Standoff 13 main stage
Cyber exercise
finished
Banking system
Banking system
The Central Bank of Standoff is the country's financial regulator. Consumer financial services are provided by three commercial banks. The Commercial Bank of Standoff, which has many offices across the country, caters to companies and organizations. First Partner Bank manages merchant accounts and enables QR code payments and fast transactions. Global Digital Bank has only one branch office as it is fully automated; the bank's applications are cloud-based.
Scope
Outer perimeter:
combs.stf 10.119.10.64/26
centralb.stf 10.119.10.128/26
firstpb.stf 10.119.10.192/26
glodb.stf 10.119.11.0/26
combs.stf 10.119.10.64/26
centralb.stf 10.119.10.128/26
firstpb.stf 10.119.10.192/26
glodb.stf 10.119.11.0/26
Inner perimeter:
combs.stf 10.149.2.0/23
centralb.stf 10.149.4.0/23
firstpb.stf 10.149.6.0/23
glodb.stf 10.149.8.0/23
combs.stf 10.149.2.0/23
centralb.stf 10.149.4.0/23
firstpb.stf 10.149.6.0/23
glodb.stf 10.149.8.0/23
Out of scope:
- all servers named logc.<office>.stf
- network 10.119.1.0/24
- SC SERVERS, SC USERS networks: 10.149.2.0/26, 10.149.4.0/26, 10.149.6.0/26, 10.149.8.0/26, 10.149.10.0/26, 10.149.12.0/26, 10.149.14.0/26, 10.149.16.0/26, 10.149.18.0/26, 10.149.20.0/26, 10.149.22.0/26, 10.149.24.0/26
- Accounts starting with "pt*"
Vulnerability reports
The tasks indicate where the vulnerabilities are located: on Gate hosts or in the DMZ and further within the infrastructure. Reports on vulnerabilities found in Gate are automatically verified upon flag submission. Reports on vulnerabilities found in the DMZ and within the infrastructure are verified by the jury.
When reporting a vulnerability, make sure to note where it was found. If it was discovered on Gate hosts, open the report in the relevant tab, select the vulnerability, and submit the flag. If it was found in the DMZ and further within the infrastructure, fill out a report for the jury.
Attacker metrics
Critical events
167reports
submitted
submitted
133critical events
triggered
triggered
Loading data
Difficulty:
Low
Medium
High
Master
Vulnerabilities
0vulnerabilities
discovered
discovered
Severity:
Critical: undefined
High: undefined
Medium: undefined
Low: undefined
Defender metrics
0
incidents
recorded
recorded
0
critical events
investigated
investigated
Results
Rank
Team
Triggered events
Event points
Discovered vulnerabilities
Vulnerability points
Bonus and penalty points
Total points
1
RHTxF13xSHD
17
79,139
0
0
79,139
2
DreamTeam
14
53,214
0
0
53,214
3
Jet_Infosystems
9
43,829
0
0
43,829
4
Bulba Hackers
9
41,183
0
0
41,183
5
Wetox
9
32,639
0
0
32,639
6
True0xA3
7
28,981
0
0
28,981
7
Crypto Apes
9
22,187
0
0
22,187
8
GISCYBERTEAM
9
21,136
0
0
21,136
9
TSARKA
6
15,548
0
0
15,548
10
Kibers
6
14,765
0
0
14,765
11
cR4.sh
5
9,937
0
0
9,937
12
Radiant0x2A
5
8,915
0
0
8,915
13
ℭ𝔲𝔩𝔱
4
6,000
0
0
6,000
14
SecWare
3
5,414
0
0
5,414
15
DeteAct × SPbCTF
5
5,000
0
0
5,000
16
only_f4st
4
4,000
0
0
4,000
17
EvilBunnyWrote
3
4,000
0
0
4,000