After three days of fierce competition, we have the winners of this year's Metasploit community CTF. We've included some high-level stats from the game below; check out the scoreboard here. If you played the CTF this weekend and want to let the Metasploit team know which challenges you found exhilarating, interesting, or infuriating (in a good way, of course), we have a survey up here: https://r-7.co/MSFchallenges18.
Congratulations to everyone who teamed up with community members, learned something new, or captured flags. The collaboration we saw on Slack and beyond gave us, as they say, all the feels.
We'll be in touch with winners shortly to arrange prize delivery. Big thanks to Ixia and CTFd for providing technology that helped power the game, and thanks to our friends at Hack The Box for chipping in some sweet prizes!
- Nearly 600 teams logged in and played over the course of the game.
- Four teams captured all 15 flags:
exit. There were a few truly epic challenges; props to everyone who persevered in deconstructing the house of cards the Metasploit engineering team built for the community.
- 214 teams made it onto the scoreboard. Congrats to all of you who captured your first-ever flag in this year's game!
3 of Diamondshad the highest number of solves (158), followed closely by
10 of Hearts(145).
9 of Spadeswas our least-solved challenge (a joint sinn3r and shellfail production).
- 786 correct MD5 hashes were submitted. We got 3,431 incorrect submissions. That
8 of Trollswas brutal, we know.
As in previous years, it's possible that the hacker community will come out with detailed write-ups on how they solved some or all of this year's challenges. We'll list these here as they roll in. EDIT: See list at end of post.
Cheers to everyone who made the 2018 competition a memorable affair, not least of all our diabolical yet lovable gamemakers: sinn3r, wvu, space, tychos moose, surefire, shellfail, juggernot, erinbleiweiss, pebarry, and the inimitable busterb. May your shells be merry and bright.
Thanks to B0rn2r00t and the rest of the Metasploit Slack community for getting these together!