join the event

国际网络安全大赛

“天府杯”国际网络安全大赛致力成为全球第一的破解比赛,面向所有安全从业人员公开征集参赛选手与参赛项目。参赛选手根据目标赛项设定报名参赛项目,比赛设置冠军、亚军、季军奖。大赛共设立150万美元的奖金,包含PC端、移动端与服务器端三大项,以及虚拟化 软件、操作系统软件、浏览器软件、办公软件、移动智能终端、Web服务及应用软件、DNS 服务软件、共享管理类服务软件等八大类别。
$1500000

Competition Forum

国际网络安全高峰论坛

本届高峰论坛设置1场主论坛、9场主题分论坛,共同分享交流网络安全热点话题,探讨数字世界的网络安全挑战与对策以及数字经济下的网络安全产业发展的机遇与挑战。国际网络安全高峰论坛立足西南、辐射中国,旨在打造西南地区最专业的国际网络安全盛会,推动西南地区乃至中国网络安全产业高质量发展。

Special activities

特色活动

成果发布 人才招聘
成果发布
参展企业在成果发布厅发布全新产品及技术成果,
参会观众及媒体代表现场观看成果发布内容,同时
记者可以第一时间对成果发布进行报道,有效保障
成果发布的传播效果。
了解详情 >
人才招聘
网络安全建设的核心要素是网络安全人才。
内部业务的数字化、外部监管合规压力倍
增,都催生国内政企机构对网络安全人才
的需求持续增长。为解决网络安全企业人
才紧缺的现状,由20余家网络安全企业联
合智联招聘平台发起,“网络安全人才招
聘周”主题活动,面向全网招募网安英才。
了解详情 >

Organization

组织机构

承办单位
协办单位

“天府杯”国际破解大赛规则

赛事环节:

破解大赛分为两个赛项:原创漏洞演示复现赛和产品破解赛。两个赛项的比赛相互独立,同步举行,要求各报名队伍报名时即选择赛项和赛题。参赛队伍在报名时,只能在原创漏洞演示复现赛和产品破解赛中选择一个作为参赛项目,不能同时参加两个赛项的比赛。同一单位可委派多支队伍同时参赛。所有参赛选手成功实现破解并获得奖金后,不得在任何场合公开任何漏洞信息。


原创漏洞演示复现赛。所有报名参赛队伍提前向组委会提交最少1个自己掌握的高危原创漏洞执行效果演示视频,组委会在回避制度(参赛队伍相关专家回避)下,组织裁判组(含厂商背景专家)选取10-20个原创漏洞作为入围漏洞,并对每个入围漏洞确定奖金额度(与产品破解赛相似漏洞,奖金额度设置保持同一水平),提前准备现场复现所需要的相应软硬件设备。提交入围漏洞的队伍现场演示掌握的原创漏洞利用效果,时间为5分钟。其他队伍可选择对演示的漏洞进行现场复现,复现时限为24小时以上(比赛17日下午15:00截止前可随时申请进行复现效果演示)。若出现两支以上队伍申请复现同一漏洞,可由裁判组根据现场准备好的复现必须的软硬件设备条件,确定复现队伍数量。确定原则遵循先到先得,若两支或两支以上队伍同时申请复现,则由申请队伍分别向专家组陈述复现思路,原则上选择复现思路与演示队伍思路不同的队伍优先进行复现。若申请队伍复现思路相同,则采用抽签方式确定复现队伍。复现成功且质量最高(综合考虑用时、手段等多种因素,具体由裁判组进行判定)的队伍获得赢取奖金的权利。其他队伍若完全采用了不同的技术路线和手段也成功实现了复现,可由裁判组讨论确定给予赢取奖金的权利。最终,由漏洞演示队伍、复现质量最高的复现队伍及采用不同技术路线和手段实现复现的队伍一起获得该漏洞对应奖金(如,某漏洞经裁判组确定奖金额度为6万美金,现场有1支队伍以最高质量实现了复现,且有1支队伍采用不同技术路线实现了复现,则漏洞演示队伍与上述2支队伍,每队获得1/3额度的奖金,即2万美元)。若没有队伍申请复现或没有队伍成功实现复现,则该漏洞对应奖金额度由演示队伍单独获得。建议并鼓励每支参赛队伍提供难度较大的高危原创漏洞,保证自己单独获得漏洞对应奖金。每个漏洞均将在比赛场地设立独立的复现区域,漏洞演示队伍在复现过程中不得与参与复现的队伍进行交流和提示,一经发现,取消漏洞演示队伍获得漏洞奖金的权利。


