ATTENTION: Due to grave concerns regarding the COVID-19 crisis we are postponing
our AFRL CTF, previously scheduled for Saturday 03/21/2020 in NYC, until further notice. Please
stay safe during this time and stay tuned for updates in the coming weeks.
Our qualifying round (Stage 1) remains active and is remote!
Red Balloon Security & AFRL CTF
We are in need of your services.
Our mutual friends have become aware of an asset of great importance possessed by agents of Cerberus, a secretive and shadowy organization dedicated to the utter destruction of all we stand for.
It is believed to be a form of key or pass, granting the bearer unquestioned rights to engage in pro tempore locatio conductio operis at Red Balloon Security and the Griffiss Institute, Cerberus-infiltrated contractor facilities.
Our friends have learned that Cerberus is transporting this asset to Area 51 via secure cargo container. We do not have their full itinerary, but reliable sources indicate that the container will be in New York, NY on March 21st 2020. Details pending.
Your mission, should you choose to accept it, is to access the container, secure the pass, and use the rights of pro tempore locatio conductio operis to infiltrate the contractors and engage in knowledge transference.
This will not be easy.
Secure the asset from the Cerberus shipment.
The container is defended by an elite team of operators highly trained in the remote defense of secure facilities. All angles of approach are monitored by cameras, and the container itself is protected by ROOKS remote turrets. The operators have orders to fire on anyone who approaches the container.
Two weeks ago, our agents managed to capture a similar container and downloaded the firmware binaries for the cameras and the ROOKS units before the unit self-destructed. We hope that when you analyze the data, you will find some weakness you can exploit to get past the cameras and turrets. Remember, many members of the Both Ann cell died to bring you this opportunity.
If you accept this mission, initiate Stage 1.
STAGE 1: Defeat Video Surveillance
The target area is monitored by a remote camera system. In order to avoid detection while infiltrating the container, you will need to look for vulnerabilities that you can exploit, and create an attack to loop the footage.
We have positively identified the cameras as modified Xiaomi Yi Outdoor Security Cameras.
- Exploit Security Camera
- Loop Footage
To ensure agent safety, we will need to check your work. Our agents will provide more information on verification as you complete this task.
Live Camera Feed
STAGE 2: Defeat Sentry Turret
The container is further protected by an armed ROOKS sentry turret. The ROOKS turret is Cerberus’s knockoff of the US military spec CROWS turret. It comes equipped with a recoilless missile launcher firing 12mm depleted-polyurethane kinetic impact flechettes.
You will look for vulnerabilities you can exploit, and create an attack to disable the turret—without the operators knowing. If they realize they’ve been hacked, they will remotely self-destruct the facility. Good luck, and don’t get shot.
- Disable Sentry Turret
- Avoid Detection
In the interest of not getting shot, we want to verify your work on this stage as well. Our agents will provide more information as it becomes available.
STAGE 3: Infiltrate the Container
After submitting your solutions for Stage 1 and Stage 2, you will meet with our undercover agents in New York. They will be at secret location, posing as representatives of Red Balloon Security.
You will be rewarded for your efforts thus far, but your trials will have only just begun.
If we determine that you are ready to face the gauntlet, you will be provided with everything you need to prepare for the assault. If any new security systems have been identified, you will be given a briefing on them.
Once you are ready, agents will lead you to the location of the container. Motivational music will be played. Be careful! If the defenders see you or determine that the turret is disabled before they try to shoot you, they can remotely lock down the container. You will have limited time to obtain the asset.
- Clandestinely Meet With Our Agents
- Infiltrate Container and Recover the Asset
Each stage of the challenge is an opportunity to earn the following prizes:
Completing Stage 1 will be rewarded with Anonymizing Headwear.
Completing Stage 2 will be rewarded with a Cyberphysical Access Tool.
Completing Stage 3 will be rewarded with another Cyberphysical Access Tool.
If you complete the entire 3-stage challenge, are eligible, and are the most impressive candidate, you will win the grand prize: A paid internship at Red Balloon Security.
The Most Important Rule: Don’t be a jerk.
The contest organizers consist of Red Balloon Security, the Air Force Research Laboratory, the United States Air Force, and the Griffiss Institute,
along with any of their employees.
The contest organizers have ultimate authority over the interpretation of these rules, awarding of prizes, and anything else related to this contest.
