International Students Contest on Information Security
9^th edition, ON-LINE, 2024

About the competition

The CTF-USV (“Capture The Flag” – Suceava University) contest is intending to mobilize the energies of universities students, their knowledge and abilities on hacking informations systems and applications in an controlled and challenging environment.

The main objective of this competitional event is to encourage students to develop their skills, to train and exercise both intellectual and practical abilities in Information Security field - as future specialists.

Students from academic institutions are invited to participate in the third International Students Contest in Information Security, CTF-USV. The contest, organized as a CTF competition (Capture The Flag), is based on solving various challenges by exploiting weaknesses and vulnerabilities of web applications and operating systems in a limited time interval and inside a controlled data communication environment.

See the 2023 Contest Final Ranking (.pdf)
See the 2022 Contest Final Ranking (.pdf)
See the 2021 Contest Final Ranking (.pdf)
See the 2020 Contest Final Ranking (.pdf)
See the 2019 Contest Final Ranking (.pdf)
See the 2018 Contest Final Ranking (.pdf)
See the 2017 Contest Final Ranking (.pdf)
See the 2016 Contest Final Ranking (.pdf)

Registration

On-line registration of each team is necessary. The competitors have to be enrolled as undergraduate or master level students in an accredited university.

A maximum 4 members per team is permitted. One of the team members will act as team leader. A faculty staff member will register the participants and certify the team affiliation. Out of nominal on-line registration each team will upload a Statement form signed by an academic staff mentor. Filled Statement form will be uploaded using the on-line registration interface functions.

Important Dates

On-line Registration: November 2024, 11 - November 2024, 16
On-line Contest: November 2024, 21 - November 2024, 22

Program and Time Schedule

Official opening, presentations and technical online meeting: Thursday, November 21, 11:30-12:00
Contest: Thursday, November 21, 12:00 - November 22, 12:00
Awarding and closing the competition, online meeting: Friday, November 22, 13:00-14:00

Registered teams

· FIMM · calcar · da1ban · nullpt · olsafe · DDU · EDGE · HPacks · Cybers · CDAD · QWEQST · EMMERI · BRWALL · UCBT · 0N1 · DUCK · NMPB · PwnTCN · OutStd · ChNU · DAC · CUPIT · KPanic · DLG · CYPAZA · SOPRAN · DB · BTG · FH · Pepega · CORE · CB · UVTCTF · CSSLP · Uvt2 · TB · VBG · UPTCTF · CH405 · BTWS · PwnOAP · badbit · FriSH · Uci1 · WM · 3days

Online Registration (closed)

DOWNLOADS

Invitation Letter

to the ninth edition of Capture The Flag contest, Suceava 2024

Statement form

to be filled, signed and uploaded using the on-line registration form

The Contest

Contest Theme and Qualifying Requirements

CTF-USV contest is organized as a CTF (Capture The Flag) competition and consist in solving a number of information security problems the results being uploaded on a dedicated CTF platform where scores will be automatically calculated. Each team will be able to view at any time the accumulated points, the position in the contest, the remaining time, the outcome of other competitors and other relevant information.

Challenges will consist in capturing a number of "flags" at the level of web applications or vulnerable systems.

The “Flags” will be in the form of random and unique strings (hashes) which can be discovered as result of vulnerabilities exploitation of some applications made available for this purpose.

The number of points awarded for each answer/flag is directly proportional with the difficulty level of the challenge.

The CTF platform will be available for a 24 hours interval. The teams will have to solve specific tasks on computer networks and data security issues in a local organized network environment. To validate the results the teams will have to load them on the CTF platform.

The competing teams need to have knowledges on the data networks security and specifically in the following areas:

Identify and exploit vulnerabilities as they are described in OWASP top 10
Identification of services and software versions involved in running web applications
Identification of services and software versions associated with the host operating system
Identification of vulnerabilities associated with each of the previously identified services or software versions
Identification of public exploits being connected with existing vulnerabilities on services or specific software version running on the CTF machine

The contestants will be allowed to use any tool that can help them in solving the challenges, without affecting the functionality or availability of the systems hosting the CTF platform or related infrastructure. More details on contest rules will be posted in a timely manner on the CTF on-line platform.

The competitors will have access to the necessary equipment and a dedicated communication network. Compliance of some basic rules is absolutely necessary under penalty of immediate disqualification:

denial of CTF service/servers
not justified attacks or intrusions
actions outside of the contest defined environment

Awarding

The results will be evaluated by jury who will provide a classification based on quantizable criteria. Prizes will be awarded to the best teams. The provided solutions will be publicly presented by the winners.

Photo Albums

Main contact

ctf@usv.ro Contact

CTF-USV 2024 Committee

About the organizers

Stefan cel Mare University of Suceava is a public university located in north-east area of Romania. The university includes 11 faculties and has more than 10.000 students. Ştefan cel Mare University of Suceava is one of the most dynamic universities in Eastern Europe, offering high quality undergraduate and postgraduate education. USV is accredited with High Confidence by the Romanian Agency for Quality Assurance in Higher Education (ARACIS), having the status of National Research and Development Unit provided by the National Authority for Scientific Research and Innovation (ANCS). A local tradition in organizing computer and IT contests for students was largely developed in the past years.

Safetech Innovations is the only dedicated Cybersecurity company on Romanian market which offers a complete range of security services and combined with being a value-added security solutions implementer and integrator, and also the operator of an accredited CERT, which operates 24/7. STI CERT (SAFETECH COMPUTER EMERGENCY RESPONSE TEAM) is a private CERT/CSIRT, owned and operated by Safetech Innovations, to provide its clients in the public and private sectors, continuous monitoring of cybersecurity threats and intervention in case of security incidents. Also, Safetech is the first company in Central Europe and one of four in the world certified company HID Global as "Certified Implementation Partner" and the only company working exclusively in information security from Romania, accredited by Check Point as Check Point's Certified Collaborative Support Provider (CCSP).

ASSIST Software Romania specializes in outsourcing software development projects. Based in Eastern Europe, we are operating in a challenging economy that creates a fertile environment for Information Technology and business outsourcing. Our team has a solid and proven track record, delivering high quality and timely services. Founded in 1992, ASSIST Software Romania is present on the international market as a supplier of innovative solutions, adding business value through technology implementation at a professional level. Focusing our activities toward developing complex software products, ASSIST Software Romania provides consistent results in emerging fields such as mobile and web-based custom business applications, e-commerce, e-payment, e-security, e-health and enterprise & resource planning, entertainment and gaming industry.

International Students Contest on Information Security 9th edition, ON-LINE, 2024