[ mainpage :: register :: conference :: training :: the venue ]
[ capture the flag (CTF) :: zone-h/hitb hacking challenge :: bzflag ]
[ call for papers (CFP) :: conference agenda :: sponsors :: press/media :: forum ]
[ conference kit (PDF) :: past conferences :: contact us ]

Keynote Videos Now Available for Download

Day 1 Keynote: Bruce Schneier - Schneier on Security
Day 2 Keynote: Jeremiah Grossman - Hacks Happen


Filed under: Main Page — Administrator @ 1:59 pm


Unlike previous years, this year CTF will be opened to every individual, everyone with a wireless enabled laptop can play. The objectives of the game is for players to gain as many points as possible by cracking and reversing binaries. Players will be able to download the binaries onto their laptops, analyze them and try to get the flags out of the binaries and submit them to the score server. The binaries will have challenges ranging from buffer overflows, format string and so on. As such, the following skills are needed:

- Reverse engineering
- Binary analysis
- Debugging
- Exploit writting


To make things more interesting, this year players will also need to finish the 4 levels of Zone-H/HITB Hack Game (the rules of the Zone-H game still applies) before they can get their hands on the first binary. If the player fails to finish the Zone-H/HITB Hackgame, they will not be allowed to compete for CTF. Each player will only get one chance.


Since this year’s CTF will feature the Zone-h/HITB Hackgame in it, the scoring will be devided into two parts.

For the first part, in order to score an offensive point, the player will need to complete a Zone-h/HITB hackgame level. Once he/she finishes all four levels (Zone-H/HITB Hackgame rules apply), the points accumulated will be added to their CtF points.

For the second part, the player will be presented with the first binary. The player will need to crack the binary in order to get the flag and submit it to the score server. The player will need to do the same for the rest of the binaries too. In the event of a tie, the winner shall be determined by fastest time of submission.

* Offensive Points: Gained by cracking binaries and submitting the flags to the score server.


- No flooding and/or DoS attack. Players will be penalized by disqualification, points deduction or time penalty.
- No harassment of other opponents.
- All participants must obey PIT STOP calls. PIT STOP calls are rest intervals where all players must leave the game area to facilitate for the CtF judges to update the score, and/or do maintenance work etc.

Final Judgement

At all times, the decision of the CtF Organizing Team is final on any matter in question.


1st Place

1 x VIP Pass to HITBSecConf2008 - Malaysia (Training + Conference)
1 x VIP Pass to HITBSecConf2009 - Dubai (Training Only)

2nd Place

1 x VIP Pass to HITBSecConf2008 - Malaysia (Training + Conference)
1 x VIP Pass to HITBSecConf2009 - Dubai (Conference Only)

3rd Place

1 x VIP Pass to HITBSecConf2008 - Malaysia (Conference Only)
1 x VIP Pass to HITBSecCon2009 - Dubai (Conference Only)

Source Code

The CTF organizing team reserve the rights to release or not to release the source code of the services during the game.


The HITBSecConf organizing committe would like to give shoutouts, ninja greetz and ghetto loves to The Ghetto Hackers, who came out with the attack and defense concept for the CtF game. Much love also to the current organizers of Defcon’s CTF, kenshoto!

To register, send your details via email to ctfinfo -at- hackinthebox.org

Event Organizer

Hack In The Box (M) Sdn. Bhd.

Event Partner



Supported & Endorsed By

UAE Telecommunications Regulatory Authority (TRA)

Malaysian Communications and Multimedia Commission (MCMC)

Malaysian Administrative Modernisation & Management Planning Unit

Platinum Sponsors

Titanium Sponsor (Post Conference Reception)


Gold Sponsors


Microsoft Corporation

Official Media Partner (Magazine)

Network Middle East

Arabian Computer News

ITP Business

Official Airline Partner

Emirates Airlines

Our Speakers are Supported By

Bellua Asia Pacific

Supporting Media:

Virus Bulletin

Virus Bulletin (VB)

InfoSec News

(ISN) InfoSec News

InfoSec News

XAKEP (Russia)

Insecure Magazine

PHRACK Magazine

Hakin9 Magazine

Supporting Organizations


ISECOM - Insititue for Security and Open Methodologies

ISACA Malaysia

IT Underground

X-Focus China

Zone-H Defacement Mirror

Xatrix Security

Special Interest Group in Security & Information InteGrity Singapore