产品破解赛。组委会按照题目难度大、漏洞影响范围广、对我国有特殊影响、体现网络安全发展趋势等原则,设置包含PC端、移动端、服务器端、IOT设备等在内的18道破解题目。由各参赛队伍进行现场破解,各参赛队报名时需确定要破解的题目。每队拥有3次破解机会,每次不超过5分钟,破解成功获得相应奖金。对每一赛项,均设置最高奖金池,为题目奖金额的3倍。即,如成功破解队伍超过3支,则所有队伍均分题目奖金额3倍的总奖金。若2支以上队伍采用相同技术路线及手段完成破解,则均分一份奖金(如三支队伍A、B、C成功破解了奖金额为4万美金的一个赛题,且均利用了不同漏洞,则A、B、C三支队伍各获得4万美金奖金;如四支队伍A、B、C、D利用不同漏洞成功实现了破解,则4支队伍获得奖金为4万美金*3/4支=3万美金/支;如四支队伍A、B、C、D,C、D两支队伍用了相同漏洞实现了破解,A、B均利用了不同的漏洞实现了破解,增A、B两队各获得4万美金,C、D两队均分一份奖金,各获得2万美金)。此外,同一队伍在不同参赛项目中使用的安全漏洞不能重复,不得使用已公开漏洞,否则将判定挑战项目失败。不同题目、不同队伍之间出现撞洞,也视为同一题目中出现撞洞进行处理。


关闭

“天府杯”国际破解大赛题目

Targets & Prizes:

1.  Targets: Chrome

Equipment: Lenovo L14 i7-16G-500SSD

System: win10 21H1

Requirements: Use Chrome to browse remote URL, control the browser or System. The browser will run within VMWare Workstation, 8GB default memory.

Prizes:

RCE: $50000

RCE + Sandbox Escape: $150000

 

2.  Targets: Safari

Equipment: Macbook Pro (13inch, 2017, 16G, 256SSD) or MacBook Pro (13inch, M1, 2020, 16G, 512SSD) by request.

System: Mac OS

Requirements: Use Safari to browse remote URL, control the browser or System.

Prizes:

RCE: $40000

RCE + Sandbox Escape: $75000

M1 RCE: $60000

M1 RCE + Sandbox Escape: $120000

 

3.  Targets: Adobe PDF Reader (32 bit)

Equipment: Lenovo L14 i7-16G-500SSD

System: win10 21H1

Requirements: Use the PDF documents that had been copied to the VM to control Adobe PDF Reader or System. Adobe PDF Reader will run within VMWare Workstation, 8GB default memory.

Prizes:

RCE: $30000

RCE + Sandbox Escape: $60000

 

4.  Targets: Docker-CE

Equipment: Lenovo L14 i7-16G-500SSD

System: win10 21H1

Host OS: Ubuntu Server 20.04 (latest LTS kernel, generic flavor)

By request: server or desktop

Container: Ubuntu 20.04 (w/ SSH access) desktop

Requirements:

Escape from the container, achieve code execution with root permission on the host OS.

Notes:

Docker CE was installed according to the official guide available at https://docs.docker.com/engine/install/ubuntu/.

SSH access (root user with password) to a running container (unprivileged, w/o uidmap, w/o volume mount, default bridge network).

Prizes:

$60000

 

5.  Targets: Ubuntu 20/CentOS 8

Equipment: Lenovo L14 i7-16G-500SSD

System: Ubuntu 20.04/CentOS 8

Requirements:  Run certain program as an unprivileged user to escalate privilege and run command as root. The OS will run within VMWare Workstation, 8GB default memory. Choose one target between Ubuntu 20 and Centos 8.

