Teams compete against each other, trying to crack into each other’s machines whilst securing their own. When we say machines, we are referring to Virtual Machines which run an Operating System that we will provide you. This custom made OS will have vulnerable services which have been written from scratch. It is this machine that you, and every other team will be using during the competition.
Just in case you don’t know what a virtual machine is, read this.
Once you bring up your Virtual Machine and connect it to the network, you are supposed to keep your services up at all times. Our gameserver will periodically check if your services are up and running, and will award you points if they are. After this, you can start hacking into the machines of other teams. We’ll award you points if you do!
Our gameserver will periodically deploy flags into your machine. If someone else manages to steal these flags and submit the same, we know you have been hacked(too bad, it happens, keep trying). On the other hand if you submit someone else’s flag, you get points.
Yeah, but you won’t be awarded points by the gameserver either. You are supposed to keep your services up at all times if you want points. No points for being such a chicken.
We give points for advisories. A complete advisory is a writeup about the bug you found, the exploit you are using along with the patch for the same. However, we can be quite generous if we’re in a good mood and give points even if the advisory is incomplete.
NOPE. We were just the first ones to host such a competition among graduate colleges in India.
Yeah, we know.
