Ticket Challenge

Countdown Challenges – Win Free Tickets to AppSec EU Research 2013!

The Ticket Challenge is closed now.

Winner of the Ticket Challenges

  • 1′st challenge: Kostiantyn Ilin, Ukraine
  • 2′nd challenge: Bart Leppens, @bmantra, Belgium
  • 3′rd challenge: tunelko, Spain
  • 4′th challenge: Christoph Kolbicz, Switzerland
  • 5′th challenge: Michi, Switzerland
  • 6′th challenge: Andrey Saprykin, sphyrath, Russia
  • 7′th challenge: Hannes Trunde, Austria
  • best solutions: Kasperle, Germany
  • best solutions: Kori, Belgium

Closed Ticket Challenges

Solutions can still be provided to closed challenges and will be graded, but they are not valid to win a ticket anymore.

1′st challenge

The first challenge was closed 29th of March 2013.
First OWASP AppSecEU Research 2013 Ticket Challenge @ Hacking Labs

2′nd challenge

The second challenge was closed 19th of April 2013.
Second OWASP AppSecEU Research 2013 Ticket Challenge @ Hacking Labs

3′rd challenge

The third challenge was closed 21th of May 2013.
Third OWASP AppSecEU Research 2013 Ticket Challenge @ Hacking Labs

4′th challenge

The fourth challenge was closed 15th of June 2013.
Fourth OWASP AppSecEU Research 2013 Ticket Challenge @ Hacking Labs

5′th challenge

The fifth challenge was closed 7th of July 2013.
Fifth OWASP AppSecEU Research 2013 Ticket Challenge @ Hacking Labs

6′th challenge

The sixth challenge was closed 24th of July 2013.
Sixth OWASP AppSecEU Research 2013 Ticket Challenge @ Hacking Labs

7′th challenge

The sixth challenge was closed 14th of August 2013.
Seventh OWASP AppSecEU Research 2013 Ticket Challenge @ Hacking Labs

The Challenge, Thanks you

Do you want to join us in Hamburg for free? There will be a challenge posted every month up until the event in August. The winner of each challenge will get free ticket for the conference, worth about €420. Be sure to sign up for the conference mailing list to get a monthly reminder.

Links to the Ticket Challenges see above.

How to Win

Each challenge will be announced on appsec.eu, the conference wiki page and the conference mailing list. Simply follow the link to the current challenge, login, and follow the instructions for the challenge. Provide your solution, which then will be marked. The challenge will be opened right after the announcement and will be closed 3 weeks later. The winner will be rewarded a free conference ticket a few days later.

The organizing committee will review the provided solutions and accept or reject it. While the challenge is open, rejected solutions can be enhanced and submitted again. If there are equal solutions at the end of the challenge, the first submitted one wins.

At end of the last challenge, right before the conference starts, additional tickets will be given to the best provided solutions over all submitted solutions.

The free ticket is personal, it cannot be transferred. The judgement of the organizing committee can not be disputed.

How it Works

Each challenge will have its unique link and will be open for 4 weeks after announcement.
If you follow the link, the site will ask for login (see Login directly (Existing Hacking-Lab Account)), or to sign-up (see Sign-up a new Hacking-Lab Account) if you don’t have a login. You may use your existing account, or sign-up for a new one.
To participate on the challenge, you need an account at Hacking-Lab. You just need an email address for that and you can use a nickname of your choice. Only the nickname will be public.

Detailled instructions

Step 1:
  • (Download VMware Player or VirtualBox if you don’t have it yet installed)
  • Prepare your client with a preconfigured virtual host in VMware Player or VirtualBox.
  • Install the LiveCD image in your virtual host. It can be downloaded at hacking-lab.com.
Step 2:

Follow the link from your mail or posted at appsec.eu or the conference wiki.

Step 3:


Step 4:

After login you’ll see the list of Running Events. Switch to the challenge
AppSec EU 2013 Ticket Challenge 7

Step 5:

To solve the task you need setup a (Open)VPN connection to the Hacking Lab.

Step 6:

Connect to hacking-lab.com after starting your Live-CD from within your virtual host.

Step 7:

To complete the task (event), send your description of the vulnerability including an exploit and a description for mitigations using the provided Send Solution button.

Good luck!!