Capture The Flag

Date Saturday 11 October
Time 1:00 PM
Location Lanai Bar LAN Area


Welcome to Ruxcon Capture The Flag (CTF), Australia's longest running and most competitive CTF competition!  A game designed to test your computer hacking skills and problem solving abilities against friends and foes from all across Australia within a fun and friendly environment. 

Ruxcon CTF consists of a series of levels (contracts). Each of which can be played at your own leisure with level difficulty ranging from easy to moderate. Some training contracts may need to be unlocked before progressing to more difficult contacts.

We have set up a social LAN area for CTF players in the upstairs bar, or if you're not too fond of people  you can always play via the wireless network. The competition will launch at 1:00PM on Saturday in the bar and finish up strictly at 3:00PM on Sunday. 

You can register as team or play as a lone-wolf. The CTF registration page is available on the CTF Network onsite at Ruxcon, please check the Ruxcon handbook for more details on how to register.


Ruxcon CTF is designed to accommodate all levels of skill and experience, but more importantly, CTF is a fun challenge which anyone can play and it doesn’t require a whole lot of commitment or advanced skills. So if you’re not the competitive type and you’re just a little bit curious please register and have a bit of a poke around. We will provide solutions for all levels once the competition is over.

Some of the challenges you can expect to come across include:

  • Clientside Ownage
  • SQL Injection
  • Dotslash Technique
  • Reverse Engineering and Binary Analysis
  • Basic Exploit Development
  • Basic Forensics
  • Unix Insecurities
  • Network Attacks
  • Logic Bugs
  • Windows Insecurities


To start off,  you will tackle a series of introductory training missions which can be played in any order. Each training mission is made up of a series of small hacking related challenges which on completion will reveal reward tokens.

By completing the training missions you will unlock some hacking 'contracts' which you take on. These contracts involve a series of comprehensive hacking tasks and contain multiple tokens which can be redeemed for competition points. On completion of a contract you may receive some bonus points. 

You will need to submit the token to the CTF dashboard in order to redeem points and increase your over-all competition ranking. Tokens can be of varying point value based on the difficulty of a challenge. During token submission a token's value is divided by the number of players who have already solved the challenge, so it pays to get in early. 

The player or team with the most points at the end of the competition will be declared the winner.


During the competition we will have a live scoreboard located in the CTF LAN area or you can view the scoreboard via it at http://scoreboard.ctf. The scoreboard displays the current Leaderboard and some real-time action of our players attempting to complete Unix challenges courtesy of some sneaky terminal sniffing we have set up on the competition servers.

We’ve also set up a Ruxcon CTF Twitter bot @RuxconCTF so you can follow the competition at home or on the move.


There are no software requirements but if you have never played a CTF before then installing Kali, Burp, and Metasploit will be enough to get you started.

We have archived a local copy of Kali and Backtrack available on the CTF Network.