Fri, 01 April 2016, 21:59 UTC — Sat, 02 April 2016, 21:59 UTC 

On-line

Nuit du Hack CTF Quals event.

Format: Jeopardy Jeopardy

Official URL: https://www.nuitduhack.com/

This event's future weight is subject of public voting!

Future weight: 36.53 

Rating weight: 36.53 

Event organizers 

Not a joke! This year, the qualification round for "Nuit du Hack" private CTF will start on April 1 1159PM (CEST, UTC+0200) and will end on April 2 1159PM (CEST UTC+0200). Top 10 teams will be qualified for the final round held during the Nuit Du Hack in Paris July 2nd and 3rd.

About the qualification round, it will be jeopardy-style (crack and paste the flag) challenges, with a standard scoring system. Detailed rules and registration will be published 1 week before the challenge. Be ready to join us!

Prizes

Top 10 teams will qualify for the final round and get a set of 5 free tickets for the "Nuit du Hack" 2016 event (July 2nd and 3rd 2016).

Sysdream will offer the top 3 teams an additional set of 5 free tickets provided access to the "Hack In Paris" event, held in Paris from June 27 to July 1st (more information on the event's website).

Scoreboard

447 teams total

PlaceTeamCTF pointsRating points
1 Shellphish 3150.00073.060
2 Dragon Sector 2950.00052.476
3 Rdot.org 2950.00046.387
4 Tasteless 2900.00042.763
5 0ops 2800.00039.777
6 scryptos 2700.00037.400
7 StratumAuhuur 2700.00036.530
8 dcua 2650.00035.298
9 Samurai 2500.00033.051
10 Hexpresso 2500.00032.645
11 khack40 2500.00032.313
12 Fourchette Bombe 2500.00032.036
13 LC↯BC 2350.00030.063
14 Hacknam Style 2350.00029.862
15 int3pids 2350.00029.688
16 c00kies@venice 2350.00029.536
17 ASIS 2350.00029.401
18 Digital Beegiz 2300.00028.702
19 TokyoWesterns 2200.00027.436
20 ChocolateMakers 2200.00027.340
21 Bushwhackers 2100.00026.093
22 Antichat 2100.00026.014
23 ISITDTU 2050.00025.362
24 pwnspiracy 2050.00025.296
25 MistouflOWN 2050.00025.235
26 Snatch The Root 2050.00025.178
27 sec0d 1900.00023.387
28 0daysober 1850.00022.759
29 p4 1800.00022.134
30 Bornova Merkez 1800.00022.092
31 Pwnium 1650.00020.313
32 0xbadf00d 1650.00020.276
33 CyKOR 1650.00020.242
34 DeliciousHorse 1650.00020.209
35 Zenk-Security 1650.00020.178
36 Spiderz 1600.00019.570
37 Plaid Parliament of Pwning 1550.00018.962
38 bitbitbit 1550.00018.936
39 Tower of Hanoi 1400.00017.172
40 217 1400.00017.149
41 HackXore 1400.00017.127
42 Lilac 1350.00016.525
43 squareroots 1350.00016.505
44 du1iqvw 1350.00016.486
45 .elite 1300.00015.888
46 KzUs 1300.00015.870
47 pony7 1300.00015.853
48 dodododo 1250.00015.257
49 Cyber Kitten Attack Squad 1250.00015.242
50 hxp 1250.00015.227
51 OldTeam 1250.00015.212
52 MonkeyFlagger 1250.00015.199
53 dipso 1250.00015.185
54 TKOX 1250.00015.173
55 w0pr 1200.00014.580
56 gentlemen 1150.00013.989
57 !SpamAndHex 1150.00013.977
58 BabyPhD 1150.00013.966
59 LSE 1150.00013.956
60 irGeeks 1150.00013.945
61 oneup 1150.00013.935
62 OpenToAll 1150.00013.926
63 Capture the Swag 1100.00013.336
64 CLGT 1050.00012.747
65 KITCTF 1050.00012.739
66 Raccoons 1050.00012.730
67 MV9rwGOf08 1050.00012.722
68 amn3s1a 1050.00012.714
69 LosFuzzys 1050.00012.706
70 [censored] 950.00011.539
71 9447 950.00011.531
72 REU 950.00011.524
73 DCI-ETS 950.00011.517
74 lumen 950.00011.511
