Important Dates:
1st Round (Online) – 9:00AM Saturday 10/07/2023 to 8:59AM Monday 10/09/2023
2nd Round (Hofstra Cybersecurity Center) – 9:00AM to 5:00PM Saturday 10/28/2023
Eligibility:
Undergraduate or graduate students enrolled at the accredited colleges and universities listed here. Each team can be made up of one to two students. Students who enter the 2nd round will need to show valid student photo ID.
Awards:*
1st place team: $10,000
2nd place team: $4,000
3rd place team: $2,000
*Based on two-person teams, pro-rated for one-person team.
All other teams completing the 2nd round: $100 per team.
If a team has 2 members, the members will share the prize.
Scope and Format:
All teams have to register (providing a team name, real names of participants and affiliation) by Sunday 10/01/2023 at 11:59pm.
The scope and format will be similar to that of DEFCON Qual and OpenCTF. Topics include but are not limited to: web security, forensic analysis, cryptography, binary executable attacks and defense. All challenges have one and only one solution in the form of a string that matches regular expression FLAG[0-9]{6,20}.
The first round is entirely online, a submission window is open for 48 hours. All challenges will be released at 8:00AM 10/07/2023. A google form will be provided for submission. The total points of all the challenges will be 100 points, however, each challenge carries a different value. In the first round, there is no restriction on the use of computers and Internet. We expect all participants hold the highest standard of academic honesty.
A total of 34 semi-finalists will be determined using the rules below: (1) each participating institution is guaranteed one team, upon the condition that the team’s performance is greater than 50 points. (2) all other teams will be ranked by the points earned and then submission timestamps.
The 2nd round will take place in Hofstra’s Cybersecurity Center. Each team has 1 or 2 computers assigned, depending on the size of the team. Each computer has the access to a submission system (a cyber-range system), and standard Kali 64-bit 2023.03 (with Ghirdra and gdb) installed. Note that Internet will not be available. Use of personal computing devices will not be allowed. Thus, all the technical information available to you will be the Unix Manual pages in Kalinux. All teams have 4 hours to tackle as many challenges as possible. Challenges can be tackled in any order and each has 3 opportunities of submission without penalty. Ranks of all teams will be displayed over a big projector screen dynamically at run-time. At the end of the competition, the ranks will be determined by the total points earned by each team. Ties will be broken by the last submission timestamp.