This year Insomni'hack changed quite a bit, with the conference distributed across two days instead of one. While still hosted at Palexpo in Geneva, we had larger rooms, including a different, more stylish room for the CTF:
The room was almost full, with 450 registered participants!
The CTF itself went relatively smoothly, with an intense battle at the top of the ranking throughout the contest, that lasted until the very last moments. Indeed Dragon Sector once again solved a pwnable (badger_httpd) during the last 5 minutes of the CTF, bringing them closer to Eat Sleep Pwn Repeat, although not enough to claim their usual 1st place. Therefore, congratulations to Eat Sleep Pwn Repeat for breaking the Dragons' tradition and winning the CTF! Also congratulations to Dragon Sector and p4 for their respective 2nd and 3rd place. Here is an overview of the final scoreboard:
The full scoreboard can be found on CTFTime.
All challenges were solved this year, with p4 scoring the last remaining challenge, "Automated Webmaster", within the last 10 minutes of the contest.
Besides the usual categories that you can find in most online jeopardy CTFs, we also had several more atypical categories: game hacking (3D FPS on unity), hardware (custom board), and live network challenges! Here are some statistics :
| Name | Categories | Points | Time to solve | First blood | Number of solves |
|---|---|---|---|---|---|
| vba01-baby | warmup | 63 | 00:10:46 | nsrless | 56 |
| Authentication Service | warmup, web | 85 | 00:14:59 | dcua | 40 |
| S3cureLock 1 | hardware, forensics | 153 | 00:15:30 | mushd00m | 19 |
| guessflag | warmup, pwn | 85 | 00:17:21 | Eat Sleep Pwn Repeat | 40 |
| S3cureLock 2 | hardware | 249 | 00:35:26 | Eat Sleep Pwn Repeat | 9 |
| Nightcrawler | reverse, game | 266 | 01:14:08 | p4team | 8 |
| Backdoor | web, osint | 124 | 01:20:03 | REDTEAM | 25 |
| PHuck | web | 120 | 01:29:32 | hxp | 26 |
| VBaby | warmup, web | 137 | 01:36:07 | Eat Sleep Pwn Repeat | 22 |
| X-Ray Vision | reverse, game | 307 | 01:46:19 | RootInTheMiddle | 6 |
| HardLock | reverse | 333 | 02:03:09 | Dragon Sector | 5 |
| vba03-strikeback | pwn, malware-analysis | 221 | 02:23:34 | Dragon Sector | 11 |
| vba02-bitminer | web | 142 | 02:36:03 | p4team | 21 |
| yanc | pwn | 266 | 02:47:03 | ISITDTU | 8 |
| S3cureLock 3 | reverse, shellcoding, hardware | 364 | 03:26:32 | mushd00m | 4 |
| beback | mobile | 221 | 04:00:39 | p4team | 11 |
| ByteFinex | pwn | 400 | 04:19:19 | Kartoffelpufferüberlauf | 3 |
| Secret Messaging Service | web | 364 | 04:34:22 | Dragon Sector | 4 |
| begbounty | pwn | 445 | 04:57:29 | Kartoffelpufferüberlauf | 2 |
| Aimbox | reverse, game | 159 | 05:02:01 | Sec0d | 18 |
| gogogadget | pwn | 500 | 05:23:34 | dcua | 1 |
| badger_httpd | pwn | 445 | 06:46:16 | Eat Sleep Pwn Repeat | 2 |
| Spoke | network | 500 | 07:05:11 | FIXME | 1 |
| voice-voip | network | 307 | 07:13:34 | mushd00m | 6 |
| Automated Webmaster | web | 500 | 09:53:45 | p4team | 1 |
We hope you enjoyed this 11th edition as much as we enjoyed preparing it and we hope to see you next year!