Flag Format
All flags follow the Albanian National Qualifier format. Submissions not matching the regex pattern below will be rejected by the scoring engine.
ECSC_AL{s0m3_s3cur3_v4lu3}
Prohibited Actions
The following actions are strictly forbidden and will result in immediate disqualification without appeal.
- No DoS/DDoS — Any denial-of-service attacks against competition infrastructure, other teams, or external services will result in permanent ban.
- No Flag Brute-Force — Automated or mass-guessing of flag submissions is detected and will lock your account.
- No Infrastructure Scanning — Do not run Nmap, Dirbuster, Nikto, or any scanner against the CTFd platform itself. Only scan designated challenge targets.
- No Sabotage — Tampering with challenge containers, modifying flags, or disrupting shared resources is grounds for legal action.
- No Unauthorized Access — Accessing admin panels, other teams' accounts, or backend systems outside challenge scope is prohibited.
| Violation | Severity | Consequence |
|---|---|---|
| Flag brute-forcing | HIGH | Account lockout + score reset |
| DoS/DDoS attacks | CRITICAL | Immediate DQ + legal referral |
| Platform scanning | HIGH | Warning → DQ on repeat |
| Flag sharing | CRITICAL | All involved teams DQ'd |
Collaboration Policy
Forbidden
- Sharing flags, solutions, or hints between teams
- Publishing write-ups before the event officially ends
- Using shared accounts or session tokens
- Coordinating solves via any communication channel
Permitted
- Intra-team collaboration (within your own team)
- Googling public documentation and CVE databases
- Using personal notes, scripts, and local tools
- Asking admins for clarification via the ticket system
Scoring System
This competition uses dynamic scoring. Challenge point values decrease as more teams solve them. First-blood bonuses apply.
ECSC 2026 Eligibility
This qualifier serves as the official scouting event for Team Albania at the European Cyber Security Challenge 2026 in Bochum, Germany.
Requirements
- Age: 14 – 25 years old at time of ECSC finals
- Citizenship or permanent residency in Albania
- Valid government-issued ID for verification
- Willingness to participate in the national coaching program
Selection Process
- Top performers invited to face-to-face evaluation
- Coaching staff will contact candidates directly
- Final team of 10 members selected for Bochum
- Travel and accommodation funded by AKSK
Competition Timeline
Writeup Submission
Every participant who solves one or more challenges is required to submit a writeup documenting their solution methodology. Writeups are used by AKSK for evaluation and to improve future training content.
Requirements
- One writeup per solved challenge — no exceptions
- Must include: approach, tools used, and steps to obtain the flag
- Submitted as a single PDF or Markdown file per challenge
- Must be your own original work — not copied from teammates
Submission Details
- Deadline: within 24 hours after competition closes
- Send to: ctf@aksk.gov.al
- Subject:
[WRITEUP] username — challenge-name - Failure to submit may result in score disqualification
Important: Publishing writeups publicly before the competition officially closes is strictly forbidden and will result in disqualification. Writeups may only be shared publicly after organizers announce the end of the event.
Support & Contact
For technical issues, challenge clarifications, or rule disputes — use the official channels below. Response time during competition: < 15 minutes.
By registering and participating in RUHR-OF-ENGAGEMENT, you acknowledge that you have read, understood, and agree to abide by all rules listed above. Violations are reviewed by AKSK and decisions are final.