Announcing the 2017 Infosecon CTF, dubbed “Storm CTF!”

There’s a Storm brewing!

Announcing the 2017 Infosecon CTF, dubbed “Storm CTF!” This event will target beginners to intermediate competitors in the hacking world that wish to challenge themselves, but also collaborate with others to identify the solutions to the flags. You may play alone, or with a team up to 6, but the prizes remain the same, so how you determine who takes home what is up to you (we can have a boxing ring set up if necessary.) Speaking of prizes…

There are three main prizes:
1. 1 Year Metasploit Pro Enterprise License. (Thank you Rapid7 for your sponsorship!)
2. 1 MacBook Air 13.3 inch
3. 1 Razer Backpack (contents not disclosed until chosen!)

There will be two smaller spot prizes that award a $50 Amazon gift card, and a single big spot prize that awards a Raspberry Pi complete starter kit!

Prizes will not be set based on place. The team that takes 1st place gets the first choice. 2nd gets the second choice, and finally, 3rd gets whatever is left. We decided to do it this way to fit the interest of the winners. Some may not want/need a MacBook but find interest in the Metasploit license. Others may test their curiosity with the Razer backpack. Take 1st, and the choice is yours!

Challenges

Discussing the challenges, we have attempted to give you multiple ways to play. For starters, if you are a beginner and the thought of playing in a live competition is a bit overwhelming, yet you still wish to learn, we will have a teaching subnet that will award NO POINTS OR PROGRESSION in the contest. You will get hands on experience, a tutor that can assist with the process of penetration testing (when available) and a special scoreboard on the screen that shows how you fare against the others who are learning. This competition is free from pressure and a judgment free zone.  Hackers are friendly in person.

The other side of this will be the main event. The scoring server will host the targets for network attacks, as well as some Jeopardy style flags for those who prefer static analysis. This competition is focusing on network penetration testing, however. We like the thought of having your hands in control of a server you had to find your way into and this will give you that satisfaction without the jail time! Throughout the event at unspecified intervals Spot prizes are announced in Jeopardy format.  There will be one flag to capture in the spot challenge. The first to capture it, wins the prize, though anyone after may capture it for the points.

More specifically, there are “hidden” devices to attack. There will be no need to do a ping sweep of the subnet. Challenges will be directly announced in the chat room and vocally in the room.

The attacking surface and network will be as follows:

Scoring/Chat Server: 10.10.0.100
Attack Subnet: 10.10.10.0/24
Learner’s Subnet: 10.10.20.0/24
Guest’s Subnet: 10.10.0.0/16

Rules

Please do not attack anything outside of the “Attack Subnet” (or the “Learner’s Subnet.”) Doing so will make the attacked systems unavailable to you for an extended period. Failing to comply is an automatic ban, and the admin team has been specifically instructed to give no exceptions to violators of this rule. Type your IPs carefully.

So apt-get update/upgrade your devices, board up the windows and follow the evacuation routes to the Storm CTF! See you there!

Questions/Comments can be directed to Alex using the info below:
Twitter: @offsec_ginger
Email: alex@stormcomputersonline.com

Storm CTF team:

Alex Williams – Lead Design and Project Manager
Paul Witt – Assistant Lead Design and PM
Troy Kent – Incident Handler, Assistant Design
Trey Brown – Security Consultant, Aspiring Hacker Trainee
Ken Bevis – Security Consultant, Aspiring Hacker Trainee

For more information on Triangle InfoSecon visit: http://www.triangleinfosecon.com/
To view our events Calendar for Triangle InfoSecon Click Here

Announcing the 2017 Infosecon CTF, dubbed “Storm CTF!”