International Students Contest on Information Security
5th edition, ON-LINE, 2020

International Students Contest on Information Security

About the competition

The CTF-USV (“Capture The Flag” – Suceava University) contest is intending to mobilize the energies of universities students, their knowledge and abilities on hacking informations systems and applications in an controlled and challenging environment.

The main objective of this competitional event is to encourage students to develop their skills, to train and exercise both intellectual and practical abilities in Information Security field - as future specialists.

Students from academic institutions are invited to participate in the third International Students Contest in Information Security, CTF-USV. The contest, organized as a CTF competition (Capture The Flag), is based on solving various challenges by exploiting weaknesses and vulnerabilities of web applications and operating systems in a limited time interval and inside a controlled data communication environment.

2020 Contest Final Ranking
See the 2019 Contest Final Ranking (.pdf)
See the 2018 Contest Final Ranking (.pdf)
See the 2017 Contest Final Ranking (.pdf)
See the 2016 Contest Final Ranking (.pdf)

International Students Contest on Information Security

Registration

On-line registration of each team is necessary. The competitors have to be enrolled as undergraduate or master level students in an accredited university.

A maximum 4 members per team is permitted. One of the team members will act as team leader. A faculty staff member will register the participants and certify the team affiliation. Out of nominal online registration each team will upload a Statement form signed by an academic staff mentor.

Important Dates

Online Registration: November 2020, 16-20
On-line Contest: 27 November 2020

Program and Time Schedule

November 27: official opening, presentations and technical meeting, 09:00-11:00 EET
November 27: starting the CTF contest, 11:00 EET
November 27: stopping the competition at 19:00 EET
November 27: awarding and closing ceremony, 19:00-21:00 EET
The CTF platform will be available for a 8 hours interval, respectively starting on November 27 at 11:00 EET and ending on November 27 at 19:00 EET.

Registred teams

· MTA1 · MTA2 · GLUCID · SIGKILL BTDBG · h4xi0n · CBWR · Imp · f4less · sh.exe · FBOMB · ROOT · SudO · VNC · GREPHR · QWERTY · B.O.F · AC1EE · Vex · Memz · CrK · IQshep · XF5F · GET_SH · PJN · ZXH · HB · KERPAN · UVT
International Students Contest on Information Security

The Contest

Contest Theme and Qualifying Requirements

CTF-USV contest is organized as a CTF (Capture The Flag) competition and consist in solving a number of information security problems the results being uploaded on a dedicated CTF platform where scores will be automatically calculated. Each team will be able to view at any time the accumulated points, the position in the contest, the remaining time, the outcome of other competitors and other relevant information.

Challenges will consist in capturing a number of "flags" at the level of web applications or vulnerable systems.

The “Flags” will be in the form of random and unique strings (hashes) which can be discovered as result of vulnerabilities exploitation of some applications made available for this purpose.

The number of points awarded for each answer/flag is directly proportional with the difficulty level of the challenge.

The CTF platform will be available for a 24 hours interval. The teams will have to solve specific tasks on computer networks and data security issues in a local organized network environment. To validate the results the teams will have to load them on the CTF platform.

The competing teams need to have knowledges on the data networks security and specifically in the following areas:

  • Identify and exploit vulnerabilities as they are described in OWASP top 10
  • Identification of services and software versions involved in running web applications
  • Identification of services and software versions associated with the host operating system
  • Identification of vulnerabilities associated with each of the previously identified services or software versions
  • Identification of public exploits being connected with existing vulnerabilities on services or specific software version running on the CTF machine

The contestants will be allowed to use any tool that can help them in solving the challenges, without affecting the functionality or availability of the systems hosting the CTF platform or related infrastructure. More details on contest rules will be posted in a timely manner on the CTF online platform.

The competitors will have access to the necessary equipment and a dedicated communication network. Compliance of some basic rules is absolutely necessary under penalty of immediate disqualification:

  • denial of CTF service/servers
  • not justified attacks or intrusions
  • actions outside of the contest defined environment

Awarding

The results will be evaluated by jury who will provide a classification based on quantizable criteria. Prizes will be awarded to the best teams. The provided solutions will be publicly presented by the winners.

Photo Albums

International Students Contest on Information Security Stefan cel Mare University Suceava Safetech Assist Software

Main contact

ctf@usv.ro Contact

CTF-USV 2020 Committee Coordinator:
Alin Potorac, Professor, PhD.

alin.potorac@usv.ro / +40-741-221402

About the organizers

Suceava University is a public university located in north-east area of Romania. A local tradition in organizing computer and IT contests for students was developed in the past years.

Safetech Innovations is the only dedicated Cybersecurity company on Romanian market which offers a complete range of security services and combined with being a value-added security solutions implementer and integrator, and also the operator of an accredited CERT, which operates 24/7. STI CERT (SAFETECH COMPUTER EMERGENCY RESPONSE TEAM) is a private CERT/CSIRT, owned and operated by Safetech Innovations, to provide its clients in the public and private sectors, continuous monitoring of cybersecurity threats and intervention in case of security incidents. Also, Safetech is the first company in Central Europe and one of four in the world certified company HID Global as "Certified Implementation Partner" and the only company working exclusively in information security from Romania, accredited by Check Point as Check Point's Certified Collaborative Support Provider (CCSP).

ASSIST Software Romania specializes in outsourcing software development projects. Based in Eastern Europe, we are operating in a challenging economy that creates a fertile environment for Information Technology and business outsourcing. Our team has a solid and proven track record, delivering high quality and timely services. Founded in 1992, ASSIST Software Romania is present on the international market as a supplier of innovative solutions, adding business value through technology implementation at a professional level. Focusing our activities toward developing complex software products, ASSIST Software Romania provides consistent results in emerging fields such as mobile and web-based custom business applications, e-commerce, e-payment, e-security, e-health and enterprise & resource planning, entertainment and gaming industry.