75 /dev/randoge 950.00011.504
76 MSU-CTF 950.00011.498
77 takaki 950.00011.491
78 fullmetalfouad 950.00011.485
79 ****** 900.00010.900
80 noraneco 900.00010.894
81 QuokkaLight 900.00010.888
82 TeamTFH 900.00010.883
83 Insanity 850.00010.297
84 0xc0ffee 850.00010.292
85 WiNA is no acronym 850.00010.287
86 d0tslashpwn 850.00010.282
87 b01lers 850.00010.277
88 duks 800.0009.693
89 WeAreSecSy 800.0009.688
90 0x90r00t 800.0009.683
91 SIGINT 750.0009.099
92 Eaters 750.0009.095
93 Wiremask 750.0009.090
94 CSI 750.0009.086
95 Bono_iPad 750.0009.082
96 Shady Hats 750.0009.078
97 Le££e 750.0009.074
98 omakase 750.0009.070
99 RingZer0 Team 750.0009.067
100 SUSlo.PAS 700.0008.483
101 KrackUrM0M 700.0008.479
102 PKTeam 700.0008.476
103 brucel33t 700.0008.472
104 DjigIT 700.0008.469
105 zx 650.0007.886
106 Mammon Machine 650.0007.883
107 Vidar 650.0007.879
108 Hackgyver 650.0007.876
109 Sw1ssFr13nds 650.0007.873
110 FAUST 650.0007.870
111 SiBears 650.0007.867
112 xil.se 650.0007.864
113 CTF-infinit 650.0007.861
114 Team IB 650.0007.858
115 Deepsea 650.0007.856
116 Retired - Fast Affine Projection 650.0007.853
117 SwissMadeSecurity 650.0007.850
118 cyberkastike 650.0007.848
119 Securimag 650.0007.845
120 RooterX 650.0007.842
121 curl | sudo bash 650.0007.840
122 Slug Security 650.0007.837
123 jeannedhack 600.0007.255
124 r00ts 600.0007.253
125 ALLES! 600.0007.250
126 osu.sec 550.0006.668
127 mage 550.0006.666
128 Honeypot 550.0006.664
129 d4rkc0de 550.0006.661
130 err0r-451 550.0006.659
131 6l0ry 550.0006.657
132 bi0s 550.0006.655
133 Owe 550.0006.653
134 NIS 550.0006.651
135 CorpOfHack 550.0006.649
136 ascii overflow 550.0006.647
137 Come To Fight 550.0006.645
138 JDIS 500.0006.063
139 fsim2015 500.0006.061
140 Invulnerable 500.0006.059
141 maf-ia 500.0006.057
142 Sandbox 500.0006.056
143 PunKeel 500.0006.054
144 smoke leet everyday 450.0005.472
145 HackingForSoju 450.0005.471
146 fd 450.0005.469
147 Delusions of Grandeur 450.0005.467
148 Asuwiel 450.0005.465
149 D3afMut3s 450.0005.464
150 HackKing 450.0005.462
151 Toxic Bandits 450.0005.460
152 mainro 450.0005.459
153 BrieflyX 450.0005.457
154 ia0 450.0005.456
155 PeakChaos 450.0005.454
156 xSTF 450.0005.453
157 ByteBandits 450.0005.451
158 covart 450.0005.450
159 TeamContagion 450.0005.448
160 m1z0r3 450.0005.447
161 nada8 450.0005.445
162 efiens 450.0005.444
163 Sunset 450.0005.443
164 blukat29 450.0005.441
165 p0wontnx 450.0005.440
166 pm-hibernate 450.0005.439
167 babou22 450.0005.437
168 OPT 450.0005.436
169 ECHO 450.0005.435
170 dqi 450.0005.433
171 BITSkrieg 450.0005.432
172 Magic Hat 450.0005.431
173 okudo3 450.0005.430
174 zzoru 450.0005.429
175 pie 450.0005.427
176 skyer 450.0005.426
177 BreakPoint 450.0005.425
178 InfoSecIITR 450.0005.424
179 marcs0h 450.0005.423
180 PandHack 450.0005.422
181 minhty123 450.0005.420
182 b1n4ry4rms 450.0005.419
183 sbs3 450.0005.418
184 M57 450.0005.417
185 Brutewoorse 450.0005.416
186 Dystopian Narwhals 450.0005.415
187 Koibasta 450.0005.414
188 c21h30o2 450.0005.413
189 RPISEC 450.0005.412
190 MojoMaster 450.0005.411
191 lintile 450.0005.410
192 b0tch_sec 450.0005.409
193 cafecomleite 450.0005.408
194 n0pstar 450.0005.407
195 InNameOfLulz 450.0005.406
196 TheGoonies 400.0004.825
