Hacker House are community sponsors at this year’s BSides London 2017 and, to celebrate, we have an exploit challenge for you. A key date in the UK security scene, it offers an alternative technical conference for the hackers and tech geeks to share war stories and learn. We are providing a challenge lab designed especially for the conference that attendees can sink disassemblers into. If you aren’t at the event, you can also hack along at home, but remember that prizes for solutions can only be claimed at our stand during the event! The challenge is provided in ISO format which you can boot in VirtualBox or any similar virtualisation software, heck you can even run it on an ATM if you like, but this is unsupported. If you solve our little brain teasing conundrums and beat the system to get root, the first three successful solutions presented to us at our stand can claim one of our awesome hoodies, check them out in our shop! This challenge is open to individuals, but if you do decide to team up, then let us know as only one prize can be claimed per solution. We are also giving several t-shirts away during the raffle so make sure you get your tickets!

Our challenge will test your elite hacking skills and requires web application, reverse engineering, cryptography and exploit abilities. It shouldn’t take the competent skilled hacker too much time, but if you do struggle then watch our social media feeds during the event for some tips to this adventure. You should run the challenge in Host-Only networking mode and on successful boot you will be presented with a console, similar to the one shown at the end of this post. You should solve the challenge from a network perspective, only solutions using this route will be accepted for prizes (unless they are really cool!).

The goal of the challenge is to hack the ISO, level up your skills and get root, come and show us how you did it if you want to claim your prize! If you are struggling with the configuration of our challenge, you can check out our training course free module, which details steps for configuring a similar lab. You can find details and upcoming dates of our training here.

Happy hacking and remember sharing is caring so post (tweet us @myhackerhouse!) or email a solution and let us know about it after the event. We will share links to the best of them on this blog! May the force be with you, young padawan, and remember that hacking isn’t just a skill – it’s a survival trade.

Game of Thrones Hacking CTF

This is a challenge-game to measure your hacking skills. Set in Game of Thrones fantasy world.


Get the 7 kingdom flags and the 4 extra content flags (3 secret flags + final battle flag). There are 11 in total.

Rules/guidelines to play:

  • Start your conquer of the seven kingdoms
  • You'll need hacking skills, no Game of Thrones knowledge is required. But if you play, it may contains spoilers of the TV series
  • Difficulty of the CTF: Medium-High
  • Don't forget to take your map (try to find it). It will guide you about the natural flag order to follow over the kingdoms
  • Listen CAREFULLY to the hints. If you are stuck, read the hints again!
  • Powerful fail2ban spells were cast everywhere. Bruteforce is not an option for this CTF (2 minutes ban penalty)
  • The flags are 32 chars strings. Keep'em all! you'll need them

Requirements/starting guide:

  • Import the Linux based CTF challenge virtual machine (OVA file)
  • OVA file is compatible with Oracle Virtualbox and Vmware
  • The challenge vm needs 1 cpu and 1512mb RAM to work properly
  • The challenge vm has its network configured by default as bridge. It will take an IP from the DHCP of your network

Downloading challenge CTF vm:


  • Vmware:
  • If you get a warning/error importing machine, press "Retry" and it will be imported flawlessly
  • Oracle Virtualbox
  • It's recommended to use "Import Appliance" menu option instead of double click on OVA file
  • If you get an error regarding network, just select your network interface

Good luck, the old gods and the new will protect you!

 _____                      ___    _____ _                       
|   __|___ _____ ___    ___|  _|  |_   _| |_ ___ ___ ___ ___ ___ 
|  |  | .'|     | -_|  | . |  _|    | | |   |  _| . |   | -_|_ -|
|_____|__,|_|_|_|___|  |___|_|      |_| |_|_|_| |___|_|_|___|___|

Designed by/Credits

Welcome to Dina 1.0.1

________                                                _________
\________\--------___       ___         ____----------/_________/
    \_______\----\\\\\\   //_ _ \\    //////-------/________/
        \______\----\\|| (( ~|~ )))  ||//------/________/
            \_____\---\\ ((\ = / ))) //----/_____/
                 \____\--\_)))  \ _)))---/____/
                       \__/  (((     (((_/
                          |  -)))  -  ))

This is my first Boot2Root - CTF VM. I hope you enjoy it.

if you run into any issue you can find me on Twitter: @touhidshaikh22

Contact: touhidshaikh22 at gmaill.com <- Feel Free to write mail

Website: http://www.touhidshaikh.com

Goal: /root/flag.txt

Level: Beginner (IF YOU STUCK ANYwhere PM me for HINT, But I don't think need any help).

