Guys, this is unprofessional.
Mikhail Yakovlev
Sorry to say, guys, but I am so sick and tired of getting services up
and running and the fact that because of it I had no chance to start
even looking at exploiting other boxes.
You are either calling this CTF wrong and it should be AdminCTF or
something, or you have to consider what you are doing.
Because this had to do a lot more with admin stuff instead of
progressive hacking/pentesting, and this is not suitable for small teams because of
constantly failing services.
You can say that those serices failed under attack - but then again, why
do you make such services that cannot withhold even a small amount of
attacks? Sounds to me like a bad homework.
Last year I thought it was a coincidence, shit can happen. But when it
comes 2nd time in a row I call it unprofessional.
And I am not sure that I even want to see this next year at all because
of this.
If I wanted admin stuff, I would not even participate in
this, because I have more of enough of this kind of things at work.
Anyway, I hope at least someone enjoyed it, but not our team.
Good luck, I hope you get my point.
It wasn't fun.
M.
Team squareroots
stable and verbose CTF contest at the moment :)
Just as last year, great services, useful statistics and a good balancing.
Thanks from team squareroots for spending so much time to create an
awesome event! :)
so long,
-- sqrts
Mark Schloesser
0ldEur0pe thanks you for great 12 hours of action - you really succeeded
in keeping the frustration low and giving us a lot of fun and
interesting stuff to work on!
Before the event we were really looking forward to a classic vulnbox
based defense/offense CTF - as we did not have enough of those to play
in lately. Well and you definitely are organizing one of the most
enjoyable ones :)
Kudos to HackerDom!
Also thanks to all the other teams for making this a tough and close
fight! See you in the next competition!
Cheers,
- 0ldEur0pe
alessandro barenghi
Thanks a lot for the great fun you provided us in the last 12 hours,
the competition was really enjoable and everything went pretty
smoothly with the network setup.
Thanks for the effort you put in bringing the whole thing to all of us :)
Cheers
-- Tower of Hanoi
Dmitry Stephantsov
-- SiBears, Tomsk State University
Roman Medina-Heigl Hernandez
technical at all. I'd suppress it or at least I'd give it a reasonable
scoring (25% for that is insane!).
The other point I didn't like very much was the advisories part, it is
always a bit unfair because scoring is subjective (and there should be a
minimal severity required at least; reporting a leak/xss and gaining
points...).
I also lacked a description of different scoring states ("mumble", "checker
error", etc). It was obscure. I'd also have published and *detailed*
scoring rules some days before the contest. The published page was late and
it is not well-explained/detailed, IMHO.
Finally, not dropping tips at IRC and sending all news/tips via official
mailing-list was a total success. It is very fair and I hadn't seen at
other events. Well done.
That's all I can say, hope it helps for next year :)
Kudos to HackerDom for a great CTF organization!!
Cheers,
-Rom�n
Dmitry Stephantsov escribi�:
> This CTF was awesome!
>
> One of the main points our team noticed in this game is giant effort
> made by organizers. Many technoligies, lots of programming lauguages,
> interesting ideas about where to hide the flags. It was outstanding,
> despite the fact that it was classical CTF.
>
> We should mention another point. HackerDom hostes another CTF competiton
> � onsite RuCTF in Ekaterinburg, Russia. As regular participants we can
D T
falcon-murderdoll-nopbyte-tinpardo-bytemare
I also enjoyed a lot... Although we prefered not to submit the task... not
technical at all. I'd suppress it or at least I'd give it a reasonable
scoring (25% for that is insane!).
The other point I didn't like very much was the advisories part, it is
always a bit unfair because scoring is subjective (and there should be a
minimal severity required at least; reporting a leak/xss and gaining
points...).
I also lacked a description of different scoring states ("mumble", "checker
error", etc). It was obscure. I'd also have published and *detailed*
scoring rules some days before the contest. The published page was late and
it is not well-explained/detailed, IMHO.
Finally, not dropping tips at IRC and sending all news/tips via official
mailing-list was a total success. It is very fair and I hadn't seen at
other events. Well done.
That's all I can say, hope it helps for next year :)
Kudos to HackerDom for a great CTF organization!!
Cheers,
-Román
Dmitry Stephantsov escribió:
> This CTF was awesome!
>
> One of the main points our team noticed in this game is giant effort
> made by organizers. Many technoligies, lots of programming lauguages,
> interesting ideas about where to hide the flags. It was outstanding,
> despite the fact that it was classical CTF.
>
> We should mention another point. HackerDom hostes another CTF competiton
> — onsite RuCTF in Ekaterinburg, Russia. As regular participants we can
> say that this competition is always the main event in our CTF calendar!
>
> In Russia we have to participate at night (from 22 pm to 10 am in
> Tomsk), and we think it WORTH it! Great time, lot of fun!
>
> Thank you, HackerDom!
>
> -- SiBears, Tomsk State University
--
g00d BYtE
___________________________________________________________
unzip ; strip ; touch ; finger ; mount ; fsck ; more; yes ; umount ; sleep
___________________________________________________________
Alexey Udovenko
FluxReiners
forward to a traditional flag-based CTF for 1 year as well and we
really enjoyed and appreciated to play a traditional ctf again! We
hope to see more of them in the next time.
we liked:
+ nice scoreboard (option to order the advisorys by service name would
be useful)
+ nice services, vulns
+ no network problems / time delays !
+ good information sharing through a public mailinglist
+ good organisation :)
The only thing we disliked was the advisory rating. We submitted
several vulnerabilities in short amount of time which got rated as "1
point, you got enough already" and later the same vulns were reported
and rated as "too late, 2points." and even XSS was rated as 1 point.
Strict rules for advisory rating should be announced and followed in
our opinion. Oh, and maybe 12h was a bit too long ;)
Thank you again for the great event and congrats to 0ldEur0pe !
direct4d
Although out team didn't show good results, we liked the competition
very much.
Excellent organization. No time delays, no checker failures,
everything was just as it should be.
The classic CTF rules always remind us about the protection of our own
services and about the competitive status of the game.
We had a lot of experience. Waiting for next RuCTF(E)!
Thanks from netcats,
direct4d
Florian Brunner
Hi Guys,
this _was_ professional.
Team h4ck!nb3rg from Austria is very thankful, because this CTF was a
real CTF. We had nice services, great response times and the contest
started just in time... the guys from HackerDom have improved the
competition if you compare it to the last RUCTFE in 2009.
Although we did not score that well... we had a lot of fun and every
single member of our team enjoyed the competition. Thank you for that.
We are looking forward to playing again next year... merry XMas and
happy Hacking ;)
Greetings from Austria,
http://h4ck1nb3rg.at
Riccardo Focardi
HackerDom!
you've organized a *great CFT*, indeed! We are quite a recent team so
this was basically our first real experience in a classic competition
so, for example, we got the importance of advisories too late in the
game. We are looking forward to analysing quietly all the services in a
comfortable isolated environment (i.e., no bad guys around attacking
us!) so to be prepared for the next year :)
Thanks a lot, it was great FUN and ..... quite hard, physically (5pm to
5am, meaning huge amount of pizza, panettone and prosecco around)
ciao!
Riccardo for c00kies@venice
p.s. weather here was quite 'Russian' that night: pretty cold and lot of
snow :)