Compete against the best security experts in these 3 challenges, requiring diverse skills such as reverse-engineering, web, pwning and cryptography.
Place yourself among the best and attempt to win free conference tickets!
Infra sponsored by goo.gle/ctfsponsorship.
/!\ The challenge is now over but you can still download the files and try the different stages locally!
Will you solve our 3 challenges?
Everything is provided for you to reproduce each challenge locally, use it!
Discord bot tutorial
Remote instances of the challenges are delivered by our Discord bot (HexaBot#0421). Use them to exploit the real target and obtain the flag.
Send $help to HexaBot in private message. Make sure the bot is also allowed to send you private messages ;-)
Some challenges will require you to compute a Proof of Work using hashcash.
Here is an example of a standard request for instance:
- $gdpr consent
- $web register YOUR.IP.ADDR.XX
- > Your IP address has been registered
- $web getpow
- > Generate a challenge with hashcash -mb28 0d4692cd43807a750433fff2
- $web spawn 1:28:230610:0d4692cd43807a750433fff2::Dbe42gSRgv8x/i7I:000000000000000000000000000000000000ce9SO
- > Challenge ok. Creating your instance. Please wait.
- > Please connect at https://658dad15-5390-4bbf-89fd-8cf3ad0090e8.domain.tld/
If you're a student, don't forget to inform the bot with: $status student
IoT: ARMlessRouter ⭐
This pwn2own-style challenge will allow you to remotely compromise an ARM router.
- 1. Map the attack surface
- 2. Exploit the vulnerable service
- 3. Retrieve the flag
Files: files.tgz
Web/Crypto: AlmostIsoSerial ⭐⭐
Have you ever analyzed a java application with some viewstate mechanisms? How can someone protect themselves against deserialization while allowing it? Anyway, take a deep look at our application. Be careful, some security mechanisms are present.
Sources: sources.7z
Pre-configured VM: vm.7z
RE/pwn: KVSRV ⭐⭐⭐
A secure database service application has been ported to Linux, but it may not be as secure as it seems. Can you crack the communication protocol and find a flaw in the code that will let you access the flag? This challenge requires reverse engineering and exploitation skills.
Files: files.zip
Prizes
Win awesome rewards
Solving the 3 challenges among the first places will grant you the following prizes. In order to help those who do not have a company that could provide for expenses, accommodations will also be offered to the first student.
Global ranking
1st place: One ticket for the conference
2nd place: One ticket for the conference
3rd place: One ticket for the conference
Student ranking
1st place: One ticket for the conference + accommodations near the conference
2nd place: One ticket for the conference
3rd place: One ticket for the conference
Rules & information
How to play?
Rules
- This challenge is meant to be played alone so please respect it. It is also forbidden to share flags between players.
- One must have completed the 3 challenges in order to be eligible for prizes.
- Heavy fuzzing against our infrastructure is unnecessary and prohibited.
- Students will have to prove their belonging to a school/university in order to be eligible for the prizes.
- A short technical writeup will be required, from both students and professionals, before the end of the challenge.
- The challenge runs from the 21/06 to the 01/09, make sure to send your writeup in time at challenge@hexacon.fr.
- Hexacon's Discord server will be the preferred media for communications related with the challenge, including technical issues and potential hints.
- If you encounter any problem, please ping @challenge on Discord or contact us by email at challenge@hexacon.fr.
Flags submission
- Each challenge has a single flag following this format: HXN{[0-9a-f]{64}}.
- Flags have to be submitted by sending a private message to our bot HexaBot#0421, hosted on our Discord server. See the statement for more info.
- Please note that your Discord nickname will automatically appear on the leaderboard. Feel free to change it if you wish.
- If you do not want to use Discord, send your flags and nickname by email at challenge@hexacon.fr. However, you will not be able to benefit from all the fancy stuff we have prepared on Discord.
Everything clear, I want to play now
- Join our Discord server so you will be able to chat with HexaBot#0421 later.
- Congratz, you can now pick the challenge of your choice and pwn it.
- GL & HF! :)
Ranking 1
Professional leaderboard
Ranking 2
Student leaderboard
Write-ups 2023
Discover the winners' solutions
We're sharing the write-ups made by contestants for the second edition of this challenge. These are generously shared by the authors so feel free to thank them.
