Jump to content
Tuts 4 You

LabyREnth Capture the Flag (CTF) Challenge - 2017


Recommended Posts


We’re one week away from the launch of the second LabyREnth Capture the Flag (CTF) challenge! It’s time to give all you players some more details on what you’re going to see next week.

We’ve got five tracks this year, and they’re a little different from last year. The skills we’ll be focusing on this year are the following:

  • Working with binaries (PE files, ELF files, Mach-O files, etc.)
  • Working with documents (MS Office Files, PDF Files, etc.)
  • Working with Mobile and IOT files (iOS, Android, ARM, MIPS, etc.)
  • Understanding the Threat Landscape (Yara, Networking, Intel, etc.)
  • Programming

While you’re in the LabyREnth, look out for some other challenges hidden throughout the CTF. Complete them quickly and you could win one of our individual first to solve prizes (tablets, VR equipment, etc.). Or just finish challenges in the five tracks to win some of the $32,000 in cash prizes we’re giving away this year! The overview, rules, and most importantly prize structure can all be seen at http://labyrenth.com.

We’ve selected these tracks and challenges as we believe they form the cross-section of skills necessary to be a solid security researcher.

We’ll be revealing hints and more information about the challenges throughout the CTF. 

We look forward to seeing you at 4pm PST on June 9!

Official site: http://labyrenth.com/
Announcement: https://researchcenter.paloaltonetworks.com/2017/04/unit42-labyrenth-ctf-2017/

  • Like 2
Link to comment

Unfortunately for that weekend I have some other plans in "real life". :( So, I'll take part in it but only starting on Monday..


Last year it was THE best CTF challenge I tried, so I can wholeheartedly recommend it to everyone. :)

  • Like 4
Link to comment
23 hours ago, evandrix said:

i'm stuck on Document #3 - got the images from usb.pcap, then what?

nvm, solved it~

Link to comment

Someone can give an hint on programming level 3?

I can't find any logic strategy for this. It seems completely random :huh:

Link to comment

It's an odd one... did you figure it out?

The paths are obviously walkable, and you can turn corners, but it seems to be randomly generated and empty apart from the ascii when you hit a wall. Most 'mazes' are just L-shaped for me

There is an odd thing where you can get stuck and no matter how much you turn, it's just walls.... not sure if that is significant? The hint says that the game is a 'cheater' and that the move from 1st to 3rd person is tricky....

Edited by Loki
Link to comment

Absolutely not i am stucked with that, i leaved it there and working on other tracks. :unsure:

Yes when you hit a wall ascii is printed. I saw also the 'bug' when you are stucked and there are only closed walls in each direction, in that case i just reboot the python because you can do everything but you will never exit from that damned walls. :D

I sincerely can't find a tactic to defeat that, it seems completely without a logic... and very annoying. :)


Link to comment

Well I don't have much time to do these challenges because of university but I've already solved binary #1 in my free time and I think this time either the challenges are way harder or I'm just out of practice.. But still they are fun to solve and I will do my best to solve atleast all binary ones if possible..

Link to comment

Any help on '%easymath%' ? It seems like 'Final part' ends in an exception(intentional?).


@xoring, I think it is tricky :P.


Br. akkaldama

Edited by akkaldama
Link to comment

for Documents #04, do i have to bruteforce the RC4 key?

using the one provided to decrypt gives a non-ASCII-only string...

Link to comment

@kao you mean after Binary #2? :P Well I will sit down later and complete it, I currently only know pieces of it but no idea on how to get the correct flag, if I just have to edit the .exe or code my own program to get the correct flag but hey that's what makes it fun ;)

Link to comment
10 hours ago, evandrix said:

for Documents #04, do i have to bruteforce the RC4 key?

using the one provided to decrypt gives a non-ASCII-only string...

check your key length
@kao the document track is also way more difficult, which seems to be the case for all tracks

Edited by Mr. J
Link to comment
14 minutes ago, Mr. J said:

check your key length

!@#$% sneaky problem author~!!


Edited by evandrix
Link to comment
48 minutes ago, kao said:

@Etor Madiv:

  Reveal hidden contents

labytime.exe generates flag which you need to submit to labytime.com. Unfortunately, the flag expires very fast..



So the algorithm that generate the PAN{hash} must be reused to send that quickly via a post request ? because I thought that the flag is something that does not begin with PAN{


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...