CTF Competition

Ph0wn, a CTF dedicated to smart devices, is over! It was a real success, with ~70 participants for this first editions. 16 teams of (a max of) 5 lined up for the competition. 11 teams managed to score in at least one challenge - we are sorry for the 5 remaining teams, but hope they had fun nevertheless. Of course, we congratulate the top 3 teams, who deserved their drone & raspberry pi gaming kits as prizes. We would also like to extend congratulations to all participants. We enjoyed the team spirit as well as... [Read More]
by RSS Axelle Apvrille  |  Dec 07, 2017  |  Filed in: Security Research
We have organized a Capture The Flag event this week. Codenamed Ph0wn, this CTF is really unique because it is dedicated to smart devices. This CTF is free and takes place this Wednesday, November 29, 2017, starting at 6pm at Campus SophiaTech, Sophia Antipolis, France - where our FortiSmart research team is located. Traditional CTFs include challenges on standard infrastructures: PCs, servers, webservers, etc. And from time to time, some CTFs feature hardware challenges. (We should probably cite Hardwear.io CTF , and RHME3 for automotive.)... [Read More]
by RSS Axelle Apvrille, Alain Forcioli  |  Nov 27, 2017  |  Filed in: Security Research
The T2 2017 conference took place on October 26 and 27, 2017 at the Radisson Blu seaside hotel in Helsinki, Finland. As in every edition, a CTF (Capture The Flag) competition is organized prior the conference, with the winner receiving a free ticket. This year, a private bug bounty was held by LähiTapiola, a well-known insurance company in Finland, under the supervision of T2 organizers through the HackerOne platform. As there were zero submissions, it was decided to reward Harri Kuosmanen, who was the LähiTapiola HackDay CTF winner. The... [Read More]
by RSS Francois Ropert    |  Nov 06, 2017  |  Filed in: Security Research
    In our last blog in this series, we discussed FortiGuard Labs’ participation in Google’s second annual Capture The Flag (CTF) competition. In this blogpost, I want to share how I solved another challenge, called“ASCII Art Client”. ChallengeDescription For this challenge, participants were given two files: a binary file aart_client and a network capture aart_client_capture.pcap. File1: aart_client File2: aart_client_capture.pcap The goal of the challenge was: This client displays nice... [Read More]
by RSS Honggang Ren  |  Jun 25, 2017  |  Filed in: Security Research