International cyberexercises in information security
Top-notch researchers test how well the virtual State F's infrastructure is protected.

Standoff 11

Earn points by finding vulnerabilities in systems. Points are awarded separately for each system, and you can report only one vulnerability of each type per system.

Command and Defend

The factory has an onsite ore-blending plant with a bucket-wheel excavator and conveyor, a blast furnace, an oxygen-converter section, a rolling mill, and a continuous casting machine. Rolled metal is transported to customers from the finished product storage area

## Scope
Outer perimeter:
10.119.11.64/26
Inner perimeter:
10.149.10.0/23

## Out of scope: 
1) all servers named logc.&lt;office&gt;.stf
2) network 10.119.1.0/24
3) SC SERVERS, SC USERS networks: 10.149.2.0/26, 10.149.4.0/26, 10.149.6.0/26, 10.149.8.0/26, 10.149.10.0/26, 10.149.12.0/26, 10.149.14.0/26, 10.149.16.0/26, 10.149.18.0/26, 10.149.20.0/26, 10.149.22.0/26, 10.149.24.0/26
4) Accounts starting with "pt*"

## Vulnerability reports
The tasks indicate where the vulnerabilities are located: on Gate hosts or in the DMZ and further within the infrastructure. Reports on vulnerabilities found in Gate are automatically verified upon flag submission. Reports on vulnerabilities found in the DMZ and within the infrastructure are verified by the jury.  
 
When reporting a vulnerability, make sure to note where it was found. If it was discovered on Gate hosts, open the report in the relevant tab, select the vulnerability, and submit the flag. If it was found in the DMZ and further within the infrastructure, fill out a report for the jury.

MetalliKO

GISCYBERTEAM

The company produces, refines, stores, and markets oil and gas. Among its assets are a production field, an oil refinery, pipelines with pumping stations, tankage facilities, an oil-product loading station for rail transportation, and a gas distribution station

## Scope
Outer perimeter: 
10.119.11.128/26 
Inner perimeter:
10.149.12.0/23

## Out of scope: 
1) all servers named logc.&lt;office&gt;.stf
2) network 10.119.1.0/24
3) SC SERVERS, SC USERS networks: 10.149.2.0/26, 10.149.4.0/26, 10.149.6.0/26, 10.149.8.0/26, 10.149.10.0/26, 10.149.12.0/26, 10.149.14.0/26, 10.149.16.0/26, 10.149.18.0/26, 10.149.20.0/26, 10.149.22.0/26, 10.149.24.0/26
4) Accounts starting with "pt*"

## Vulnerability reports
The tasks indicate where the vulnerabilities are located: on Gate hosts or in the DMZ and further within the infrastructure. Reports on vulnerabilities found in Gate are automatically verified upon flag submission. Reports on vulnerabilities found in the DMZ and within the infrastructure are verified by the jury.  
 
When reporting a vulnerability, make sure to note where it was found. If it was discovered on Gate hosts, open the report in the relevant tab, select the vulnerability, and submit the flag. If it was found in the DMZ and further within the infrastructure, fill out a report for the jury.

Tube

City_F|guard

The company owns a railroad, an airport, and a seaport. Heavy Logistics also operates the traffic-light system in the capital

## Scope
Outer perimeter:
10.119.12.192/26
Inner perimeter:
10.149.24.0/23

## Out of scope: 
1) all servers named logc.&lt;office&gt;.stf
2) network 10.119.1.0/24
3) SC SERVERS, SC USERS networks: 10.149.2.0/26, 10.149.4.0/26, 10.149.6.0/26, 10.149.8.0/26, 10.149.10.0/26, 10.149.12.0/26, 10.149.14.0/26, 10.149.16.0/26, 10.149.18.0/26, 10.149.20.0/26, 10.149.22.0/26, 10.149.24.0/26
4) Accounts starting with "pt*"

## Vulnerability reports
The tasks indicate where the vulnerabilities are located: on Gate hosts or in the DMZ and further within the infrastructure. Reports on vulnerabilities found in Gate are automatically verified upon flag submission. Reports on vulnerabilities found in the DMZ and within the infrastructure are verified by the jury.  
 
When reporting a vulnerability, make sure to note where it was found. If it was discovered on Gate hosts, open the report in the relevant tab, select the vulnerability, and submit the flag. If it was found in the DMZ and further within the infrastructure, fill out a report for the jury.

Heavy Logistics

SlashИТочка

The company owns a nuclear power plant with a single power unit and a uranium enrichment plant. The energy generated by the nuclear power plant is delivered to consumers through substation 3. The plant has centrifuges that separate uranium-235 from uranium-238

## Scope
Outer perimeter:
10.119.12.128/26
Inner perimeter:
10.149.20.0/22

## Out of scope: 
1) all servers named logc.&lt;office&gt;.stf
2) network 10.119.1.0/24
3) SC SERVERS, SC USERS networks: 10.149.2.0/26, 10.149.4.0/26, 10.149.6.0/26, 10.149.8.0/26, 10.149.10.0/26, 10.149.12.0/26, 10.149.14.0/26, 10.149.16.0/26, 10.149.18.0/26, 10.149.20.0/26, 10.149.22.0/26, 10.149.24.0/26
4) Accounts starting with "pt*"

## Vulnerability reports
The tasks indicate where the vulnerabilities are located: on Gate hosts or in the DMZ and further within the infrastructure. Reports on vulnerabilities found in Gate are automatically verified upon flag submission. Reports on vulnerabilities found in the DMZ and within the infrastructure are verified by the jury.  
 
