAir 50.0000.669
349 Skynet_0 50.0000.669
350 GRIS 50.0000.668
351 SherlockInOurHolmes 50.0000.668
352 Trees 50.0000.668
353 MeePwn 50.0000.668
354 RobloxDragon 50.0000.667
355 m4tux 50.0000.667
356 Aleuto 50.0000.667
357 NeOLux-C1Ph3r 50.0000.666
358 tillson 50.0000.666
359 Yozakura 50.0000.666
360 doitlater 50.0000.666
361 DFCI 50.0000.665
362 yop99 50.0000.665
363 hollyghost9 50.0000.665
364 z3 50.0000.665
365 Epic Leet Team 50.0000.664
366 hama 50.0000.664
367 terabaap 50.0000.664
368 Hi 50.0000.663
369 TenDollar 50.0000.663
370 Ciruelas 50.0000.663
371 DFOE 50.0000.663
372 artdan 50.0000.662
373 Silverbaq 50.0000.662
374 Not_Found 50.0000.662
375 mrx 50.0000.662
376 Excream 50.0000.661
377 networknerd 50.0000.661
378 cth 50.0000.661
379 olev 50.0000.661
380 Urk3L 50.0000.660
381 Eskalina 50.0000.660
382 JoeGaje 50.0000.660
383 PineApple 50.0000.660
384 kaban1337 50.0000.659
385 Team HIT 50.0000.659
386 kod0kk 50.0000.659
387 invader 50.0000.659
388 ElisabethB 50.0000.658
389 makanbeling 50.0000.658
390 michieldwitte 50.0000.658
391 inertiasloth 50.0000.658
392 lostk1tt3n5 50.0000.658
393 De la bath 50.0000.657
394 tirth14 50.0000.657
395 Vesuvius 50.0000.657
396 Ech0t3am 50.0000.657
397 fs0c13ty 50.0000.656
398 N0PE! 50.0000.656
399 salad 50.0000.656
400 ruuto 50.0000.656
401 z0rex 50.0000.656
402 shelldump 50.0000.655
403 KernelPanic 50.0000.655
404 Timber125 50.0000.655
405 gayensouvik1 50.0000.655
406 francis_c 50.0000.654
407 dandri_a 50.0000.654
408 Mairon 50.0000.654
409 503_1 50.0000.654
410 keva 50.0000.654
411 Loststar 50.0000.653
412 abcde 50.0000.653
413 Inazo 50.0000.653
414 espresso 50.0000.653
415 duguhu 50.0000.653
416 cayman 50.0000.652
417 CaramelMacchiato 50.0000.652
418 overflow.army 50.0000.652
419 Brutor 50.0000.652
420 11-Digit Prime Number 50.0000.651
421 casper 50.0000.651
422 Netronix 50.0000.651
423 w00rt 50.0000.651
424 atcasanova 50.0000.651
425 Rolalala 50.0000.650
426 NeO_Team 50.0000.650
427 jfk 50.0000.650
428 toto 50.0000.650
429 g0tiu5a 50.0000.650
430 plean 50.0000.650
431 hikshiks 50.0000.649
432 ab12345 50.0000.649
433 Noobs4Win 50.0000.649
434 Dark.Shell 50.0000.649
435 HackCat 50.0000.649
436 tory 50.0000.648
437 Mimah35 50.0000.648
438 adxetap 50.0000.648
439 doshmajhan 50.0000.648
440 Roryhackit 50.0000.648
441 eipiplus1equals0 50.0000.647
442 RedHunt 50.0000.647
443 ATeam 50.0000.647
444 kaimi.ru 50.0000.647
445 riot 50.0000.647
446 Lfuret_ 50.0000.647
447 thebreak 50.0000.323
gynvael – March 30, 2016, 11:36 a.m.

It looks like the time on CTFTime.org is incorrect.
According to both https://www.nuitduhack.com/en/quals.html (1) and the description above (2), it's +2h vs what's on CTFTime.org*:

(1) Qualification round will start on April 1st 1159PM (GMT+0200) and will end on April 2nd 1159PM (GMT+0200)
(2) CTF will start on April 1 1159PM (CEST, UTC+0200) and will end on April 2 1159PM (CEST UTC+0200)

* at the moment of writing this comment the time on CTFTime.org is: 01 Apr 2016, 21:59 CEST — 02 Apr 2016, 21:59 CEST


Wolfy – April 1, 2016, 2:51 p.m.

I can't be registreted on CTFTime.....


ze3r0six – April 1, 2016, 10:40 p.m.

Gynvael Coldwind +1

exactly


H3LL0 – April 3, 2016, 1:03 a.m.