These rules, the prizes, and the very existence of this contest (and anything else) may be changed by the contest organizers without notice.
This contest is open to all who are NOT:
- Employees of the contest organizers, or
- Removed or barred from the contest by the contest organizers.
The contest organizers may remove or bar any person or persons from participating in the contest for any reason or no reason at any time.
RULES OF ENGAGEMENT
In the course of completing this challenge, you may NOT:
- Touch any physical hardware that is part of the challenge. Remote attacks only!
- Exception: You may open the door to the secure facility in Stage 3, walk into the container, and press buttons inside.
- Touch any person that is part of the contest, or anything they are using or carrying.
- Impede the contest operators in the execution of their duties.
- Exception: You may distract, impede, or interfere with the operators of the cameras and turret, but you must stay 5 ft away from them while doing do. Social attacks are permitted! (But don’t be a jerk)
- Interfere with other teams participating in the contest.
- Kidnap the contest organizers.
- You may use any resources you legally find.
- You must package your solution as a script that when run will access and hack a camera--you won't have time to redo your work during stage 3.
- Your hack must record and loop no more or less than 30s of footage.
- If you complete this stage, you will win a prize. Contact the organizers at [email protected] One prize per contestant, please (unless we have extras).
- You may use any resources you legally find.
- You must package your solution as a script that when run will access and hack a turret--you won't have time to redo your work during stage 3.
- Your hack must not be visible to the operators of the turret before the trigger is pulled.
- If you complete this stage, you will win a prize. Contact the organizers at [email protected] for the secret location to demonstrate in person. One prize per contestant, please (unless we have extras).
Stage 3 will consist of two phases. First, you will be given a 3rd challenge in the vein of Stage 1 and 2, which we will call Phase 3a. If you complete it, you will be invited to proceed to Phase 3b: Entering the storage container.
- You may not start the challenge until you receive the details from the organizers.
- You may use any resources you legally find.
- Additional details and rules will be provided when you begin the challenge.
- This is the fun part. Because lawyers hate fun, you will have to sign a waiver to begin this part of the challenge.
- You will then be able to sign up for a timeslot to attempt the challenge. Don’t be late!
- Only one person can attempt this challenge at a time. If you are in a group, you must nominate one person to attempt the challenge and win the prize.
- When the music starts, you can begin. You will have 5 minutes to enter the facility and claim your prize.
- If the defenders (operating the turret and camera) see you, they will shoot you with the ROOKS turret. It’s a NERF gun, if you didn’t decode the technobabble.
- If you, anything you are wearing, anything you are holding, or anything you are controlling the movement of gets hit, you fail this stage challenge and may not proceed. You may re-attempt the challenge after 3 hours.
- If the defenders see you and can’t shoot you, they can lock down the prize dispensing system. In that case, you fail and may re-attempt the challenge after 3 hours.
- Once you get inside the container, you will be presented with a prize-dispensing machine.
- Anyone who gets this far gets the Cyberphysical Access Script, and may win the internship.
If you complete the challenge, are eligible, and are the most impressive candidate, you will win a yearlong paid internship at the Griffiss Institute and Red Balloon Security (working 6 months in each). If multiple people are eligible and complete the challenge, we will use a tiebreaker to determine the winner.
- To be eligible, you must:
- Be over 18 years of age.
- Be attending or have graduated from an accredited 4 year college or university in the United States.
- Be eligible to work in the United States without a sponsor.
- Be interested in an internship at Red Balloon Security.
The tiebreaker will award the internship to the eligible candidate who completes the challenge has the most points, defined as follows:
- Failures: The number of times the candidate failed Stage 3 by getting shot or running out of time, before succeeding:
- 0: 40 points
- 1: 30 points
- 2: 20 points
- 3: 10 points
- 4 or more: 0 points
- Time: Time taken to complete Stage 3 on the successful attempt:
- 120 seconds: 40 points
- 120-300 seconds: 40 points - 1 points per 4.5 seconds in excess of 120 seconds
- More than 300 seconds: 0 points.
- Score: Ranking in the Top Secret final challenge (Its a secret! You'll find out....maybe). Only the best performance across all attempts will be ranked.
- 1st place: 20 points
- 2nd place: 15 points
- 3rd place: 10 points
- 4th place: 5 points
- 5th place or higher: 0 points