\n\n\n\n\n\n## Sponsors\nLA CTF would not be possible without all of these amazing sponsors!\n\n\n\n\n\n\n\n## In-Person Event\nJoin us at the Kerckhoff Grand Salon at UCLA during the CTF for speakers and other fun events!\nMore information on the schedule can be found at [https://static.lac.tf/schedule.pdf](https://static.lac.tf/schedule.pdf).\n\n## Eligibility\nAnyone can participate in LA CTF (except organizers, ACM Cyber officers, and challenge authors). However, due to various reasons, we can only award prizes to teams with a United States-based point-of-contact, and in the form of US Amazon Gift Cards. In order for a team to be eligible for UCLA-specific prizes, all members of the team must be current UCLA students.\n\n## Rules\n1. You may use any tool, subject to the restrictions below, at your disposal to attempt to solve the problems. We especially encourage the use of free and open-source tools. Google is your best friend!\n2. During the competition, each person may only be a part of **one team** total, and only members of a given team may assist in solving a challenge for that team. Do not share flags, challenge solutions, tips, hints, or otherwise implicitly or explicitly leak information about solving challenges outside your team until after the CTF is over.\n3. Each team must have a valid email address that should serve as the point of contact. UCLA students should use a @g.ucla.edu email to register for access to the UCLA-only division.\n4. There are two divisions for teams, **UCLA** and **Open**. Teams in the UCLA-only division may consist of up to **four** participants, all of which must be **current UCLA students**. Open division teams have no team size or makeup restrictions. UCLA students may choose to participate in either division but not both.\n5. No flag or hint sharing. Do **not** solicit or accept hints or guidance from any person except through official support channels. You are allowed to use technologies such as ChatGPT or Google Gemini to assist you.\n6. Do **not** attempt to attack or interfere with other teams or any servers used in this competition that are not explicitly designated for being hacked in a problem. Do not perform any sort of online bruteforce against any of our systems including challenges, such as dirbuster or nmap - it won't help. If you ever have a question about whether something is allowed, please ask!\n7. Flags are of the format `lactf{TEXT_HERE}` unless otherwise noted on the challenge description. No brute-force guessing flags. Feel free to try several flags if you're not sure, but don't try any sort of brute forcing on the scoreboard platform. If you think a flag is valid but the system isn't taking it, please contact us using one of the methods below and we'd be happy to help.\n8. Finally, **have fun and try and learn something new**!\n\n## Scoring\n1. Each problem has a point value listed. Team rankings are decided by number of points, highest to lowest. If two teams have the same number of points, the tiebreak is which team reached their top score first, excluding trivial category challenges.\n2. Challenges are subject to **dynamic scoring**: the **more** teams that solve a particular challenge, the **less** points that challenge will be worth to **all** teams who solved the challenge. There is no time score bonus awarded.\n3. The prize winning teams will be contacted by us after the contest ends. Please make sure the email used to register the team is the email you'd like us to contact. **Note: Prizes are in the form of US Amazon Gift Cards**.\n4. Teams **must** solve the `welcome/rules` challenge in order to be eligible to win prizes as a confirmation they have read the rules. The flag to solve this challenge is `lactf{i_read_the_rules}`.\n5. We reserve the right to require write-ups from the winning teams for any problems we choose as proofs of solution.\n6. In the event that a team that is ineligible for prizes wins a prize, the next eligible team will recieve that prize. It may take some time for prizes to settle; please be patient!\n7. Anyone who violates these rules will be disqualified. **All decisions made by LA CTF organizers are final**.\n\n## Prizes\nLA CTF will have prizes for both the UCLA and open sections! While there will be two sections for prizes, all of the challenges will be the same for both sections. Prizes will be given in the form of US Amazon gift cards or by arrangement.\n\nUCLA Section: The UCLA Section will be composed of teams that must consist of a maximum of four current UCLA undergraduate students.\n- 1st place: $200 + Amber Pro Smart Storage Device + 4x 3 month TryHackMe Premium vouchers\n- 2nd place: $140 + Amber Pro Smart Storage Device + 2x 3 month, 2x 1 month TryHackMe Premium vouchers\n- 3rd place: $100 + 4x 1 month TryHackMe Premium vouchers\n- 4th & 5th place: $80 + 2x 1 month TryHackMe Premium vouchers\n- 6th-10th place: $40\n\nUCLA division prizes will be distributed directly to individual team members. Amounts listed are per team, and no more than one TryHackMe voucher may go to any individual in a UCLA Division team.