CTFtime.org / Kaspersky Industrial CTF Quals 2017

Fri, 06 Oct. 2017, 14:00 UTC — Sun, 08 Oct. 2017, 14:00 UTC

On-line

A Kaspersky Industrial CTF Finals event.

Format: Jeopardy

Official URL: https://ctf.kaspersky.com/

This event's future weight is subject of public voting!

Future weight: 19.22

Rating weight: 19.22

Event organizers

Kaspersky Lab

The Quals will be held online and start from 6 of October (5.00 p.m. Moscow time) till 8 of October (5.00 p.m. Moscow time). The Finals will be held on 24 of October in Shanghai.
This year, the Qualifications will include the following types of tasks:
1. Web
2. Pwn
3. Crypto
4. Stegano/Forensics
5. Reverse
6. Fun

For the finals, we have prepared a stand with an Oil Refinery Factory connected to a Digital Substation. The top three teams will get a chance to hack it and get the prizes.

Prizes

Top 3 teams will be qualified to the Kaspersky Industrial CTF Finals during the GeekPwn1024 event in Shanghai, China

Scoreboard

227 teams total

	Team	CTF points	Rating points
1	CyKOR	6950.000	38.440
2	Eat, Sleep, Pwn, Repeat	6950.000	28.830
3	TokyoWesterns	6050.000	23.138
4	p4	5750.000	20.706
5	LC↯BC	5650.000	19.469
6	Filthy Thr33	5450.000	18.275
7	Batman's Kitchen	4750.000	15.882
8	SUSlo.PAS	4250.000	14.156
9	ALLES!	4150.000	13.612
10	Plaid Parliament of Pwning	4150.000	13.399
11	SiBears	4100.000	13.086
12	[Redacted]	3850.000	12.249
13	Corrupted Reflection	3700.000	11.711
14	[TechnoPandas]	3700.000	11.605
15	Camelot	3700.000	11.514
16	Antichat	3550.000	11.019
17	KoreanGang	3500.000	10.810
18	OH-IOwned	3450.000	10.609
19	VoidHack	3150.000	9.723
20	AAA (	3000.000	9.257
21	Tasteless	3000.000	9.212
22	STT	3000.000	9.170
23	Pwnium	2950.000	8.994
24	Koibasta	2700.000	8.268
25	BE4HOXVII	2700.000	8.236
26	Tower-of-Hanoi	2700.000	8.206
27	Chaitin	2600.000	7.902
28	khack40	2550.000	7.738
29	irGeeks	2550.000	7.715
30	Snatch The Root	2550.000	7.693
31	yoburek	2500.000	7.534
32	Harekaze	2450.000	7.376
33	JohnDoe	2450.000	7.358
34	Shellphish	2100.000	6.373
35	hack.ERS	2100.000	6.357
36	74kbl47	2100.000	6.341
37	YoungPwnawans	2050.000	6.189
38	CodeRed	2000.000	6.037
39	noraneco	1900.000	5.747
40	PLEXeT	1850.000	5.597
41	Invulnerable	1750.000	5.308
42	PwnaSonic	1750.000	5.297
43	Sudo_root	1750.000	5.287
44	OstreKatozordy	1750.000	5.276
45	Craft n' Capture	1650.000	4.990
46	BHG	1600.000	4.843
47	EpicTeam	1600.000	4.834
48	ITCrowd	1600.000	4.825
49	Limpopo	1600.000	4.817
50	T1pst4r	1600.000	4.809
51	zerosib	1600.000	4.802
52	Hypertext Markup Protocol	1550.000	4.656
53	SwissMadeSecurity	1550.000	4.649
54	Honeypot	1550.000	4.642
55	alex_k_polyakov	1500.000	4.498
56	Kernel Sanders	1500.000	4.491
57	DustDevils	1450.000	4.347
58	$wag	1400.000	4.203
59	0x617364	1400.000	4.197
60	TechSec	1400.000	4.192
61	TenDollar	1400.000	4.187
62	ROIS	1400.000	4.182
63	Nu1L	1400.000	4.177
64	TeamRocketIst	1400.000	4.172
65	badfirmware	1400.000	4.167
66	randomstr	1400.000	4.163
67	BreakPoint	1400.000	4.159
68	0x34044	1400.000	4.154
69	restless Schatzi's knights	1400.000	4.150
70	Kółko Ekonomiczne Judasz	1400.000	4.146
71	CatchFM	1400.000	4.142
72	n0de	1400.000	4.139
73	CH1ll	1350.000	3.997
74	ThunderClap	1300.000	3.855
75	Binary Devastation	1300.000	3.851
76	opana	1300.000	3.848
77	paperwhale	1250.000	3.706
78	eunnie	1100.000	3.288
79	CirclesOf$hell	1100.000	3.285
80	zuko3d	1100.000	3.282
81	jonathanj	1100.000	3.279
82	ahaha	1100.000	3.276
83	m1z0r3	1100.000	3.274
84	vaseline valley	1100.000	3.271
85	Team_STFU	1100.000	3.268
86	kek	1100.000	3.266
87	MTP.sky	1000.000	2.986
88	Dr Testman	1000.000	2.984
89	smoke leet everyday	950.000	2.843
90	b1n4ry4rms	900.000	2.702
91	TheGoonies	900.000	2.700
92	SharLike	800.000	2.421
93	Just Hit the Core	800.000	2.419
