🚩 SDU CTF: Official Rules & Code of Conduct
🚩 SDU CTF: Official Rules & Code of Conduct
By participating in SDU CTF, you agree to abide by the following rules. Failure to comply may lead to disqualification or a permanent ban from future events.
No Flag Sharing: Do not share flags, solutions, or write-ups while the competition is active.
Dynamic Scoring: We use dynamic scoring, as more players solve a challenge, its value decreases. By sharing a flag, you don't just help an opponent; you actively lower your own score.
Individual Effort: Do not create multiple accounts or collaborate with other teams unless explicitly permitted by the organizers.
Stay In Bounds: Only the specific challenge instances are in scope. The CTFd platform, servers, and backend systems are strictly out of scope.
No Bruteforcing: Do not attempt to guess flags or brute-force the platform using automated tools. If a challenge requires a brute-force approach, it will be clearly stated in the description.
Infrastructure Integrity: Do not attempt to DDoS, disrupt, or hack the CTF infrastructure. Any malicious action against the servers will result in immediate disqualification.
OSINT Boundaries: For Open Source Intelligence (OSINT) tasks, use passive information gathering only. Do not scan, attack, or disrupt external websites or social media profiles.
Environment Care: Do not delete flags or intentionally damage challenge environments (e.g., deleting files in a web shell) that would prevent others from solving the task.
Respect the Community: Maintain a professional and respectful demeanor toward fellow participants and organizers.
Hints & Tips: If someone is stuck, feel free to give a nudge or a tip, but never the flag.
Organizers' Word: The organizers’ decisions are final. Rules may be updated during the event if necessary.
The organizers reserve the right to monitor platform traffic and logs. The following actions will result in immediate disqualification and a permanent ban from SDU CTF:
Flag Hoarding/Dumping: Attempting to submit a large volume of flags in the final minutes of the competition to "snipe" the leaderboard is highly discouraged. While not always a ban offense, it may lead to a closer audit of your solutions.
Collusion: Any evidence of teams or individuals working together to manipulate the leaderboard or bypass challenge restrictions.
Infrastructure Attacks: Any attempt to DDoS, brute-force the CTFd login, or gain unauthorized access to the competition backend.
Social Engineering: Attempting to trick organizers or other participants into giving away flags or hints through deception.
Public Write-ups: Publishing solutions or walkthroughs on blogs, GitHub, or social media before the competition has officially ended.
Note: All suspicious activity will be reviewed by the SDU CTF admin team. The organizers' decisions are final and non-negotiable.
Unless otherwise specified in the challenge description, all flags follow this format:
cycnet{FL4G_3XAMPL3}
Have fun, learn something new, and happy hacking!