hackyholidays

@esTseRip Hey! The last part of Graphing it Out involves finding the source code of the application, containing a command injection vulnerability. Bypassing input validation and running the command allows you to exfiltrate command output through Grafana. DM us if you want more details!

@hackyholidays Hi! Can you publish the solution of the 3rd flag of Graphing it out web challenge? The 2 writeups published in the web doesn't include it.

The results are in! Visit HackyHolidays.io to see the winners, read the write-ups and watch the cool after movie. The challenge remain open for those who still want to #unlockthecity. A big thanks to all players and organisers! #HappyHacking! youtu.be/1r_KAJT4ejs

The #HackyHolidays #UnlockTheCity results have been posted on ctftime.org/event/1687. Decryptolocker, cloud escalator part 2 and the last part of graphing it out are still missing a write-up. Will you post one on #CTFTime to help your fellow players out ;)?

The final scoreboard looks of #HackyHolidays 2022. You can deduce the top 3 winners from professionals and students yourself ;). But they will be officially anounced and congratulated on August 2. #HappyHacking!

@uUGuido @Nissen_96 @coc0a__ :| will post a correction. appologies for the scare!

#HackyHolidays #UnlocktheCity is a wrap, team bootplug was the only team to fully unlock the city and regain control. The citizens are thankful for your efforts! You can still win a prize by creating your (video) write-ups until August 1. Winners will be anounced on August 2.

@uUGuido Emulator is supposed to get you started in the right direction. You don't need the emulator in the end to solve the challenge. You have to start your own back-end in Hackazon and try your luck there.

Status Report - City Control challenge has been updated to now serve your individual instance over HTTP instead of HTTPS, similar to the original app, making debugging easier.

We're in the final stretch with less than 25 hours left on the clock. All challenges have been solved, no team has been able to solve all challenges yet. Bootplug is leading the professionals and Shell0nes leading the student teams. Who will #unlockthecity first?

@uUGuido Your local CityControl instance is now running as an HTTP service, which is supported by the CityControl application. It is not required for solving the challenge, but might make debugging easier.

Status Report: CITY CONTROL - Challenge has been changed to an individual challenge, no longer will you have to share resources with your competitors to improve stability :)

Status Report: New Hint released for "YOU CAN'T HEAR ME": not(2 or 1) => 0

The Mayor of the Smart City was hacked. Try to find out how the attackers exploited his blog! Visit hackyholidays.io to join the Capture the Flag!

@d1_dude Thanks for letting us know, should be fixed now 😋

@hackyholidays I can't connect to City Control, is there an issue with the servers?

@Kartibok Thanks for the heads up, the issue is resolved!

Status report - one of the 6 systems that run interactive challenges was unavailable from 12:00-22:00 CEST , resulting in network issues and some challenges not working for roughly 16% of the challenges. Issue is resolved.

The Downtown district has been plagued by hacked traffic lights (showing only smileys), it is dangerous to walk around in the city, with self-driving vehicles driving around erratically. Phase 3 has launched with 4 days remaining to #unlockthecity. youtu.be/5SQ0MN0xzgw

@hacint0sh Update: We changed it to the first and last qubit instead of least/most significant and swapped the target and control bit. It’s a matter of notation / definition but we hope it is more clear now!

@hacint0sh If you look at the CNOT of question three, we define the control bit as the upper qbit. Therefore: CNOT|01> translates to |01>.

Status Report, Quantum State - Challenge 4 has been fixed, can you restore the Quantum Communication to #unlockthecity on the #HackyHolidays #CaptureTheFlag?

In two days you can play the #unlockthecity #CityControl game on your #MCH2022 badge. If you are not joining MCH, you will be able to play it on the @BadgeTeamNL emulator. Sneak peak in the video :). And who knows, maybe there are some flags ;). #HackyHolidays.io

The AI has locked us out of the order system of the pet store.The pets of the city are getting hungry, can you help decrypt the data so people can order once again? Visit hackyholidays.io to #UnlockTheCity.