Challenge

The purpose of the t2 Challenge is to have an opportunity to win free tickets to the upcoming conference.

The rules are simple: the first one to solve the Challenge will win a free ticket to the t2 conference. In addition to this, the Advisory Board will select another winner among the next ten correct answers. The criteria for the other selection is the elegance of the answer. In short, you can win with both speed and style :)

Important note: some anti-virus engines might warn that the Challenge files contain malware. That is not the case - all Challenge binaries downloaded from www.t2.fi are non-malicious and safe to analyze.

Hall of Fame

t2´09 Challenge Winners

  • Timo Hirvonen, Finland (first one to solve the challenge, both fast and elegant)
  • Mathieu Gaspard, France (best write up)

t2´08 Challenge Winners

  • Florent Marceau, France (first one to solve the challenge)
  • Fabrice Desclaux, France (best solution by means of technical accuracy and detail)

t2´07 Challenge Winners

  • William Whistler, United Kingdom
  • Fabrice Desclaux, France

t2´06 Challenge Winners

  • Pasi Parviainen, Finland
  • Samu Ristkari, Finland

t2´05 Challenge Winners

  • Pasi Parviainen, Finland
  • Matti Nikki, Finland

t2´09 Challenge [ type: Incident Response ]

Status

The challenge is over.

Description

This year you’re facing a multistage Challenge. The first stage is about analyzing the network capture. The rest depends on your skill set i.e. the challenge can be solved in various ways.

Hint: sometimes time is the key.

The first person to send the solution to the correct email address will win a free ticket to t2´09 conference. In addition to this, the Advisory Board will select another winner among the next ten correct answers. The criteria for the other selection is the elegance of the answer. In short, you can win with both speed and style. Either way the solution email must include a detailed description of methods and tools used.

Rules of the Challenge

  1. Anybody (except organizers and employees of the company that made the challenge) can participate.
  2. The answer must have a detailed description of methods and tools used.
  3. It is not allowed to publish the solution on public forums before the challenge is over.
  4. It is not allowed to modify or distribute the network capture.
  5. All rights are reserved.

Filename: T209-CHALLENGE.PCAP
Filesize: 1 899 bytes
MD5: d50107540d149eff1d16588dc5a1c1a7

Author

Oliver Gruskovnjak

t2´08 Challenge [ type: Reverse Engineering ]

Status

The challenge is over.

Description

Upon execution, T208-CHALLENGE.EXE will launch a game installer. The game binary contains a hidden email address. The first person to send the solution to the correct email address will win a free ticket to t2´08 conference. In addition to this, the Advisory Board will select another winner among the next ten correct answers. The criteria for the other selection is the elegance of the answer. In short, you can win with both speed and style. Either way the solution email must include a detailed description of methods and tools used.

Rules of the Challenge

  1. Anybody (except organizers and employees of the company that made the challenge) can participate.
  2. The answer must have a detailed description of methods and tools used.
  3. It is not allowed to publish the solution on public forums.
  4. It is not allowed to modify or distribute the binary.
  5. All rights are reserved.

Filename: T208-CHALLENGE.EXE
Filesize: 2 420 611 bytes
MD5: 5a2c821924ec38d087ac09a1f3e9d8bd

Author

Nishad Herath / Novologica

t2´07 Challenge [ type: Reverse Engineering ]

Status

The challenge is over.

Description

Upon execution, T207-CHALLENGE.EXE will ask a password from the user. If the user answers with the correct password the program prints out an email address. The first person to send the solution to the correct email address will win a free ticket to t2´07 conference. The email must also include a detailed description of methods and tools used.

Rules of the Challenge

  1. Anybody (except organizers and employees of the company that made the challenge) can participate.
  2. The answer must have a detailed description of methods and tools used.
  3. It is not allowed to publish the solution on public forums.
  4. It is not allowed to modify or distribute the binary.
  5. All rights are reserved.

Filename: T207-CHALLENGE.EXE
Filesize: 241 664 bytes
MD5: 99fa37805601aaa824f9faafb692e721

Author

Kamil Leoniak / F-Secure Antivirus Research and Response Team

t2´06 Challenge [ type: Reverse Engineering ]

Status

The challenge is over.

Description

Upon execution, T206-CHALLENGE.EXE will ask a password from the user. If the user answers with the correct password the program prints out an email address. The first person to send the solution to the correct email address will win a free ticket to t2´06 conference. The email must also include detailed a description of methods and tools used.