Download: https://drive.google.com/file/d/0B1qWCgvhnTXgNUF6Rlp0c3Rlb0k/view

Try harder!: If you are confused or frustrated don't forget that enumeration is the key!

Feedback: This is my first boot2root - CTF Virtual Machine, please give me feedback on how to improve!

Tested: This VM was tested with:

Virtual Box 5.X

Networking: DHCP service: Enabled

**IP address**: Automatically assign


Some challenge issue reported by @eliot

Looking forward to the write-ups!

Covfefe is my Debian 9 based B2R VM, originally created as a CTF for SecTalks_BNE. It has three flags.

It is intended for beginners and requires enumeration then [spoiler]!

C0m80: 1

3mrgnc3 23 Sep 2017

C0m80 Boot2Root



This is my third public Boot2Root, This one is intended to be quite difficult compared to the last two.

But again, that being said, it will depend on you how hard it is :D

The theme with this one is all about 'enumeration, enumeration, enumeration', lateral thinking, and how to "combine" vulnerabilities in order to exploit a system.

Important Note

Once you have an IP insert it into your attack system /etc/hosts like this:

[dhcp-ip-address] C0m80.ctf

This VM will probably be different to other challenges you may have come across. With C0m80 You will be required to log in locally in the VirtualBox console window at some point. This, I know, may 'rile' some of the purists out there that say you should be able to compromise a boot2root fully remotely over a network. I agree to that in principle, and in this case I had intended to allow vnc or xrdp access. Alas, due to compatibility problems I had to make a compromise in this area in order to get the challenge published sooner rather than later.

It should be obvious at what point you need to log in. So when that time comes just pretend you are using remote desktop. ;D

Sorry, I hope you can forgive me.

Difficulty Rating

[Difficult] but depends on you really


There is only one goal here. Become God on the system and read the root flag.

I Hope You Enjoy It.

Download Link



  • File: C0m80_3mrgnc3-v1.0.ova
  • OS: WondawsXP ;D
  • VM Type: VirtualBox
  • IP Address: DHCP
  • Size: 2.7 GB


Please leave feedback and comments below. Including any info on walkthroughs anyone wishes to publish, or bugs people find in the VM Image.

Alternatively email me at 3mrgnc3 at techie dot com

When you see the ascii text that mean Born2Root's CTF challenge Is UP

  • Hack it , reach root and capture the flag.

  • Born2root is based on debian 32 bits so you can run it even if Intel VT-X isn't installed .

  • Enumeration is the key.

  • Level: Intermediate

I hope you will enjoy it !!

Machine Name: BTRSys2


Difficulty : Beginner / Intermediate

Format : Virtual Machine (VMware)

Description : This is a boot2root machine particularly educational for beginners. Follow us for next BTRSys systems. We hope you enjoy it!

twitter: btrisk

Machine Name: BTRSys1


Difficulty : Beginner / Intermediate

Format : Virtual Machine (VMware)

Description : This is a boot2root machine particularly educational for beginners. Follow us for next BTRSys systems. We hope you enjoy it!


One of the VMs used in the online CTF hosted back in September 2016 by Defcon Toronto, slightly modified to suit boot2root challenges.

Difficulty: Easy

Information: Overall 7 flags to collect, id 0 is the final step.


  • File: Galahad.zip (ovf)
  • Date: September 2016
  • VM Type: Tested on VMware Workstation
  • Notes: If the VM was able to obtain a DHCP you will likely see the IP in the VM login prompt.
  • Networking: DHCP
  • Checksum[SHA256]: c42839feadc8077380e167af9639cfcf9ebe3ffed083c98aee1e7d453022af5d

For any issues you can shoot an email to: dolev at dc416.com or DM me @dolevfarhi

d8888b. d8888b.  .d88b.  d888888b d88888b db    db .d8888.
88  `8D 88  `8D .8P  Y8. `~~88~~' 88'     88    88 88'  YP
88oodD' 88oobY' 88    88    88    88ooooo 88    88 `8bo.
88~~~   88`8b   88    88    88    88~~~~~ 88    88   `Y8b.
88      88 `88. `8b  d8'    88    88.     88b  d88 db   8D
88      88   YD  `Y88P'     YP    Y88888P ~Y8888P' `8888Y'

"A bacterium found in the intestines of animals and in the soil."

          Corporate Malware Validator.

An IT Company implemented a new malware analysis tool for their employees to scan potentially malicious files. This PoC could be a make or break for the company.

It is your task to find the bacterium.

Goal: Get root, and get flag... This VM was written in a manner that does not require wget http://exploit; gcc exploit.

NB: VMWare might complain about the .ovf specification. If this does come accross your path, click the retry button and all should be well.