While devteam are baking services for the finals (it's our teamlead's laptop at photo, no jokes), we have great surprise for you!
It's online-tour of our traditional olympiad: it'll start exactly in one day, April 5 at 12:00MSK and will lasts 72 hours. Everyone can take part in it and we'll invite best russian students to Yekaterinburg! Link to the checksystem will be published here tommorow. Thanks to Coordination Center for TLD RU/РФ for supporting our olympiad. Btw, April 7 is the birthday of RU TLD, this year it will turn 25 years old! Congratulations!

Here it is: https://olymp.ruc.tf

Let's go!
https://olymp.ruc.tf
We'll add some additional tasks today and some tomorrow.

New challenges has been released! Next part will be published tomorrow
https://olymp.ruc.tf

@keltecc is going to sleep, so the only PoC of Olymp Quals for this night is @ktwzk

Only 5 hours are left until the end of the contest. Hurry up!

The contest was finished! Thank you for participating. Results will be published tomorrow. If you want to discuss about challenges, please join chat @ructf_olymp

Tasks’ repo is opened!
https://github.com/HackerDom/ructf-2019-olymp-quals

It's time to publish the results of the Olymp Quals. If you're student from Russia and have got more than 1000 points, congratulations! We're ready to invite you to the Olymp Finals and will write you letter today or tomorrow. Here is all of the finalists and some other non-student participants in one pic, find yourself!

Btw, you can try to solve tasks at olymp.ruc.tf, submissions will not affect scoreboard, but all services is up.

We've already published timetable of the RuCTF Conference on https://RuCTF.org/events and going to start telling you more about all the talks on monday. In the meantime, briefly: a lot about Web by Digital Security, Mail.ru and c00kies, social engeneering by pranker Lexus, hardware vulnerabilites by Egor "Xarlan" Litvinov and Hardware Village, a bit about simplification of work with Hex Rays from Groke, Lockpick-section and quests in HackZone, non-technical talks by Dmitriy Sklyarov from Positive Technologies and Sergey Krasnov from USSC. And, of course, traditional battles and discussion about future of CTF in Russia!

Let's get acquainted with our speakers starting with Dmitry Sklyarov and Sergey Krasnov!

Dmitry Sklyarov has prepared a report "20 years in Information Security ". In this report he will tell how the world of information security has changed in the last 20 years from the point of view of a researcher.
Dmitry has been taking part in our conference as a reporter for many years. Now he is the head of the department of Positive Technologies application analysis, he is working in the field of information security more than 18 years. He is a developer of an algorithm of Advanced eBook Processor program, published by Moscow company "Elcomsoft" and designed for creation of ebook backup copies in Adobe PDF format.

On the second day of the conference Sergey Krasnov, the the head of the USSC Safety analysis department, will speak on the topic "Work of pentesters team".

He will tell about everyday work of a pentester: what problems he faces, what interesting is in his work. Also he will answer the main question: why should you do it?
The format of the speech is several interesting life stories with technical peculiarities and other inside details!

We continue to introudce you our speakers! On the first day of the conference Denis Rybin and Ilja Bulatov from Digital Security will tell us about security in web.

During his talk "Useful Burp Suite plugins and another tips and tricks" Denis will show us how we can use Burp Suite in 2019 effectively, quickly tells us about base functionality and delve into the most interesting, in his opinion, fresh plugins.

During the speech you will learn what useful checks cover the plugins which were mentioned, how they let you optimize the work with the area of the attack, and also what drawbacks they have.

Right after Denis, Ilja will give a speech "From memory leak to RCE: how dangerous can be processing of mediafiles".

The speech is devoted to the analysis of attacks on web apps, which process media files. You will learn what unsafe processing of images, video/audio files, documents and archives may lead to, and also you will see the examples of exploitation of vulnerabilities.

You will see XXE-attacks in XML-documents, why ImageMagick and ffmpeg are security holes, attacks through MetaData of media files, tools for exploitation of vulnerabilities in processing media files.