Good ctf


Antr4ck – April 3, 2016, 2:16 p.m.

Nice Ctf.


str – April 3, 2016, 3:32 p.m.

And here we are - the team who was accusing others for votes manipulation (hey p4!) - start doing the same ;>.
VolgaCTF - you give 5pts 'cos "There were too many programming challenges. Why to solve labyrinths or tic-tac-toe at an info-sec ctf?".
Pwn2Win - you give max points - even half of CTF was programming and phys.

NDH - you give 10pts for guessing issues in just a few tasks (tbh guessing /git or table_name = username is not huge guessing at all, just regular experience)
SSCTF - you give 10pts for guessing issues in most of the CTF

:)


niklasb – April 3, 2016, 5:24 p.m.

Yeah somebody really has to revisit the public voting. I feel like it is solely used for getting a more favourable rating on CTFtime, not at all for subjectively rating the CTFs. Maybe we should consider having two ratings: one for actually computing the CTFtime rating of the event, which is established before the CTF and does not change and one for the actual perceived rating the CTF should have, which we can use for the initial rating in the following year.


cr019283 – April 3, 2016, 5:42 p.m.

@str str - Don't waste my time dude. Volga got 17 pts from p4. Please learn math (and maybe physics as it was your weak side at pwn2win).

By giving 60 pts to NDH you make them equal to BKP (2 days long, no guessing, defcon qual, also 60pts). With this way of thinking it should be also a defcon qual the next year (or already this year ;-)).


akrasuski1 – April 3, 2016, 6:01 p.m.

It seems we are not the only ones who consider tasks guessy: http://pastebin.com/SEYW8iYs http://pastebin.com/W0282Xsj http://pastebin.com/eZ1zge3E - fair points are raised here - there are hundreds of potentially interesting files (config files, repositories (but not just git, Mercury and others are possibilities too), (admin|login|user|config|backup).(php|html|htm) and so on - and in this task they used git instead of .git which again doubles search space). With such a huge number, the searching ("guessing") is dangerously close to brute forcing and dirbusting. If there was a hint in the task description, pointing us in a correct direction (even just one word "repository"), this would be drastically less of an issue.

This was definitely one of the worst tasks on this CTF, but some others were pretty bad as well. Take stegano sound as an example: looking at spectrogram of the sound is pretty obvious, but then those dots that appear can mean anything. We wasted literally hours looking at patterns in 0's and 1's after transcribing them, only to find out after CTF's end that those were Braille digits, which in turn had to be interpreted as key presses for SMS on physical keyboard of phone. Even then, the password was, as far as I know, gibberish. WTF. This was already a far reach - but if this gave at least a non-gibberish word or sentence as the result, I could understand it. BUT, with no feedback, one has to submit flags to see if it was correct - and then again, we have to worry about the flag format: is it upper- or lowercase, does it have NDH[xxx] or NDH{xxx} around or not and so on. Lack of CONSISTENT flag format (well, it was stated in rules, but most tasks ignored it) did not help.

Some tasks were good - probably even most of them. But tasks such as those I described above seriously impact perceived quality of the CTF as a whole, since they simply waste time for nothing.

About our scoring for other CTFs: we have more than one person in our team, and different people obviously like different tasks. I, for example, voted "green" level of points for both Volga and Pwn2Win, even though we didn't do so well at Volga. The person you quoted for giving 5 points at Volga did not vote on PWn2Win at all.About SSCTF: we didn't have "calibrated" voting judgment back then, sorry ;) Now, I wouldn't givve it more than 5.


Pharisaeus – April 3, 2016, 6:30 p.m.

@{str str} there is no such thing as "team voting" in our case. We don't have some kind of "party discipline". Each one of us votes independently how he felt about the CTF. So no, "we" didn't vote Volga at 5p. One person voted 5p while I for example voted 25p. Why so different? Because I didn't work on all the tasks. I grade the CTF judging by what I've been working on, and so does the others. The same goes for NDH - someone did more guessing chals and votes 10p while someone else got to work on less guessing stuff and votes more. So in the end this "evens out" for us. Pwn2Win got a lot of points from us because there was no guessing involved, and there were enough tasks so that no-one got stuck with something he didn't enjoy.

And seriously, this was a 24h CTF like Insomnihack teaser (20p) and people vote it to get 60p, this is madness, especially when compared with for example 0CTF which ended-up with 41p.


big_y – April 4, 2016, 9:56 a.m.

This vote thing is really killing joy of ctfing.


str – April 4, 2016, 6:44 p.m.

Didn't expect such a ton of text. Anyway, that's gonna be my last message on this topic (no matter what your response will be and no matter how Chris Smith will try to insult me again :) ).

