Game Challenge

Here at WOAS Academy we are launching some new and exciting laboratories to try hacking techniques accessible via VPN, try your luck in our challenges and if you succeed, we award you awesome prizes.
Every challenge comprises of 3 parts: Vulnerability, Exploit and Mitigation.

All Candidates must submit these 3 parts.

Sign up for the next Game Challenge, TBC very soon. See you ingame.


THERE ARE FOUR TYPES OF CHALLENGES YOU CAN ENTER:

PENTESTING

WEB SECURITY

CRYPTO

FUN

We try to keep the rules as short as possible. Any participating team that violates any of the rules will be expelled from the competition.

Code of conduct

Both players and the jury are expected to fully embrace principles of good sportsmanship – to compete fairly, to judge by merit and to not try to exploit the game system or the rules in unintended ways. Please take fair play into consideration, even if something is not listed in the rules below. Whenever the latter is not obvious, jury should be consulted before any action taken.

Scoring System

The scoring will be provided to the teams before the challenge. An introduction workshop about the platform and scoring system will be provided the day before the competition. The scoring will be decided by the steering committee.

Approved list of items

The list of approved items will be communicated to the teams before the challenge. The list must be approved by steering committee based on the hosting country proposal. Additional hardware that could be needed during the scenarios would be provided by the organization.

Framework Infrastructure

A list of software, services, machines and/or conditions that shall not be attacked or modified will be provided at the beginning of the competition.

About platform

DOS/DDOS
Participants shall not start denial of service attacks. We all depend on a working network and therefore just bringing services down is not what we want here.
Network Interruption
Participants shall not pollute/poison/jam the provided wired or WiFi networks. The network is required for running the Game Challenge.
Network Devices
Participants may only connect their devices to the ports enabled by the organization, they will be communicated at the beginning of the competition.
Layer2 Attacks
Participants shall not use layer2 attacks in the wired or wireless network.
Users
Each participant can only use the user provided. Users can not be exchanged or reused.
Scoring System
Participants shall not interfere with the scoring system.
Monitoring System Participants shall not interfere with the monitoring system.
Platform Infrastructure
Participants shall not interfere with the platform infrastructure.
Missing Tool
The organization will not provide additional tools and software on top of the ones already installed on the platform. The same set of tools will be available to all teams
Lockout
If you lockout yourself from a server/service your team Captain should ask WOAS provider staff for help, they will manage this kind of issues.
Challenge Exfiltration
Copying data outside the given virtual environment is not allowed, any challenge artefacts belonging to the platform should not be transferred outside the platform.
Public Write-ups
No write-ups about the challenges may be published by participants without express written consent of WOAS and the platform and/or challenge provider.

Special Rules

Pause
The WOAS platform could be paused. If we experience an important problem, the jury will use the pause feature to fix the issue. Team players must leave the WOAS room during that pause if is required by organization.
WOAS Platform Lab
It is not allowed to launch traffic from the physical machines of the participants against the platform that is not exclusively display it and normal user interaction through the browser.

WordPress Appliance - Powered by TurnKey Linux