197 SpartHackUs 400.0004.824
198 P_TE 400.0004.823
199 pavel 350.0004.242
200 Erio 350.0004.242
201 DATATECH 350.0004.241
202 vanhelsing 350.0004.240
203 0x8F 350.0004.239
204 CafardNahum 300.0003.658
205 ecto 300.0003.657
206 PeterPEN 300.0003.656
207 Teammi 250.0003.076
208 LesT4rt1nes 250.0003.075
209 cyrilbruder 250.0003.074
210 bakup 250.0003.073
211 nessie09 250.0003.072
212 giraffee 250.0003.072
213 2nit 200.0002.491
214 soma 200.0002.490
215 FATTYPUTTY 200.0002.489
216 red dream 200.0002.488
217 pwnplay 200.0002.488
218 TeamRedAce 200.0002.487
219 hacklib 200.0002.486
220 UCCU 200.0002.485
221 f0xtr0t 200.0002.485
222 MrGrey 150.0001.904
223 Just Hit the Core 150.0001.903
224 d0hwn3d 150.0001.903
225 G04tzZZ 150.0001.902
226 SHK 150.0001.901
227 krornus 150.0001.900
228 SHARK 150.0001.900
229 iD4rk 150.0001.899
230 hummingdrones 150.0001.898
231 noobs 150.0001.898
232 FR19 150.0001.897
233 s111 150.0001.896
234 rh0main 150.0001.896
235 .ROTC 150.0001.895
236 Master Ironbar 150.0001.894
237 GlandOS 150.0001.894
238 Hackdumb 150.0001.893
239 Meerkat 150.0001.892
240 DTUHAX 150.0001.892
241 koaidien 150.0001.891
242 taurus 150.0001.890
243 Men_In_The_Middle 150.0001.890
244 HackerHotel 150.0001.889
245 gooligans 150.0001.889
246 STT 150.0001.888
247 rkkautsar 150.0001.887
248 PHS Absol 150.0001.887
249 ApertureWorkers 150.0001.886
250 NullSpaceLabs 150.0001.886
251 grisha 150.0001.885
252 qqq 150.0001.884
253 flyingmonkey 150.0001.884
254 Yamagi.com 150.0001.883
255 random 150.0001.883
256 jeje-50 150.0001.882
257 Red Velvet Muffin 150.0001.882
258 spam0day 150.0001.881
259 hack.carleton 150.0001.881
260 Espacio 150.0001.880
261 9SOC 150.0001.879
262 0d0a 150.0001.879
263 pulchritudinouscell 150.0001.878
264 uiuctf 150.0001.878
265 4861636B6572 150.0001.877
266 Rick Astley Fan Club 150.0001.877
267 Batman's Kitchen 150.0001.876
268 PSBehrend 150.0001.876
269 feliam 150.0001.875
270 Vegan Zombies 100.0001.295
271 Checkmeout 100.0001.294
272 jody-frankowski 100.0001.294
273 TigerTeam 100.0001.293
274 rhinoceros 100.0001.293
275 yakinikyuu 100.0001.293
276 0xE44BEDDED 100.0001.292
277 isitdtu2 100.0001.292
278 karezma 100.0001.291
279 D3siprox 50.0000.711
280 The DHARMA Initiative 50.0000.710
281 IsiLabs 50.0000.710
282 piratesecurity 50.0000.709
283 esgi4asi1 50.0000.709
284 Jeramy 50.0000.708
285 Zboob 50.0000.708
286 Anthony 50.0000.708
287 udalov 50.0000.707
288 ./rideaux.pl 50.0000.707
289 GorillaHack 50.0000.706
290 nuc13us 50.0000.706
291 Ascope 50.0000.705
292 Geostrike 50.0000.705
293 NuttinButLuv 50.0000.705
294 Isileaks 50.0000.704
295 totolapraline 50.0000.704
296 UcLanCYl33t 50.0000.703
297 akhalash 50.0000.703
298 Blue_Scr33n 50.0000.702
299 _---| Evil Computing |---| 50.0000.702
300 karroum 50.0000.702
301 awile 50.0000.701
302 Nayki 50.0000.701
303 Orange Mécanique 50.0000.700
304 Zylopfa 50.0000.700
305 cylarcy 50.0000.700
306 Lil'BobbyTables 50.0000.699
307 Knightsec 50.0000.699
308 Yop_solo 50.0000.698
309 Ramolino 50.0000.698
310 vulnhub-ctf 50.0000.698
311 qwebify 50.0000.697
312 lulZer 50.0000.697
313 luckyPenguins 50.0000.697
314 Yacine101 50.0000.696
315 z13db 50.0000.696
316 tank1st99 50.0000.695
317 d0we11 50.0000.695
318 The Cat is #1!! 50.0000.695
319 Angel-Amor 50.0000.694
