Home

Awesome

This repository has been archived and is not maintained any further. Refer to alurity if you wish to access pre-built robots challenges and robotic environments.

Robotics CTF (RCTF)

<a href="http://www.aliasrobotics.com"><img src="https://camo.githubusercontent.com/668b5509ecf6909d4f900ee5be2eed822f5cf410/68747470733a2f2f7777772e6d617373726f626f746963732e6f72672f77702d636f6e74656e742f75706c6f6164732f323031392f30312f416c6961732d6c6f676f2e706e67" align="left" hspace="8" vspace="2" width="200"></a>

The Robotics Capture the Flag (Robotics CTF or RCTF) is an online playground to challenge robot security from your browser. It was designed to be online, available 24/7, launchable through your browser and designed to learn robot hacking step by step while competing with other security researchers. In an attempt to facilitate reproduction of results and further customization (common when researching vulnerabilities), this repository provides a list with open source reference scenarios that run in our Robotics CTF.

This repository contains a list of the scenarios available in the Robotics CTF.

ScenarioShort descriptionAuthor/sStatus
rctf-scenario1Unprotected topics show a lot of interesting information. Search on them to get your answer. Useful tools: rostopicaliasroboticsActive
rctf-scenario2In ROS2, even if security measures are available, not configuring them leverages to the same results as in ROS1. Useful tools: ros2 topicaliasroboticsActive
rctf-scenario3The dinosaurs are out of control, and the node that controls the gates is not letting us in. Try to guess what the node wants so you can access the next scenario.aliasroboticsActive
rctf-scenario4Even if collaborative robots are fun to play with, if they are out of control, they can be dangerous too! Try to hit our friend, Pruden, with the robot in order to get the flag.aliasroboticsActive
rctf-scenario5There is a topic that has the flag, but rostopic has been disabled. Try to use alternative methods in order to get it.aliasroboticsActive
rctf-scenario6To know more about the topics and the communications between the nodes, use our footprinting tool, called Aztarna.aliasroboticsActive

Contributing

We invite security researchers to create their own robotics security scenarios and share them with the community. We accept such contributions through Pull Request. To create your own scenario, start from this simple template.

Cite our work

Article

If you're using our work for your research, please cite us as:

@ARTICLE{rctf,
   author = {{Olalde Mendia}, G. and {Usategui San Juan}, L. and {Perez Bascaran}, X. and
	{Bilbao Calvo}, A. and {Hern{\'a}ndez Cordero}, A. and {Zamalloa Ugarte}, I. and
	{Mu{\~n}iz Rosas}, A. and {Mayoral Vilches}, D. and {Ayucar Carbajo}, U. and
	{Alzola Kirschgens}, L. and {Mayoral Vilches}, V. and {Gil-Uriarte}, E.
	},
    title = "{Robotics CTF (RCTF), a playground for robot hacking}",
  journal = {ArXiv e-prints},
archivePrefix = "arXiv",
   eprint = {1810.02690},
 primaryClass = "cs.CY",
 keywords = {Computer Science - Computers and Society, Computer Science - Robotics},
     year = 2018,
    month = oct,
   adsurl = {http://adsabs.harvard.edu/abs/2018arXiv181002690O},
  adsnote = {Provided by the SAO/NASA Astrophysics Data System}
}