Standoff 13 main stage
Banking system
The Central Bank of Standoff is the country's financial regulator. Consumer financial services are provided by three commercial banks. The Commercial Bank of Standoff, which has many offices across the country, caters to companies and organizations. First Partner Bank manages merchant accounts and enables QR code payments and fast transactions. Global Digital Bank has only one branch office as it is fully automated; the bank's applications are cloud-based.
Scope
Outer perimeter:
combs.stf 10.119.10.64/26
centralb.stf 10.119.10.128/26
firstpb.stf 10.119.10.192/26
glodb.stf 10.119.11.0/26
combs.stf 10.119.10.64/26
centralb.stf 10.119.10.128/26
firstpb.stf 10.119.10.192/26
glodb.stf 10.119.11.0/26
Inner perimeter:
combs.stf 10.149.2.0/23
centralb.stf 10.149.4.0/23
firstpb.stf 10.149.6.0/23
glodb.stf 10.149.8.0/23
combs.stf 10.149.2.0/23
centralb.stf 10.149.4.0/23
firstpb.stf 10.149.6.0/23
glodb.stf 10.149.8.0/23
Out of scope:
- all servers named logc.<office>.stf
- network 10.119.1.0/24
- SC SERVERS, SC USERS networks: 10.149.2.0/26, 10.149.4.0/26, 10.149.6.0/26, 10.149.8.0/26, 10.149.10.0/26, 10.149.12.0/26, 10.149.14.0/26, 10.149.16.0/26, 10.149.18.0/26, 10.149.20.0/26, 10.149.22.0/26, 10.149.24.0/26
- Accounts starting with "pt*"
Vulnerability reports
The tasks indicate where the vulnerabilities are located: on Gate hosts or in the DMZ and further within the infrastructure. Reports on vulnerabilities found in Gate are automatically verified upon flag submission. Reports on vulnerabilities found in the DMZ and within the infrastructure are verified by the jury.
When reporting a vulnerability, make sure to note where it was found. If it was discovered on Gate hosts, open the report in the relevant tab, select the vulnerability, and submit the flag. If it was found in the DMZ and further within the infrastructure, fill out a report for the jury.
Attacker metrics
Critical events
167reports
submitted
submitted
133critical events
triggered
triggered
Loading data
Difficulty:
Low
Medium
High
Master
Vulnerabilities
0vulnerabilities
discovered
discovered
Severity:
Critical: undefined
High: undefined
Medium: undefined
Low: undefined
Defender metrics
0
incidents
recorded
recorded
0
critical events
investigated
investigated
Results
Rank
Team
Triggered events
Event points
Discovered vulnerabilities
Vulnerability points
Total points
1RHTxF13xSHD
17
79,139
0
0
79,139
2DreamTeam
14
53,214
0
0
53,214
3Jet_Infosystems
9
43,829
0
0
43,829
4
Bulba Hackers
9
41,183
0
0
41,183
5
Wetox
9
32,639
0
0
32,639
6
True0xA3
7
28,981
0
0
28,981
7
Crypto Apes
9
22,187
0
0
22,187
8
GISCYBERTEAM
9
21,136
0
0
21,136
9
TSARKA
6
15,548
0
0
15,548
10
Kibers
6
14,765
0
0
14,765
11
MG.RT
5
14,329
0
0
14,329
12
cR4.sh
5
9,937
0
0
9,937
13
Radiant0x2A
5
8,915
0
0
8,915
14
Data
4
7,145
0
0
7,145
15
ℭ𝔲𝔩𝔱
4
6,000
0
0
6,000
16
SecWare
3
5,414
0
0
5,414
17
DeteAct × SPbCTF
5
5,000
0
0
5,000
18
only_f4st
4
4,000
0
0
4,000
18
EvilBunnyWrote
3
4,000
0
0
4,000