320 KR3F1DP3 50.0000.694
321 c0t0r3pZ 50.0000.694
322 0x8BadF00d 50.0000.693
323 jacques 50.0000.693
324 ReallyNonamesFor 50.0000.693
325 rootman 50.0000.692
326 Mhackelis 50.0000.692
327 Unknown 50.0000.692
328 MrMugiwara 50.0000.691
329 hAIXer 50.0000.691
330 evanyeyeye 50.0000.691
331 virus69 50.0000.690
332 SKIN 50.0000.690
333 Hawks 50.0000.690
334 Hexistence 50.0000.689
335 tom 50.0000.689
336 digital_minority 50.0000.689
337 Magos 50.0000.688
338 PrivatePeople 50.0000.688
339 cardinalSins 50.0000.688
340 hy00un 50.0000.687
341 DaiveNuleu 50.0000.687
342 gtpp 50.0000.687
343 Hans 50.0000.686
344 nitamago 50.0000.686
345 nguyenhoangcung 50.0000.686
346 MonCoder 50.0000.685
347 cl4rk 50.0000.685
348 InZeAir 50.0000.685
349 Skynet_0 50.0000.685
350 GRIS 50.0000.684
351 SherlockInOurHolmes 50.0000.684
352 Trees 50.0000.684
353 MeePwn 50.0000.683
354 RobloxDragon 50.0000.683
355 m4tux 50.0000.683
356 Aleuto 50.0000.682
357 NeOLux-C1Ph3r 50.0000.682
358 tillson 50.0000.682
359 Yozakura 50.0000.682
360 doitlater 50.0000.681
361 PENSIUN | DFCI | SUKSMA 50.0000.681
362 yop99 50.0000.681
363 hollyghost9 50.0000.680
364 z3 50.0000.680
365 Epic Leet Team 50.0000.680
366 hama 50.0000.680
367 terabaap 50.0000.679
368 Hi 50.0000.679
369 TenDollar 50.0000.679
370 Ciruelas 50.0000.679
371 DFOE 50.0000.678
372 artdan 50.0000.678
373 Silverbaq 50.0000.678
374 Not_Found 50.0000.678
375 mrx 50.0000.677
376 Excream 50.0000.677
377 networknerd 50.0000.677
378 cth 50.0000.676
379 olev 50.0000.676
380 Urk3L 50.0000.676
381 Eskalina 50.0000.676
382 JoeGaje 50.0000.675
383 PineApple 50.0000.675
384 kaban1337 50.0000.675
385 Team HIT 50.0000.675
386 kod0kk 50.0000.674
387 invader 50.0000.674
388 ElisabethB 50.0000.674
389 makanbeling 50.0000.674
390 michieldwitte 50.0000.674
391 inertiasloth 50.0000.673
392 lostk1tt3n5 50.0000.673
393 De la bath 50.0000.673
394 tirth14 50.0000.673
395 Vesuvius 50.0000.672
396 Ech0t3am 50.0000.672
397 fs0c13ty 50.0000.672
398 N0PE! 50.0000.672
399 salad 50.0000.671
400 ruuto 50.0000.671
401 z0rex 50.0000.671
402 shelldump 50.0000.671
403 KernelPanic 50.0000.670
404 Timber125 50.0000.670
405 gayensouvik1 50.0000.670
406 francis_c 50.0000.670
407 dandri_a 50.0000.670
408 Mairon 50.0000.669
409 503_1 50.0000.669
410 keva 50.0000.669
411 Loststar 50.0000.669
412 abcde 50.0000.669
413 Inazo 50.0000.668
414 espresso 50.0000.668
415 duguhu 50.0000.668
416 cayman 50.0000.668
417 CaramelMacchiato 50.0000.667
418 overflow.army 50.0000.667
419 Brutor 50.0000.667
420 11-Digit Prime Number 50.0000.667
421 casper 50.0000.667
422 Netronix 50.0000.666
423 w00rt 50.0000.666
424 atcasanova 50.0000.666
425 Rolalala 50.0000.666
426 NeO_Team 50.0000.666
427 jfk 50.0000.665
428 toto 50.0000.665
429 g0tiu5a 50.0000.665
430 plean 50.0000.665
431 hikshiks 50.0000.665
432 ab12345 50.0000.664
433 Noobs4Win 50.0000.664
434 Dark.Shell 50.0000.664
435 HackCat 50.0000.664
436 tory 50.0000.664
437 Mimah35 50.0000.663
438 adxetap 50.0000.663
439 doshmajhan 50.0000.663
440 Roryhackit 50.0000.663
441 eipiplus1equals0 50.0000.663
442 RedHunt 50.0000.662
443 ATeam 50.0000.662
444 kaimi.ru 50.0000.662
445 riot 50.0000.662
446 Lfuret_ 50.0000.662
447 thebreak 50.0000.331
gynvaelMarch 30, 2016, 11:36 a.m.