1. Please stop comparing Insomnihack teaser to other CTFs. Rating on Insomnihack teaser wasn't enabled. If it was - I'm sure it would have more points. Moreover, I really doubt, that the same Org is able to create two CTFs on totally different organisation and task difficulity level during the same year. If you wanna compare new CTFs, with old ones (without voting option available), why your vote for Insomnia onsite isn't similar to the teaser one? (I've checked writeups for that one, maybe even the onsite CTF was a bit better, it's still [teaser] 20pts vs [your onsite vote] 45pts)
tl;dr: p4 - please stop comparing CTFs when it suits you.

2. Chris Smith voted for VolgaCTF, with 5 points and pointed out, that it deserved only 5 points, 'cos there were too many programming challs. But, based on your writeups, he also played Pwn2Win (which you won, gz btw!). Why didn't he vote there with exactly the same argument? Maybe he didn't want to decrease rating points? :)
tl;dr: p4 - please stop voting only for events when it suits you.

3. Cool, you gave me three nicknames, that were complaining about 'guessing'. I'll give you stats, how many people solved that challenge (hint: more than 3). Anyway, c'mon. Even googling for "the shittiest dictionary for dirbuster" will return .txt with /git (and ./git). Most of the Orgs don't allow dirbustering. NDH allowed that (they clearly said, that we can use whatever we need). Moreover, srsly, a few tasks, which-were-guessing-in-your-opinion have a huge impact on your vote, but when CTF (Pwn2Win) had got half of non-infosec related challenges, you just max'd it? Don't be kidding me :).
tl;dr: p4 - please stop manipulating which challenges have influence on CTF rating, when it suits you.

4. I dont want to be anyone's lawyer - but some days ago, you were attacking other teams as they were supposed to perform vote manipulation. And it backfires. You have merged with so many teams, that I've lost count who is who, and honestly - have no time for playing 'Sherlock Holmes hunting for hypocrisy'. But, by observing your invidual votes - for me, it looks clearly like vote manipulation.
tl;dr: p4 - please stop redefining "vote manipulation" when it suits you.

P.S. I'm personally very happy that team from my country has collected so many team members and most important - encouraged mostly all of them to find so much time (that's the hardest part which deserves kudos - we've never managed to do that) to play CTFs, that you are in TOP4 right now. But please, don't destroy your dignity and don't trap yourselves in hypocrisy - that't the stuff we don't want to have on CTF scene. Cheers!


thotypous – April 4, 2016, 8:32 p.m.

I'm sorry to spoil the page from another event with this discussion, but just a quick answer to @str regarding our event: Pwn2Win had 1010 total points of PPC+PPC-M+Physics challenges. Other categories summed up 4020 points, i.e. you could argue 20% of the CTF was about non-infosec subjects (and not half the CTF, as you say).

However it was very clear from the event description and rules that the CTF would include the Programming and Physics subjects -- these were intended to attract Brazilian students which did not have previous contact with CTFs but did participate in the ACM programming contest, which was a very successful strategy for this purpose.

Maybe the Programming / Physics challenges disappointed players which do not like these categories, and got them unmotivated to solve the other 80% of the CTF. However, it is hard to please everyone: we also had lots of other well-established teams who liked the categories.

BTW, expect for infosec-related Physics in the next edition ;) Hope to see you there.


akrasuski1 – April 4, 2016, 9:37 p.m.

Just putting this here:

04:24 < dmns> can i dos challenge by bruteforcing?
04:26 <@kaiyou> dmns, you cannot, at least you should not, bruteforce is (very) rarely necessary

So no, dirbusting was not allowed, as you imply.


cr019283 – April 4, 2016, 10:15 p.m.

@str str There is no need to take the comments personally or write daily poems here. We know the voting system is not perfect, but the only one proper way to get around it is to keep getting high places, which (as an StR fan) I truly wish you.

For me it doesn't seem right that ranking points can change so much after competitions are over. I think it would be a better idea to vote for the ranking of the next edition of a given ctf (assuming organizers remain the same). So teams wouldn't know how they will perform in the future edition and votes/feedback would be more honest. New events without prior history would get for example 10 points (or 20 points if organizers are among top 10 teams, or more if it's a def con qual). So there would be 1) a need to build long term trust by the organizers, 2) good feedback unrelated to team position, 3) better competitions next time.


lionaneesh – April 5, 2016, 3:17 p.m.

Rankings?


hackerzvoice – April 5, 2016, 3:54 p.m.

Thank you everyone for your feedback. The results were just uploaded, waiting for them to be published. Congratulations again to top 10 teams, please let us know if you spot any mistake in the results or dashboard.