December 15, 2010

Hack Quest 2010 Online

The SecurityLab.ru portal invites all comers to participate in an online information protection contest - Hack Quest 2010. The contestants will try their skills in the field of security assessment, search and exploitation of vulnerabilities, reverse engineering, and just hacking. Prizes are waiting for the winners!

The game infrastructure was not initially planned as an online contest, so, unfortunately, all the interfaces of the contest are in Russian. However, it shall not prevent foreigners from participation :)

Contest Conditions

Participation in the contest is open for all comers who acquainted themselves with the rules of participation and are ready to comply.

To participate in the contest, you should register on the contest registration page and get credentials to connect to the VPN server.

After establishing the VPN connection the contestants should, without assistance, find targets and identify the targets’ vulnerabilities. Successful exploitation of a vulnerability allows a contestant to obtain a flag, which should be sent to the jury via special form on the contestant’s personal page www.securitylab.ru/hq2010/. If the flag is valid, appropriate points will be given for it. The maximum amount of points is 100. Contestants with the score higher than 100 points will be awarded with special prize :))

The contestant with the highest score will become the winner.

Rules for Contestants

1. General Permissions

During the contest the participants are allowed:
• to conduct attacks against game servers (IP range: 172.16.0.0/26) in order to capture flags
• to use tools that comply with Russian Federation law to search the game servers for vulnerabilities
• to obtain information located and processed on the game servers within the framework of the contest tasks

2. General Prohibitions

During the contest the participants are not allowed:
• to attack other contestants’ computers
• to generate unnecessarily large amount of traffic (Flood, DoS)
• to conduct destructive attacks against game servers (e. g., rm –rf /)
• to remove flags from game servers
• to perform any illegal actions with respect to Internet resources

3. Sensitive Information Processing

Contest registration form does not require providing personal data. Consenting to the contest conditions, a contestant agrees to the use of the registration information with the purpose of informing other contestants about current results of the contest, gathering and processing statistical information.

4. Monitoring

During the contest, all actions that involve using game infrastructure are monitored. The organizers of the contest have the right to gather and analyze the statistics of contestants’ actions.

5. Access Guarantee

Permanent availability of the infrastructure or any of its components is not guaranteed. The Hack Quest 2010 game infrastructure is provided in "as is" condition. The organizers of the contest do not guarantee that the game infrastructure and its components will comply with contestants’ aims and expectations and also do not guarantee uninterrupted and trouble-free operation of the game infrastructure. The organizers of the contest are not accountable to contestants for the actions performed in the VPN network of the game infrastructure. The organizers of the contest will not compensate for any damage, direct or indirect, inflicted on contestants or third parties as a result of the possibility or impossibility of using the Hack Quest 2010 game infrastructure or its components.

Have fun!

1 comment:

  1. This comment has been removed by a blog administrator.

    ReplyDelete