We have no idea why the CTF server keeps crashing...🤔

ESXi restarting, purple screen...There are no VM escape vulnerabilities in the CTF. Please do not attempt anything like that.

Having trouble cracking hashes on paper submissions? What might someone say to you a border crossing?

If you are unsure if you have a flag, feel free to submit it to the scoreboard to check, if it is wrong it will simply have you wait a minute before trying again. This does not mean brute force the scoreboard (which is against the rules).

Lots of questions about LDAP, we are waiting for the challenge creator (who is not at DerbyCon) to get back to us...We don't know if cracked passwords should work anywhere but the word on the street is they don't...

hopefully some duct tape and bailing wire improvements to .59

Note: It is against the rules to change passwords, flags, or anything else to prevent others from gaining access/scoring/etc.

Have you closely examined the least significant bits of the WAV file?

So for those still working help.wav; once you have a byte array the 17th and 18th bytes, a[16..17], are a short giving the message length

flagsfuflags - If you want a challenge coin come up and see us! Nice work on the wav file

Have you tried making wordlists from keywords in the context of the challenge instead of RockYou or similar?

Prizes will be awarded in the main CTF room (Salon F) at 12:15pm. Please have your password ready to verify your team. (We would never store passwords plaintext LOL)

Congrats to the winning teams!

How did you pwn the SQL box? No Metasploit module needed...DerpyDB had impersonation rights to SA...

If you happen to do a challenge write up, please let us know and we'll be happy to retweet for others

If you want to know how to decode that wav

By the way the signature key on the JWT that was "DerpyCon"

Here's my write-up/approach of 3 Challenges from #DerbyConCTF (HerpDerp.DLL, DerpyConFS/DB, kc57_final_fu.exe): wp.me/p2bpi7-t2 derbyconctf

We finished 2nd place in the DerbyCon CTF and have provided a write up of some of the challenges 😎 A big thanks to the derbyconctf team as always! #derbycon labs.nettitude.com/blog/derbycon-…

For those of you that may have earned a challenge coin during the CTF: trustedsec.com/2019/09/cracki…