Hello! In this post, we will talk about how we spent the first ever RBK.money CTF (capture the flag). The mechanics of the competition were about the same as on the usual CTFs, but the results were a bit surprising. However, perhaps we just overdid it with tasks.
As part of CTF, it was necessary as part of a team or, if you felt that you could handle it yourself, individually get a certain flag, carefully hidden by our guys in the code. To get it, you had to either hack the services participating in CTF, or write a program, or just find a vulnerability in our code and not slow down to use it.
About 100 teams participated, some of which had 5-7 people, and others one at a time. The CTF feature has become two things. First, partly the competition was dedicated to Erlang. The thing is not the most popular, yes. The second - none of the participants mastered several tasks, one of the tasks was very typical for Erlang, and one more - to extract information from an audio file. Either people have ceased to get involved in steganography, or we have gone too far.
, . -, , . β , .
CTF , yet another , - , β , - . , , , , Erlang. , , . , , . , , ( , ), , . , - .
. , - , , . , .
. RBK.money Github, - , . , , . 2 2 - . , . , , .
web
. , Python, (-) Erlang. Python SQL-, . Erlang . , , Erlang , . , , , . 45 Erlang.
, , . IPv6. , IPv6, . .
, , - . (, ). , , . , , .
Harbor registry . Harbor registry -, CVE, . , harbor registry, , , , .
, ( , harbor ), , . . .
https://dashboard.hq.rbk.mn/ CTF. , , . , , , . CTF, , , .