94	kasia-tutej	800.000	2.417
95	Ph03nix	800.000	2.415
96	Hack'n roll	800.000	2.413
97	potatocato	800.000	2.411
98	scryptos	800.000	2.408
99	mtf	800.000	2.407
100	CremaIsBoring	800.000	2.405
101	Top of the ROP	800.000	2.403
102	Hash Slinging Hackers	800.000	2.401
103	Pandemic	800.000	2.399
104	Epic Leet Team	750.000	2.259
105	Hacker Ameer	750.000	2.257
106	k8tems	700.000	2.117
107	team name	700.000	2.115
108	SIGPWN	700.000	2.114
109	DirtySocks	700.000	2.112
110	bincat	600.000	1.834
111	LeaveCat	600.000	1.832
112	2O2L2H	600.000	1.831
113	Crackchester	600.000	1.829
114	n2r	600.000	1.828
115	0Shi00Shi	600.000	1.826
116	wha1s0s1r1us	600.000	1.825
117	MhackGyver	600.000	1.824
118	Securimag	600.000	1.822
119	cyberwehr	600.000	1.821
120	R4nd0ms	600.000	1.819
121	just_Damn_it	600.000	1.818
122	noTeamName	600.000	1.817
123	T0X1C V4P0R	600.000	1.816
124	Granny	600.000	1.814
125	One Man Orchestra	600.000	1.813
126	Thomas	600.000	1.812
127	!stress	600.000	1.811
128	Black Technology Royal	600.000	1.809
129	YouAreDelayingTheProject	600.000	1.808
130	一块红布	600.000	1.807
131	N0V1C3	600.000	1.806
132	Indie Trash Panda	600.000	1.805
133	1up	600.000	1.804
134	Inshall'hack	600.000	1.803
135	HackingForSoju	600.000	1.802
136	PackdeSys	600.000	1.801
137	Bushwhackers	600.000	1.800
138	SULOBAND	600.000	1.799
139	DedSec	600.000	1.798
140	farmingsimulator2015	600.000	1.797
141	Phantom	600.000	1.796
142	H4C	600.000	1.795
143	Pwn Leak	600.000	1.794
144	Fox-Hound	600.000	1.793
145	dodododo	600.000	1.792
146	Dragon Sector	500.000	1.514
147	KansasCityShuffle	450.000	1.375
148	HTCPCP://	450.000	1.374
149	CodeheadUK	450.000	1.373
150	alexander	300.000	0.958
151	LFY	300.000	0.957
152	Dons Cosecant	300.000	0.956
153	RGB	300.000	0.955
154	asdf	300.000	0.954
155	8bit	300.000	0.954
156	P4dd1ng	300.000	0.953
157	egy1337	300.000	0.952
158	3y3	300.000	0.951
159	HITSquad	300.000	0.951
160	M57	300.000	0.950
161	Exponential	300.000	0.949
162	NIMDA	300.000	0.948
163	One-Team	300.000	0.948
164	MarazmTm	300.000	0.947
165	vanhelsing	300.000	0.946
166	UNN_Team	300.000	0.945
167	I'm not Freddie Mercury	300.000	0.945
168	HackXore	300.000	0.944
169	Hawk Security Team	300.000	0.943
170	revker	300.000	0.943
171	#Thacket;	300.000	0.942
172	dRem	300.000	0.941
173	DoubleSigma	300.000	0.941
174	TipTil	300.000	0.940
175	GuidedHacking.com	300.000	0.939
176	DC416	300.000	0.939
177	igoryan	300.000	0.938
178	yaPenetrators	300.000	0.938
179	BIGBEAR_BK	300.000	0.937
180	sec0d	300.000	0.936
181	taurus	300.000	0.936
182	GUECHAS	300.000	0.935
183	HxD43v3R	300.000	0.935
184	ISITDTU	300.000	0.934
185	kaspersky4b	300.000	0.934
186	Infinite loop	300.000	0.933
187	wnv	300.000	0.932
188	urchin	300.000	0.932
189	SmartRobot	300.000	0.931
190	mister spaghetti meatball	300.000	0.931
191	DaltonBrothers	300.000	0.930
192	guatitasec	300.000	0.930
193	AceBear	300.000	0.929
194	Netcat.us	300.000	0.929
195	BITSkrieg	300.000	0.928
196	pi3la	300.000	0.928
197	kad	300.000	0.927
198	0xFF	300.000	0.927
199	o0o	300.000	0.926
200	Bottomfraggers	300.000	0.926
201	Bono_iPad	300.000	0.925
202	beef1306	300.000	0.925
203	CatFlag	300.000	0.924
204	poutsateam	300.000	0.924
205	mrx	300.000	0.923
206	CultOfTheDeadCarrot	300.000	0.923
207	NIS	300.000	0.922
208	cr4x0rs	300.000	0.922
209	DeliciousHorse	300.000	0.922
210	0xBU	300.000	0.921
211	sqvrc	300.000	0.921
212	yNNhoJ	300.000	0.920
213	hard	300.000	0.920
214	okudo3	300.000	0.919
215	OutOfRangeException	300.000	0.919
216	fargus	300.000	0.919
217	Sea Food	300.000	0.918
218	MerElephant	300.000	0.918
219	NORELATION	300.000	0.917
220	hapsida	200.000	0.640
221	dcua	200.000	0.640
222	SIDAO	200.000	0.640
223	fu.ch4l1z4rd	200.000	0.639
224	cbs	200.000	0.639
225	int 0x80	200.000	0.639
226	p4l	150.000	0.500
227	Rusc	150.000	0.250

