The 2019 Pixels Camp CTF chronicles
Just like last year, we were present during the 3 days at the third edition of Pixels Camp, the largest and best developer conference in Portugal.
In addition to the Probely stand where we had the chance to collect lots of good feedback from the developers attending the event, we organized another edition of the Pixels Camp Security CTF. And it was a blast!
The CTF consisted of a series of 16 challenges, four for each category: Web Hacking, Forensics, Pwnable and Trivia. During the 3 hours each team rushed to solve the challenges as quickly as possible. Before the CTF itself, each team had to qualify by going through 5 challenges, to prove that they would be able to solve the challenges at the CTF.
The first person to solve the Qualifiers challenges was Manuel Sousa. Congrats!
This year we reduced the points each Trivia challenge was worth, for them to have a smaller weigh on the classification. We wanted the Trivia to be just a warm-up and for people to have some fun answering them. The objective was achieved, as all teams preferred this model.
We had another novelty: a physical challenge. This involved going through a deck of playing cards, sealed in an evidence bag. The objective was to decrypt a message hidden in the cards.
This year, the winner was the team Eu vi mas não exploitei which can be roughly translated to I saw but I did not exploit. But these guys actually did exploit our challenges and won with a fair advantage. Congrats Yevgen, Zezadas, Armysick, and Nuno Humberto.
Some of them had extra fun during the event, responsibly disclosing a 0-day in a blockchain startup whose technology was in use at the event.
As usual, we are going to publish the challenges from the Qualifiers and from the CTF, but only those that were solved. The others… maybe they’ll show up in the Qualifiers for next year!
A big thank you to all participants and to Pixels Camp for hosting us and huge thanks to tomahock and serranos for helping us with the challenges!
The Probely team