Hackfest"19

Capture The Flag

20-21 April 2019, TN

Buy Ticket Now

Hackfest

The National Cyber Security Competition is a contest of 18 hours during which the passionate about cyber security will try to tackle challenges in numerous categories : IoT, cryptography, web exploitation, forensics and binary exploitation.

Where


Tunisia

When

Saturday to Sunday (02:00 PM to 10:00 AM)
April 20 to 21, 2019

National Cyber Security CTF Competition

The CTF consits of 2 phases. A qualification round and a final round. During qualification round contestants will compete individually to win slot for the final round. Only 160 contestants will qualify for finals.Final round is multi-team hacking challenge in which teams compete independently to win prizes. National Cyber Security CTF Competition is meant for both beginners and experienced contestants and consists of tasks ranging from simple to extremely difficult in various categories:

Cryptography

In this category, you'll attack poorly implemented crypto, outdated crypto, or use well-known vulnerabilities to attack encrypted messages. You might be given for example a few RSA keys whose modulus share a factor, and you decrypt a message encrypted by one of these keys

Binary Exploitation

The program you received is running as a service on a remote machine. Reverse-engineer it, figure out its vulnerability, and use that to take exploit the remote service into serving you a flag. Often, there's a flag.txt you can get the program to read, or perhaps it has a flag in memory you need to get it to accidentally send you.

Web Exploitation

These challenges involve attacking common vulnerabilities in web technology. For example, you might need to use SQL injection to read the "secret_flag" table of a database, use directory traversal to get a web server to serve you "flag.txt", use Cross-Site Scripting to trick a simulated user to send you their password, or bypass some client-side checks implemented by obfuscated javascript.

Reverse Engineering

In this category You'll receive a program, but not the source, so you need to disassemble it, look at the assembly, and figure out what it does. Programs can be x86 Windows, x86 Linux, ARM Linux, obfuscated Java, and a whole bevy of more obscure formats.

Forensics

This is a fairly broad category. You might receive an image of a disk in FAT format, and you'll need to un-delete "flag.txt". Maybe you receive a zip file, that contains a 7z file, that contains a tar archive, that contains some obscure file format you've never heard of, and unpacking the entire chain eventually gives you a flag.

IoT

These challenges involve attacking Embedded/IoT devices. You might receive an Arduino board, and you'll need to dump and analyse a firmware. Maybe you receive a binary program, that contains memory management vulnerability, exploiting the entire flow gives you a priviliged access to read files.

Hurry Up!

Last year our tickets sold fast so don’t miss. Competition will start in

Event Schedule

A contest of 18 hours duration

Sponsores

Conferences dedicated to building remarkable events.

Coming soon
Coming soon

Student

TND20/Ticket

  • CTF Entrance
  • Comfortable Seat
  • Coffee Break
  • Dinner
  • Certificate
  • Photo
Registration not open