When reporting a vulnerability, make sure to note where it was found. If it was discovered on Gate hosts, open the report in the relevant tab, select the vulnerability, and submit the flag. If it was found in the DMZ and further within the infrastructure, fill out a report for the jury.

Atomic Energy

CyberNoobs

Electricity is generated at thermal and hydroelectric power plants, as well as by wind turbines and a solar power plant. The generated electricity is delivered through power lines to substations that feed cities, factories, and transport. All substations are managed by a dispatch control center. Smart meters send readings directly to the energy company.

## Scope
Outer perimeter: 
10.119.10.0/26
Inner perimeter:
10.149.0.0/23

## Out of scope: 
1) all servers named logc.&lt;office&gt;.stf
2) network 10.119.1.0/24
3) SC SERVERS, SC USERS networks: 10.149.2.0/26, 10.149.4.0/26, 10.149.6.0/26, 10.149.8.0/26, 10.149.10.0/26, 10.149.12.0/26, 10.149.14.0/26, 10.149.16.0/26, 10.149.18.0/26, 10.149.20.0/26, 10.149.22.0/26, 10.149.24.0/26
4) Accounts starting with "pt*"

## Vulnerability reports
The tasks indicate where the vulnerabilities are located: on Gate hosts or in the DMZ and further within the infrastructure. Reports on vulnerabilities found in Gate are automatically verified upon flag submission. Reports on vulnerabilities found in the DMZ and within the infrastructure are verified by the jury.  
 
When reporting a vulnerability, make sure to note where it was found. If it was discovered on Gate hosts, open the report in the relevant tab, select the vulnerability, and submit the flag. If it was found in the DMZ and further within the infrastructure, fill out a report for the jury.

Electric power industry

Your shell not pass

The company's main business is providing housing and public services. In particular, it is in charge of street lighting, CCTV maintenance, and digital billboards. It also helps residents equip their apartments with IoT devices. Beside that, City Housing & Utilities manages a stadium, a multifunctional public service center, and an automated warehouse (dark store).

## Scope
Outer perimeter:
10.119.11.192/26
Inner perimeter:
10.149.14.0/23

## Out of scope: 
1) all servers named logc.&lt;office&gt;.stf
2) network 10.119.1.0/24
3) SC SERVERS, SC USERS networks: 10.149.2.0/26, 10.149.4.0/26, 10.149.6.0/26, 10.149.8.0/26, 10.149.10.0/26, 10.149.12.0/26, 10.149.14.0/26, 10.149.16.0/26, 10.149.18.0/26, 10.149.20.0/26, 10.149.22.0/26, 10.149.24.0/26
4) Accounts starting with "pt*"

## Vulnerability reports
The tasks indicate where the vulnerabilities are located: on Gate hosts or in the DMZ and further within the infrastructure. Reports on vulnerabilities found in Gate are automatically verified upon flag submission. Reports on vulnerabilities found in the DMZ and within the infrastructure are verified by the jury.  
 
When reporting a vulnerability, make sure to note where it was found. If it was discovered on Gate hosts, open the report in the relevant tab, select the vulnerability, and submit the flag. If it was found in the DMZ and further within the infrastructure, fill out a report for the jury.

City Housing & Utilities

BigBRO

The Central Bank of Standoff is State F's financial regulator and supervisor. Consumer financial services are provided by three commercial banks:
— Commercial Bank of Standoff. Offers international money transfers via SWIFTNet.
— First Partner Bank. Supports QR code payments in its mobile app.
— Global Digital Bank. Provides services exclusively online, without brick-and-mortar locations or tellers.
 
**Scope**
External perimeter:
10.124.0.128/26
10.124.0.192/26
10.124.1.0/26
10.124.1.64/26
Domains: cbs.stf, cb.stf, fpb.stf, gdb.stf

To access the cyberrange, set up a VPN connection following the instructions provided in the <a href="https://range.standoff365.com/battle/5?section=report&tab=accessAndResources">"Access and resources"</a>. 
 
Important notes on this cyberrange segment:
1. Hosts come in different difficulty levels, ranging from beginner-friendly to expert-level.
2. The main goal is to trigger critical events. You can also find and report vulnerabilities on some hosts.
3. Triggering a critical event will bring you points. The higher the difficulty level, the more points up for grabs. Your performance will count towards your Standoff Cyberrange ranking.

Standoff 11

Scope

Out of scope:

Vulnerability reports

Results