E N O W A R S 3

Online Attack / Defense CTF competition

5th of July 2019 / 9:00 - 19:00 UTC

Hosted by ENOFLAG and SecT of TU Berlin

Hosted by ENOFLAG and SecT of TU Berlin


They don't let us think for ourselves.

The Internet is under constant surveillance, firewalled and ruled by fake accounts and spam bots.

Once glorious, CTFtime.org is now buried.

For our counter attack, ENOFLAG calls upon you, - the most powerful hackers - to join us in this fight.

To find the chosen one, ENOFLAG hosts an epic underground tournament, "ENOWARS 3".

Armed with advanced cyber weapons and human brains, teams from around the world try their best to save mankind.

But can they patch malicious services and restore the web to its former glory?

WTF is Attack / Defense CTF?

Thanks to LiveOverflow for sharing this video with us.

Attack/Defense for Beginners

A typical attack/defense CTF consists of three components:

The Gameserver

It is provided by the organizers and runs throughout the competition, starting when the network is opened. It periodically stores flags on your Vulnbox using functionality in the provided services. It then later retrieves these flags, again using existing functionality. The Gameserver does not run exploits! It simply uses the service as intended.

Now, why can't the other teams then simply do what the Gameserver does?
The Gameserver has more information. Every service is either designed to allow the Gameserver to store a specific token for each flag or generates one and returns it to the Gameserver.

The Gameserver uses this token to check periodically that the flag is still there. Whether or not it gets the stored flag using that token, determines your SLA (Service Level Agreement). You mustn't remove or break any legitimate functionality.

Some services can have a vulnerability that directly leaks the flag, which will let you retrieve the flag easily. For others, it will require more effort.

Your Vulnbox

The Vulnbox is your running instance of the virtual machine image given to you by the organizers. It contains and runs all the services of the competition and should be reachable at all times. The Gameserver stores its flags here and uses the communication with this machine to decide if your services are working as intended or not. This machine is accessible to everyone on the network, and is the target for all the exploits from other teams.

Protecting the flags on this machine is what determines your defense points!

You normally have one hour from getting the decryption password of your Vulnbox until the network between teams is opened and everyone can attack each other. Use this time to get the VM running, then start analyzing what's running on it. It has happened that services with vulnerabilities that are easy to find have been exploited as soon as the actual competition starts.

For learning how to host the Vulnbox, have a look at Basic Vulnbox Hosting.

The other teams

All the other registered teams are connected to the same VPN as you. Their Vulnboxes have known IP addresses, all other machines are off-limits! The other teams will run exploits from their own machines, but the VPN infrastructure will use NAT to obfuscate whether a packet came from the Gameserver or another team.

Successfully stealing and submitting flags from the Vulnbox of other teams determines your attack score!

If you have played jeopardy CTFs before, you already know flag submission. In this game however, you'll have to run you exploits periodically, as new flags get stored by the Gameserver every few minutes. So you probably want to script exploits and submit Flags automatically and you don't spend all your time manually exploiting everyone.

Source: faustctf.net

File Icons



CTF-Team & Workgroup for Computer Security at the TU Berlin


IRC: #ENOWARS on freenode

MAIL: mail@enowars.com