CTF LogoCTF Logo

 Showroom

 Customers

 Announcements

 Login

Archive mode

FluxFingers

Hack.lu CTF 2025

By FluxFingers

Event Information

Hack.lu CTF 2025 is organized by FluxFingers, the capture-the-flag team of Ruhr University Bochum (Germany).
For announcements and questions, join us on Discord. This will be the main communication channel during the CTF alongside the announcements page.

Who

Everyone may participate! You can play solo, but teaming up is more fun and a great way to learn from each other. Challenges range from beginner-friendly to truly formidable.

When

The CTF runs for 48 hours, just like in previous years. Keep an eye on the countdown so you're ready when things kick off.

Fri, 17 Oct 2025, 18:00 UTC — Sun, 19 Oct 2025, 18:00 UTC

What

Hack.lu CTF is a challenge-based Jeopardy event. Expect a mix of crypto, web security, reverse engineering, and binary exploitation tasks.

Rules

  • Each challenge awards a dynamic number of points based on the number of solves.
  • No DoS, automated scans, heavy traffic, or tampering with our infrastructure.
  • If something feels unintentionally easy, please report it. Bonus points may await.
  • Do not share flags or solutions with other teams. We will not tolerate flag sharing.
  • Breaking the rules means we revoke your points. No exceptions!
  • Unless stated otherwise, flags follow the format flag{.+}.

Prizes

1st Place

  • 2 x Binary Ninja licenses
  • 3 x BurpSuite Pro licenses
  • $400 sponsored by Zellic

2nd Place

  • 2 x Binary Ninja licenses
  • 2 x BurpSuite Pro licenses
  • $300 sponsored by Zellic

3rd Place

  • 1 x Binary Ninja license
  • 1 x BurpSuite Pro license
  • $200 sponsored by Zellic

4th Place

  • $100 sponsored by Zellic
  • The top-ranking teams of the competition are eligible for the placement prizes listed above.
  • We cannot send prizes to individuals from countries sanctioned by Germany, the European Union, the UK, or the US.
  • Unclaimed prizes are offered to the next eligible team.
  • To claim a prize after the competition, open a ticket on Discord and include your support token from the scoreboard profile page.
  • To receive monetary prizes, provide details for a SEPA, SWIFT, Wise, or PayPal transfer. Any transfer or conversion fees are deducted from the prize amount.
  • The organizers have the final say on prize decisions. Legal recourse is not permitted and non-cash prizes cannot be exchanged for cash.

Special Awards

Best Windows Kernel Challenge Writeup

  • 3 x OffensiveCon 2026 tickets (sponsored by Binary Gecko)

Best Binary Ninja Writeup

  • 1 x Binary Ninja license

Best 10 Academic Teams

  • Per team: 1x six months and 2x one month HackTheBox VIP+ vouchers

Best DACH Team

  • Qualification for DHM (Deutsche Hacking Meisterschaft)
  • The "Best Binary Ninja writeup" prize goes to the team that submits and publishes the best writeup for a challenge solved with Binary Ninja. Publish the writeup on CTFtime (and optionally elsewhere), then submit it via a Discord ticket before October 26th 2025, 18:00 UTC.
  • The "Best Windows Kernel Challenge Writeup" prize goes to the three players that solve the Windows Kernel challenge and submit the best writeup. Publish the writeup on CTFtime (and optionally elsewhere), submit it via Discord ticket before October 26th 2025, 18:00 UTC, and ensure those same three players attend OffensiveCon.
  • The top-ranking team from the DACH region (Germany, Austria, Switzerland) qualifies for DHM 2026 and should contact dhm@nfits.de to confirm their participation.
  • To claim a writeup prize, publish the writeup on CTFtime (and optionally elsewhere) and include the links in your Discord ticket.
  • The organizers have the final say on prize decisions. Legal recourse is not permitted and non-cash prizes cannot be exchanged for cash.

Windows Kernel Challenge Sponsor

Binary Gecko

Binary Gecko, which also runs Offensivecon, is a German company who conducts the most complex Vulnerability Research out there. We aim to be the best company in the world for talented security researchers with a "work hard - play hard" approach.

Have in-depth knowledge of kernels, browsers or hypervisors? Or think you are getting there? We want you in our team!

If you are interested in working with us, please reach out to us at careers@binarygecko.com

Prize Money Sponsor

Zellic

Zellic is a security research firm. Our targets include compilers, virtual machines, web apps, circuits, proof systems, and more. Before Zellic, we previously founded perfect blue, the #1 CTF team in 2020 and 2021. If you're smart and good at CTFs, we'd love to meet you.

We offer a complete benefits package and direct equity participation. We also offer flexible hours, remote work, and both full-time and part-time roles. Our team enjoys regular fully-funded offsites and a range of other perks.

Ask your friends: you might already know someone who works here.

To learn more, check out our blog: https://zellic.io/auditooor-grindset

Work at Zellic: jobs@zellic.io | https://zellic.io/careers | @gf_256

Meet the founders:

  • Luna: @gf_256 on Discord ( Twitter)
  • Jazzy: @jazzyzellic on Discord (Twitter)

Prize Sponsors

PortSwigger
Binary Ninja
HackTheBox

Infrastructure Sponsor

Hetzner is one of the largest web hosts and data center operators in Europe, offering dedicated servers, cloud servers, web hosting, storage products, and much more.