Prizes:

Local Privilege Escalation: $40000

 

6.  Targets: Microsoft Exchange Server 2019

System: Windows Server 2019

Requirements:  Connect to remote server and achieve remote code execution on the target. For authenticated entry, the user can only be a low privileged one. The contestant must contact and discuss detailed configurations with the judge before the contest.

Prizes:

Authenticated: $60000

Unauthenticated: $200000

 

7.  Targets: Windows 10

Equipment: Lenovo L14 i7-16G-500SSD

System: win10 21h1

Requirements:  Run certain program as an unprivileged user to escalate privilege and run command as Administrator. The OS will run within VMWare Workstation, 8GB default memory.

Prizes:

Local Privilege Escalation: $20000

Local Privilege Escalation with Kernel-level Access: $40000

 

8.  Targets: VMware Workstation

Equipment: Lenovo L14 i7-16G-500SSD

System: win10 21h1

Requirements: Run certain programs to penetrate through and escape from the VM system, control the hosts operating System.

Prizes:

$80000

 

9.  Targets: VMware ESXi

Equipment: Lenovo L14 i7-16G-500SSD

System: win10 21h1

Requirements: Run certain programs to penetrate through and escape from the VM system, control the hosts operating System. This target requires the contestant to get the root permission of the host OS.

Prizes:

$180000

 

10.  Targets: Ubuntu + qemu-kvm

Equipment: Lenovo L14 i7-16G-500SSD

Host: Ubuntu 20.04 desktop

Use the command sudo apt-get install qemu-kvm virt-manager in the host and use default configurations to install the guest system.

Guest: Ubuntu 20.04 server

RequirementsRun certain programs to penetrate through and escape from the VM system, control the hosts operating System.

Prizes:

VM Escape within Host Sandbox: $60000

VM Escape + Host Sandbox Escape: $150000

 

11.  Targets: Parallels Desktop

Equipment: MacBook Pro (13inch, 2017, 16G, 256SSD)

System: Mac OS

GUEST: Ubuntu or windows 10 or cent OS by request.

Requirements:

Requirements: Run certain programs to penetrate through and escape from the VM system, control the hosts operating System.

Prizes:

$30000

 

12.  Targets: iPhone 13 Pro

Equipment: iPhone 13 pro 128G

System: iOS 15

Requirements: Use iPhone 13 Pro to browse remote URL, control the phone system. This target requires the contestant to bypass the PAC mitigation.

The RCE with sandbox escape or jailbreak will gain additional prizes.

Prizes:

RCE: $120000

RCE + Sandbox Escape: $180000

Remote Jailbreak: $300000

 

13.   Targets: Domestic mobile phones (Android)

Equipment:

小米:Xiaomi Mi 11

OPPOK9 黑桃 K 8G+256G标准版

VIVOS9 5G

Requirements: Use the phone to browse remote URL, escape the browser sandbox and control the phone system.

The sandbox escape with root privilege will gain additional prizes.

Prizes:

RCE+Sandbox: 30000/$4600  

RCE+Root: 50000/$7700

 

14.  Targets: Synology DS220j

Requirements: Achieve code execution on the remote device from LAN.

Prizes: $10000

 

15.  Targets: ASUS Router AX56U 热血版

Requirements: Achieve code execution on the remote device from LAN.

Prizes:

$10000

 

16.   Targets: Domestic New Energy Vehicles

Equipment: please contact us for details

Requirements: please contact us for details

Prizes: up to $50000

 


关闭

“天府杯”国际破解大赛结果

经过激烈的角逐,为期两天(2021.10.16 - 10.17)的天府杯2021国际网络安全大赛正式落下帷幕。


比赛共产生了七个奖项:


最佳产品破解奖一等奖 :昆仑实验室(Kunlun Lab)



最佳产品破解奖二等奖 :胖@奇安盘古



最佳产品破解奖三等奖 :漏洞研究院青训队



最具价值产品破解奖 :胖@奇安盘古



最佳产品创新突破奖:昆仑实验室(kunlun Lab)



最佳漏洞演示奖:STAR LABS



最佳漏洞复现奖:0x300战队



获奖名单 :原创漏洞演示复现赛奖金榜


关闭
0 0 0