\n\nOpen Section: The Open Section will be composed of teams with no size limit and can be from anywhere to be eligible for prizes. All skill levels and experiences are welcomed!\n\n- 1st place: $500 + 2x 3 month TryHackMe Premium vouchers\n- 2nd place: $300 + 2x 1 month TryHackMe Premium vouchers\n- 3rd place: $200 + 1x 1 month TryHackMe Premium voucher\n- 4th & 5th place: $100\n\nOpen division prizes will be distributed to the email linked to the given winning teams. Amounts listed are per team.\n\nWriteup Prizes: A pool of at least $400 worth of prize money will be given out via writeup prizes, of which $200 is designated for UCLA students. Writeup prizes are made out to the individual or group that made and submitted a winning writeup. Writeup judgement will be done by the LA CTF Organizers collectively. Decisions made by the organizers are final. The writeup submission form will be active for 1 week after the CTF is over, and will be posted in our discord.\n\nMeme Prizes: Want to take a break and blow off steam? Post some memes in our discord to potentially win some meme prizes!\n## Support\nIf at any point you need to contact us during the competition, please join us in discord at [https://lac.tf/discord](https://lac.tf/discord) and use the #support channel for quick support.\nFor private questions before the competition starts, please email [uclacyber+lactf@gmail.com](mailto:uclacyber+lactf@gmail.com).\n\n \n\n\n\n\n\n\n## Challenge Archive\nAll of our past challenges, including deployment configs and some author solve scripts, can be found here: [https://github.com/uclaacm/lactf-archive](https://github.com/uclaacm/lactf-archive). \n\n\n","sponsors":[{"name":"Sandia National Laboratories","icon":"https://static.lac.tf/sponsors/sandia_national_laboratories.svg","description":"[**UCLA Affiliate**](https://www.cs.ucla.edu/affiliate-memberships/) Sandia strives to become the laboratory that the U.S. turns to first for technology solutions to the most challenging problems that threaten peace and freedom for our nation and the globe.","url":"https://www.sandia.gov/"},{"name":"Trail of Bits","icon":"https://static.lac.tf/sponsors/trail-of-bits.png","description":"Trail of Bits helps secure the world's most targeted organizations and products. We combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.","url":"https://www.trailofbits.com/"},{"name":"Lockheed Martin","icon":"https://static.lac.tf/sponsors/lockheed_martin.svg","description":"[**UCLA Affiliate**](https://www.cs.ucla.edu/affiliate-memberships/) Lockheed Martin is a leading global security and aerospace company, ensuring those we serve always stay ahead and ready in the defense industry.","url":"https://www.lockheedmartin.com/en-us/index.html"},{"name":"OtterSec","icon":"https://static.lac.tf/sponsors/ottersec.png","description":"OtterSec is a blockchain security company focused on identifying and patching critical exploits before our clients go to market. We work closely with leading teams to provide a holistic and collaborative approach to security.","url":"https://osec.io/"},{"name":"Amber by LatticeWork","icon":"https://static.lac.tf/sponsors/amber_latticework.png","description":"Store your data locally and access it from anywhere without subscription fees. UCLA students, join the LA CTF discord for a 30% discount.","url":"https://www.myamberlife.com/"},{"name":"CrowdStrike","icon":"https://static.lac.tf/sponsors/crowdstrike.png","description":"#WeAreCrowdStrike and our mission is to stop breaches. Since our inception, our market leading cloud-native platform has offered unparalleled protection against the most sophisticated cyberattacks.","url":"https://www.crowdstrike.com/en-us/"},{"name":"TryHackMe","icon":"https://static.lac.tf/sponsors/tryhackme.png","description":"TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!","url":"https://tryhackme.com"},{"name":"Google Cloud","icon":"https://static.lac.tf/sponsors/google_cloud.png","description":"Meet your business challenges head on with cloud computing services from Google, including data management, hybrid & multi-cloud, and AI & ML. Infra sponsored by: [https://goo.gle/ctfsponsorship](https://goo.gle/ctfsponsorship)","url":"https://goo.gle/ctfsponsorship"}],"ctfName":"LA CTF","divisions":{"ucla":"UCLA","open":"Open"},"origin":"https://platform.lac.tf","lactfPostTime":1705824000000,"startTime":1708142400000,"endTime":1708293600000,"emailEnabled":true,"userMembers":true,"faviconUrl":"https://static.lac.tf/favicon.ico","recaptcha":{"siteKey":"6LfjB34jAAAAAJlPsXGmbh5YiUnkzMVuZ7a79m68","protectedActions":["register","recover","setEmail"]}}" name="rctf-config">