It looks like the time on CTFTime.org is incorrect.
According to both https://www.nuitduhack.com/en/quals.html (1) and the description above (2), it's +2h vs what's on CTFTime.org*:

(1) Qualification round will start on April 1st 1159PM (GMT+0200) and will end on April 2nd 1159PM (GMT+0200)
(2) CTF will start on April 1 1159PM (CEST, UTC+0200) and will end on April 2 1159PM (CEST UTC+0200)

* at the moment of writing this comment the time on CTFTime.org is: 01 Apr 2016, 21:59 CEST — 02 Apr 2016, 21:59 CEST


WolfyApril 1, 2016, 2:51 p.m.

I can't be registreted on CTFTime.....


ze3r0sixApril 1, 2016, 10:40 p.m.

Gynvael Coldwind +1

exactly


l33tb4nanaApril 3, 2016, 1:03 a.m.

Good ctf


Antr4ckApril 3, 2016, 2:16 p.m.

Nice Ctf.


strApril 3, 2016, 3:32 p.m.

And here we are - the team who was accusing others for votes manipulation (hey p4!) - start doing the same ;>.
VolgaCTF - you give 5pts 'cos "There were too many programming challenges. Why to solve labyrinths or tic-tac-toe at an info-sec ctf?".
Pwn2Win - you give max points - even half of CTF was programming and phys.

NDH - you give 10pts for guessing issues in just a few tasks (tbh guessing /git or table_name = username is not huge guessing at all, just regular experience)
SSCTF - you give 10pts for guessing issues in most of the CTF

:)


niklasbApril 3, 2016, 5:24 p.m.

Yeah somebody really has to revisit the public voting. I feel like it is solely used for getting a more favourable rating on CTFtime, not at all for subjectively rating the CTFs. Maybe we should consider having two ratings: one for actually computing the CTFtime rating of the event, which is established before the CTF and does not change and one for the actual perceived rating the CTF should have, which we can use for the initial rating in the following year.


cr019283April 3, 2016, 5:42 p.m.

