Hack the eBank is an intense cybersecurity competition that simulates an online banking ecosystem that is packed with multiple web platforms and applications. Participants have the mission of exploiting the vulnerabilities they will discover, map the attack surface, use known exploits, use social engineering techniques, and accumulate as many points as possible.
Contestants earn points for successfully penetrating different applications of the system by exploiting known weaknesses, and the challenges are scaled in difficulty to reflect real-world cybersecurity scenarios. Hack the eBank Challenge will be the battleground for cyber enthusiasts looking to test their skills and creativity in a secure, yet thrilling, environment.
Contestants earn points for successfully penetrating different applications of the system by exploiting known weaknesses, and the challenges are scaled in difficulty to reflect real-world cybersecurity scenarios. Hack the eBank Challenge will be the battleground for cyber enthusiasts looking to test their skills and creativity in a secure, yet thrilling, environment.
PREVIOUS EXPERIENCE
You should be familiar with web application security.
Goal
Goal of the Competition
/ Collect multiple points by finding the flags inside the web applications;
/ Develop your skill and use your creativity to find out where the flags are located and how to reach them;
/ Use cyber skills to exploit known vulnerabilities;
/ Think out of the box and experiment social engineering techniques;
Rules
Rules of Engagement
/ Scope Definition: The scope of the competition will be explicitly defined and communicated by the organizers prior to the start of the event. Contestants must adhere to the defined scope, which may include specific targets, systems, or applications within the simulated online banking environment. Any attempts to access systems beyond the scope are strictly prohibited.
/ Denial of Service (DoS) Prohibition: Participants are strictly prohibited from engaging in any form of Denial of Service (DoS) attacks against the competition environment. This includes but is not limited to flooding, overloading, or otherwise disrupting the availability or functionality of systems.
/ Fair Play and Non-Disruption: The spirit of the competition is based on fair play and ethical hacking. Any actions intended to disrupt the competition, such as hiding or tampering the flags once found, engaging in cheating, or sabotaging the progress of other participants, will not be tolerated and may lead to immediate disqualification.
/ Compliance with Laws and Regulations: All participants are required to comply with local, national, and international laws and regulations related to computer security and ethical hacking. Any illegal activities or actions that could potentially harm the competition environment, participants, or external systems are strictly prohibited.
/ Respect for Privacy: Contestants must respect user privacy, and any personal data discovered during the competition must not be disclosed or exploited in any way. Participants are expected to handle sensitive information with the utmost care and ethics.
/ Responsible Disclosure: If participants discover unknown vulnerabilities during the competition, they should report them to the organizers. Exploitation of undisclosed vulnerabilities that were not part of the competition’s scope is prohibited.
/ Time Limitation: The competition is time-limited, and participants must adhere to the specified start and end times. All activities must cease at the conclusion of the competition.
/ Sportsmanship: Participants are expected to maintain a high level of sportsmanship throughout the competition. Any disrespectful or unsportsmanlike behavior towards fellow participants, organizers, or sponsors will not be tolerated.
/ Organizer’s Authority: The organizers have the final authority in all matters related to the competition. Their decisions are binding, and any disputes or rule violations will be addressed by the organizing committee.
/ Consequences of Violations: Violations of these rules may result in penalties, disqualification, or other actions as determined by the organizers, which may include banning participants from future competitions.
/ Hack the eBank is designed to be a challenging but fair cybersecurity competition, and adherence to these rules ensures a positive and ethical environment for all participants.
PRIZES
- 1 x Burp Suite Professional license for 1 year
- 1 x USB Rubber Ducky
- 1 x Keyboard Keylogger Kit
- 1 x Hackout Merch
REGISTRATION
- You need to have an account on CyberEDU. Register here or login here.
- Authenticate in your account and click on this link (this is required only the first time). This will give you access to a private space called “DefCamp”. See the picture below.
- Go to section Compete as instructed. You should see all the active contests.
- Click on any contest of interest and make the Pre-Registration.
- Have fun!