niklasb – Oct. 6, 2017, 9:22 p.m.

Tasks are broken/down, and there is no way to contact the orga except for email, to which of course they do not respond. This is not acceptable.

maro – Oct. 6, 2017, 11:32 p.m.

- No IRC,
- Tasks does not mention what we have to do or what have to submit
- Flag format is useless since all tasks does not follow the mentioned flag format, you have just to add KLCTF as prefix
- Many broken tasks
- Guessing
...

Ghaaf – Oct. 7, 2017, 12:33 a.m.

I have the same problem as maro WTF! Kaspersky and no support ! lol !!

niklasb – Oct. 8, 2017, 7:16 p.m.

Note for future: Don't run pwnables as uid 0, or you will have a bad time keeping all the files on the challenge server where they belong. Not to mention forking servers that didn't register SIGCHLD handlers, infinite loops with no alarm() etc.

Pharisaeus – Oct. 8, 2017, 8:44 p.m.

Some tasks had reasonable difficulty and were fun, but there were also A LOT of issues:

1. No flag format respected. Basically every task was "add KLCTF prefix to whatever you get". On top of that flag was sometimes KLCTFxxxxx and sometimes a normal KLCTF{xxxx}. This is very confusing
2. Some tasks required guessing/dirbuster/crystal ball. RE400(+PWN700) initial stage for example required to guess that in /backup/backup.tar we can find the task sources/binaries. Nothing indicated this at all. In fact by far the hardest part of this task was exactly this step...
3. Service shared between all the teams, especially in case you need to trigger some specific state / race condition -> RE400/PWN700
4. Some very strange scoring. Crypto 800 was a trivial homomorphic Paillier challenge. Once someone noticed this is Paillier then it was instantly obvious how to recover the flag. But interestingly enough it could be solved even faster as blackbox. 300p for repeating XOR over a png, with keysize the same as header also seems a bit excessive. Especially compared to some other significantly harder tasks for similar amount of points.

And on top of all of this there was basically no communication channel, no IRC, no telegram, no nothing. You could send an email and get no response :) This becomes even more problematic when some tasks are broken (and they were).

maro – Oct. 10, 2017, 12:07 a.m.

Why is the scoreboard in ctftime is different than the original scoreboard ?!
https://ctf.kaspersky.com/contests/1/scoreboard/

konata – Oct. 11, 2017, 10:58 a.m.

ctftime, please, update the scoreboard for this challenge!

Kaspersky Industrial CTF Quals 2017

Prizes

Scoreboard

Comments

Sign in with