1. Eligibility:
   • Any student from the Bucharest University of Economic Studies
   • For 2023 edition students from other universities can participate based on invitation
2. Fair Play:
   • The objective of the contest is to promote ethical hacking and responsible disclosure of security vulnerabilities.
   • Any malicious or destructive actions, including disrupting the CTF infrastructure or other participants’ activities is prohibited.
3. Team Size:
   • The contest will take place in teams.
   • Each participant must register individually
   • Teams will be formed 2-3 days before the event. Team size will be announced later.
4. Registration:
   • Registration is done individually by filling up the previous linked form
   • Teams will be defined on the CTF platform and individual participant can enroll
5. Scoring:
   • Each challenge has a predefined number of points, which are visible on the CTF platform
   • By solving a challenge, each team will get a flag (a string value) which must be submitted into the CTF platform. If the flag is correct, the team will be awarded with a number of points
   • After a number of successful flags submissions for a challenge, the points will be decreased by 50%
   • Explain how points are awarded for solving challenges.
   • In case of a tie the team with the most solved challenges will have .
6. Flag Submission:
   • Each challenge has a flag with the format {ISMCTF………}
   • Flags will be submitted using the CTF platform. Each challenge has a submission button
   • After the submission the team will get the points and a success message. If the flag is not correct, you get a warning
7. Cheating:
   • Cheating by sharing flags with other teams is prohibited
   • Getting help from non-participants is prohibited
   • Helping others is allowed but don’t share the flags
8. Disqualification:
   • Teams that solve challenges with the help of non-participants will be disqualified
   • Teams that attack the CTS infrastructure or other teams environments will be disqualified
9. Privacy and Data Handling:
   • Personal data collected by the registration form will be used only to organize the ISM CTF contest. Personal data may be used to cover the legal procedure related with awarding the winners
   • Personal data will not be published or shared with third parties
   • The teams names and score will be available to all participants on the CTF platform
10. Event Schedule:
    • Share the schedule of the CTF, including start and end times, and any specific times for challenge releases or scoring updates.
11. Prizes and Awards:
    • Knowledge and friends
    • … and others provided by our sponsors
12. Event Modifications:
    • Reserve the right to make rule modifications or address unforeseen issues as necessary.
    • Clearly communicate any rule changes to participants.
13. Liability and Waivers:
    • Organizers will provide the infrastructure (access to cyber range/ remote machines / virtual images) required to do the challenges
    • Any action conducted in the cyber range or on the given virtual machines, with the purpose of solving the challenge, is allowed
    • Participants are responsible for their actions outside the cyber range / provided infrastructure
14. Post-Event :
    • Explain what will happen after the event, such as the publication of solutions and results, and the distribution of certificates.
15. Contact Information:
    • For questions, concerns, or technical issues please use the contact information available on the contact page

# CTF Contest Code of Conduct

## Overview

The CTF Contest organizers are committed to providing an enjoyable and respectful environment for all participants. This code of conduct outlines our expectations for behavior and interactions during the event.

By participating in the CTF Contest, you agree to adhere to this code of conduct. We expect all participants to treat each other with respect, foster a culture of inclusivity, and prioritize ethical hacking practices.

## Code of Conduct

### Respect and Inclusivity

1. **Respect**: Treat all participants, organizers, and sponsors with respect, courtesy, and professionalism. Discrimination, harassment, or offensive behavior will not be tolerated.

2. **Inclusivity**: We welcome participants from diverse backgrounds and skill levels. Encourage and support others in their learning and hacking journey. Avoid exclusionary language or actions.

### Ethical Hacking

3. **Ethical Hacking**: The CTF contest is intended for ethical hacking and learning purposes. Unauthorized access, malicious activities, or any actions that may cause harm to systems or networks outside of this CTF are strictly prohibited.

4. **Responsible Disclosure**: If you discover vulnerabilities or issues during the contest, report them responsibly to the organizers or sponsors.

### Fair Play

5. **Fair Play**: Engage in fair competition. Do not cheat, use unauthorized tools or share flags or solutions with non-participants.

### Privacy and Data Handling

6. **Privacy**: Respect the privacy of others. Do not share personal information or data without consent.

7. **Data Handling**: Handle data provided during the contest with care and respect any data use restrictions specified by the organizers.

### Code Modifications

8. **Code Modifications**: Do not make unauthorized changes to the CTF infrastructure or any code provided by the organizers.

### Reporting Violations

9. **Reporting Violations**: If you witness or experience any violations of this code of conduct, please report them to the organizers promptly.

## Consequences

Violations of this code of conduct may result in actions such as warnings, disqualification, removal from the event, or reporting to relevant authorities, depending on the severity of the violation.

## Contact Information

If you have questions, concerns, or need to report a violation of this code of conduct, please contact the event organizers.

Thank you for your participation and cooperation in making the CTF Contest a positive and inclusive experience for all.