@str str - Don't waste my time dude. Volga got 17 pts from p4. Please learn math (and maybe physics as it was your weak side at pwn2win).

By giving 60 pts to NDH you make them equal to BKP (2 days long, no guessing, defcon qual, also 60pts). With this way of thinking it should be also a defcon qual the next year (or already this year ;-)).


akrasuski1April 3, 2016, 6:01 p.m.

It seems we are not the only ones who consider tasks guessy: http://pastebin.com/SEYW8iYs http://pastebin.com/W0282Xsj http://pastebin.com/eZ1zge3E - fair points are raised here - there are hundreds of potentially interesting files (config files, repositories (but not just git, Mercury and others are possibilities too), (admin|login|user|config|backup).(php|html|htm) and so on - and in this task they used git instead of .git which again doubles search space). With such a huge number, the searching ("guessing") is dangerously close to brute forcing and dirbusting. If there was a hint in the task description, pointing us in a correct direction (even just one word "repository"), this would be drastically less of an issue.

This was definitely one of the worst tasks on this CTF, but some others were pretty bad as well. Take stegano sound as an example: looking at spectrogram of the sound is pretty obvious, but then those dots that appear can mean anything. We wasted literally hours looking at patterns in 0's and 1's after transcribing them, only to find out after CTF's end that those were Braille digits, which in turn had to be interpreted as key presses for SMS on physical keyboard of phone. Even then, the password was, as far as I know, gibberish. WTF. This was already a far reach - but if this gave at least a non-gibberish word or sentence as the result, I could understand it. BUT, with no feedback, one has to submit flags to see if it was correct - and then again, we have to worry about the flag format: is it upper- or lowercase, does it have NDH[xxx] or NDH{xxx} around or not and so on. Lack of CONSISTENT flag format (well, it was stated in rules, but most tasks ignored it) did not help.

Some tasks were good - probably even most of them. But tasks such as those I described above seriously impact perceived quality of the CTF as a whole, since they simply waste time for nothing.

About our scoring for other CTFs: we have more than one person in our team, and different people obviously like different tasks. I, for example, voted "green" level of points for both Volga and Pwn2Win, even though we didn't do so well at Volga. The person you quoted for giving 5 points at Volga did not vote on PWn2Win at all.About SSCTF: we didn't have "calibrated" voting judgment back then, sorry ;) Now, I wouldn't givve it more than 5.


PharisaeusApril 3, 2016, 6:30 p.m.

@{str str} there is no such thing as "team voting" in our case. We don't have some kind of "party discipline". Each one of us votes independently how he felt about the CTF. So no, "we" didn't vote Volga at 5p. One person voted 5p while I for example voted 25p. Why so different? Because I didn't work on all the tasks. I grade the CTF judging by what I've been working on, and so does the others. The same goes for NDH - someone did more guessing chals and votes 10p while someone else got to work on less guessing stuff and votes more. So in the end this "evens out" for us. Pwn2Win got a lot of points from us because there was no guessing involved, and there were enough tasks so that no-one got stuck with something he didn't enjoy.

And seriously, this was a 24h CTF like Insomnihack teaser (20p) and people vote it to get 60p, this is madness, especially when compared with for example 0CTF which ended-up with 41p.


big_yApril 4, 2016, 9:56 a.m.

This vote thing is really killing joy of ctfing.


strApril 4, 2016, 6:44 p.m.

Didn't expect such a ton of text. Anyway, that's gonna be my last message on this topic (no matter what your response will be and no matter how Chris Smith will try to insult me again :) ).

1. Please stop comparing Insomnihack teaser to other CTFs. Rating on Insomnihack teaser wasn't enabled. If it was - I'm sure it would have more points. Moreover, I really doubt, that the same Org is able to create two CTFs on totally different organisation and task difficulity level during the same year. If you wanna compare new CTFs, with old ones (without voting option available), why your vote for Insomnia onsite isn't similar to the teaser one? (I've checked writeups for that one, maybe even the onsite CTF was a bit better, it's still [teaser] 20pts vs [your onsite vote] 45pts)
tl;dr: p4 - please stop comparing CTFs when it suits you.

