Kitchen's closed!! We hope you had fun playing this year's Hack.lu! Don't forget to give us feedback: https://flu.xxx/feedback for next year! You can also give a rating on ctftime: https://ctftime.org/event/1727. Feel free to share write-ups. Check CTF-Time and Discord (You can check the pinned messages) See you next year 😃 🍻

And of course special congratz to the top 3 teams! 🥳 🏆 🥇 organizers 🥈 justCatTheFish 🥉 💦

We added babyelectronV2 to account for an unintended solution. If you solved the Challenge via getting RCE, you are able to get both flags. If you got the first flag via any other method, you can try again hacking your way into babyelectronV2 via RCE on the bot. The files have been sligthly updated, so you can see where the flag is.

Since the top teams already solved scrambled packets we decided to provide a clarification for challenge scrambling packets: There is one packet missing in the pcapng of the old challenge files. We released new files, where everything should be fixed! We contemplated about the announcement in an effort to avoid distorting the competition between the top teams. Sorry for the inconvenience.

There was a slight mess-up that prevented the intended solution from working. We updated the challenge files and server and we confirmed that the reference exploit works now. Sorry for the inconvenience!

We overscrambled our packets and now there is one character wrong in the flag. You can still solve the challenge, and make an educated guess at the correct flag. Sorry about that.

Please note that the patches we applied to the target are intended to aid in exploitation over the network. The changes are not intended to introduce any vulnerabilities.

Our code is highly sophisticated and you need custom tooling to interact with it. Your standard network cat won't do it.