Rules of the Challenge

  1. Anybody (except organizers and employees of the company that made the challenge) can participate.
  2. The answer must have a detailed description of methods and tools used.
  3. It is not allowed to publish the solution on public forums.
  4. It is not allowed to modify or distribute the binary.
  5. All rights are reserved.

Filename: T206-CHALLENGE.EXE
Filesize: 36 864 bytes
MD5: 2fc9b8ce2e7e2b9bcab95211b33f4736

Author

Jarkko Turkulainen / F-Secure Antivirus Research and Response Team

t2´05 Challenge [ type: Reverse Engineering ]

Status

The challenge is over.

Description

T205-CHALLENGE.EXE contains hidden message and an email address. The first person to send the hidden message to the correct email address will win a free ticket to t2´05 conference. The email must also include a detailed description of methods and tools used.

Rules of the Challenge

  1. Anybody (except organizers and employees of the company that made the challenge) can participate but you can only win a free ticket to t2´05 if you live in Finland.
  2. The answer must have a detailed description of methods and tools used.
  3. It is not allowed to publish the solution on public forums.
  4. It is not allowed to modify or distribute the binary.
  5. All rights are reserved.

Filename: T205-CHALLENGE.EXE
Filesize: 28 160 bytes
MD5: bf5eff788e98056a3ed299ca836a3721

Authors

Jarkko Turkulainen / F-Secure Antivirus Research and Response Team
Gergely Erdélyi / F-Secure Antivirus Research and Response Team

History

The t2 Challenge was first introduced back in 2005 and it received a huge response - T205-CHALLENGE.EXE was downloaded more than 10,000 times during the first 24 hours! The t2´05 Challenge was a reverse engineering challenge, where the task was to find a hidden message and an email address inside the executable.

10 Comments so far

  1. aaronp September 7th, 2008 06:09

    Is anyone else getting the wrong md5sum for the downloaded t2-08 binary?

    I’m getting this same md5 when trying from multiple different systems:
    5a2c821924ec38d087ac09a1f3e9d8bd

    I have the correct byte count, but the md5 is still off. According to the text above the md5 should be: b93385fd2360843fb4240e4cc781b101

  2. T2 staff September 7th, 2008 10:42

    You are right! We tested this with multiple systems and the correct md5sum is 5a2c821924ec38d087ac09a1f3e9d8bd.

    $ ls -la t208-challenge.exe
    2420611 t208-challenge.exe
    $ md5sum t208-challenge.exe
    5a2c821924ec38d087ac09a1f3e9d8bd t208-challenge.exe
    $

    Corrected the checksum.

  3. Informacijos apsauga .LT » Blog Archive » T2´08 Challenge October 6th, 2008 15:59

    […] konkurso aprašymą rasite adresu http://www.t2.fi/challenge/. Ten pat rasite ir ankstesnių metų užduotis. Galite išbandyti kiek stiprūs esate šioje […]

  4. Ben August 29th, 2009 13:05

    Is the MD5 wrong again?

    Filename: T209-CHALLENGE.PCAP
    Filesize: 1 914 bytes
    MD5: 90dd41b5e525d6d7c56af0fd47c41c48

    I get this:
    $ md5sum t209-challenge.pcap
    d50107540d149eff1d16588dc5a1c1a7 t209-challenge.pcap

  5. anonymous August 29th, 2009 14:02

    T2′09 link to PCAP file seems broken … is this challenge part 1 ? ;)

  6. Tomi Tuominen August 29th, 2009 16:44

    Uhm, not quite sure what you mean?

  7. Tomi Tuominen August 29th, 2009 16:47

    @Ben Yes, we are very sorry about that. Then again this is becoming sort of a tradition ;) Please see http://www.t2.fi/2009/08/29/t209-challenge-confusion/ for details.

  8. Lifeoverip.Net Güvenlik Bülteni « Elektronik Yayın Arşivi September 19th, 2009 22:00

    […] bilgi için: http://www.frhack.org/ Yarışmalar T2´09 Challenge [ type: Incident Response ] http://www.t2.fi/challenge/ Güvenlik Eğitimleri -SANS 560-Network Penetration Testing and Ethical Hacking […]

  9. T2′09 Challenge – Security Threat Research News December 12th, 2009 15:08

    […] to t2.fi/challenge to start your […]

  10. CyberHades » Blog Archive » Solución al reto t2′09 December 20th, 2009 00:26

    […] año el reto t2′09 consistía en analizar un fichero que contenía una captura de red y a partir de ahí dependiendo […]

Leave a reply