2. Chris Smith voted for VolgaCTF, with 5 points and pointed out, that it deserved only 5 points, 'cos there were too many programming challs. But, based on your writeups, he also played Pwn2Win (which you won, gz btw!). Why didn't he vote there with exactly the same argument? Maybe he didn't want to decrease rating points? :)
tl;dr: p4 - please stop voting only for events when it suits you.

3. Cool, you gave me three nicknames, that were complaining about 'guessing'. I'll give you stats, how many people solved that challenge (hint: more than 3). Anyway, c'mon. Even googling for "the shittiest dictionary for dirbuster" will return .txt with /git (and ./git). Most of the Orgs don't allow dirbustering. NDH allowed that (they clearly said, that we can use whatever we need). Moreover, srsly, a few tasks, which-were-guessing-in-your-opinion have a huge impact on your vote, but when CTF (Pwn2Win) had got half of non-infosec related challenges, you just max'd it? Don't be kidding me :).
tl;dr: p4 - please stop manipulating which challenges have influence on CTF rating, when it suits you.

4. I dont want to be anyone's lawyer - but some days ago, you were attacking other teams as they were supposed to perform vote manipulation. And it backfires. You have merged with so many teams, that I've lost count who is who, and honestly - have no time for playing 'Sherlock Holmes hunting for hypocrisy'. But, by observing your invidual votes - for me, it looks clearly like vote manipulation.
tl;dr: p4 - please stop redefining "vote manipulation" when it suits you.

P.S. I'm personally very happy that team from my country has collected so many team members and most important - encouraged mostly all of them to find so much time (that's the hardest part which deserves kudos - we've never managed to do that) to play CTFs, that you are in TOP4 right now. But please, don't destroy your dignity and don't trap yourselves in hypocrisy - that't the stuff we don't want to have on CTF scene. Cheers!


thotypousApril 4, 2016, 8:32 p.m.

I'm sorry to spoil the page from another event with this discussion, but just a quick answer to @str regarding our event: Pwn2Win had 1010 total points of PPC+PPC-M+Physics challenges. Other categories summed up 4020 points, i.e. you could argue 20% of the CTF was about non-infosec subjects (and not half the CTF, as you say).

However it was very clear from the event description and rules that the CTF would include the Programming and Physics subjects -- these were intended to attract Brazilian students which did not have previous contact with CTFs but did participate in the ACM programming contest, which was a very successful strategy for this purpose.

Maybe the Programming / Physics challenges disappointed players which do not like these categories, and got them unmotivated to solve the other 80% of the CTF. However, it is hard to please everyone: we also had lots of other well-established teams who liked the categories.

BTW, expect for infosec-related Physics in the next edition ;) Hope to see you there.


akrasuski1April 4, 2016, 9:37 p.m.

Just putting this here:

04:24 < dmns> can i dos challenge by bruteforcing?
04:26 <@kaiyou> dmns, you cannot, at least you should not, bruteforce is (very) rarely necessary

So no, dirbusting was not allowed, as you imply.


cr019283April 4, 2016, 10:15 p.m.

@str str There is no need to take the comments personally or write daily poems here. We know the voting system is not perfect, but the only one proper way to get around it is to keep getting high places, which (as an StR fan) I truly wish you.

For me it doesn't seem right that ranking points can change so much after competitions are over. I think it would be a better idea to vote for the ranking of the next edition of a given ctf (assuming organizers remain the same). So teams wouldn't know how they will perform in the future edition and votes/feedback would be more honest. New events without prior history would get for example 10 points (or 20 points if organizers are among top 10 teams, or more if it's a def con qual). So there would be 1) a need to build long term trust by the organizers, 2) good feedback unrelated to team position, 3) better competitions next time.


lionaneeshApril 5, 2016, 3:17 p.m.

Rankings?


hackerzvoiceApril 5, 2016, 3:54 p.m.

Thank you everyone for your feedback. The results were just uploaded, waiting for them to be published. Congratulations again to top 10 teams, please let us know if you spot any mistake in the results or dashboard.


Sign in to comment.