Gnome in Your Home

SANS 2015 Holiday Hack Challenge

Winning Entries and Official Answers!

 

 

 

 

 

 

 

 

 

 

 

 

Ladies and GentleWhos… Officers and Detectives…. Please file into the briefing room in an orderly fashion for this morning’s update.  As the Captain of Whoville Police Department Precinct #15, I need to share some important information that impacts the entire precinct.  Thank you.

 

Item #1: Snow Removal.

 

As you know, Mount Crumpit creates some unusual weather patterns around the entire city this time of year.  I have been asked to remind you to keep your patrol cars parked in designated places around the station so that you will not interfere with snow removal equipment.  Thank you.

 

Item #2: New Ticketing Procedures.

 

Any officers associated with traffic patrol or parking violations will soon receive a document describing Whoville’s new procedures and updated fine schedule for 2016.  Any questions should be directed to your superiors.

 

Item #3: Who is the Villain.

 

Through the fine investigative work of over 500 officers and detectives here in this room, I am proud to announce that we have apprehended the mastermind behind the co-called “Gnome in Your Home” conspiracy.  Miss Cindy Lou Who, age sixty-two, CEO of ATNAS Corporation, had planned a worldwide crime spree to destroy Christmas joy.  And you, my friends, cracked the case wide open with the evidence you gathered in your quest through the Dosis Neighborhood to save Christmas.  Through your diligent and tireless work, all the Whos down in Whoville loved Christmas a lot.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Miss Who is now behind bars, without bail, awaiting final prosecution.  Based on the excellent evidence you provided, the DA’s office expects a quick conviction and a lengthy stay in the Big House for Miss Who.  The DA is also pursuing cases against Miss Who’s burgling friends.

 

I’d now like to turn this briefing over to Mr. Ed Skoudis, a gent from the DA’s office and from the SANS Institute, to discuss some awards you Whos have earned through your excellent efforts on this case.

 

(Ed takes the microphone from the Captain)

 

Thank you, Captain.  Every single one of you in this briefing room provided crucial support in bringing the nefarious perpetrator to justice.  But there are some among you who have gone above and beyond the normal call of duty, and we’d like to recognize you for your efforts.  So, if I may, I’d like to offer some additional items to the Captain’s briefing.

 

Item #4: HONORABLE MENTIONS

 

I’d like to acknowledge the following investigators for their fine work, earning Honorable Mention through their awesome work in gaining access to each of the SuperGnomes:

 

 

Anthony Canino

Bill Blough

Calle Svensson

Chris Williams

Christian Bajada

Christopher Moore

Chuckles

Cristofaro Mune

Criveti Mihai

Dan Borges

Daniel Plit

Darryl Hughes

Derek Siglow

Dollarhyde

Dominic H.

Eddy Vanlerberghe

Eugenio De Santis

Fabian

Federico Fox Scrinzi

Michael Pella

Mike Miller

Nick Ippolito

 

 

 

Item #5: SUPER HONORABLE MENTIONS

 

Additionally, some of you fine investigators have earned the designation of “Super Honorable Mention”, based on your extra technical finesse in the Gnome in Your Home Case.  I congratulate the following individuals who have earned Super Honorable Mentions:

 

 

Ahmed Adel

Alexander Merck

Andrew Rowbotham

Benoit Roussille

Cedric Von Bockhaven

Christopher Elgee

Christophe Rieunier

George Callow

Gray One

Harinderjeet Singh

John York

Lee Wei Yeong

Marisa Emerson

Mary Ellen Kennel

Michael Cecil

Nick DeBaggis

Paul Beckett

Sandro Bruscino

Stanislav Nurilov

Topher Timzen

 

 

 

Item #6: RANDOM DRAW WINNERS (receiving a NetWars T-Shirt):

 

As you know, the WVPD has been experimenting with random draw prizes for a select number of investigators associated with a given case.  I have been duly authorized to provide a much-beloved, super-soft-to-the-touch SANS NetWars T-Shirt to the following seven investigators, chosen at random through the fine folks at random.org.  Department administrative personnel will send a NetWars shirt to the following individuals for the success in the random draw:

 

Ali Bashivan

Charles Rice

Dominic H.

Markus Einarsson

Niceroad

Rich Cassara

Sonny Brunson

 

Item #7: EXTRA CREATIVE ENTRIES (receiving a NetWars T-Shirt):

 

Next up, we’d like to acknowledge the truly creative talents some of you displayed in filing your reports on the Christmas caper.  Each of these creative individuals will receive a NetWars T-shirt:

 

TabascoEye – Really neat artwork!

Dollarhyde – Amazing video showing how to do the entire challenge in just under 40 minutes.

Rich Cassara – Incredible rhymes describing the whole challenge and its solutions.

Oleksandr Synetskyi – A heart-warming story where the kids explain to Cindy Lou Who herself what they did to unravel her plot, with kind of a Scooby-Doo vibe.

 

Item #8: BEST CREATIVE ANSWER (receiving a 4-month subscription to NetWars Continuous):

 

Janus Jasinski – This fantastic solution has a beautiful website plus an integrated Dummies’ Guide describing the background technical concepts.  It’s fantastically crafted and very educational.

http://janusz.co.uk/sans/2015/3/

http://janusz.co.uk/sans/2015/solution/

 

Item #9: BEST TECHNICAL ANSWER (receiving a 4-month subscription to NetWars Continuous):

ctfhacker – These answers are incredible, and his integrated walk-through videos are wonderful.  A fantastic job!

 

And now, we get to…

Item #10, our GRAND PRIZE WINNER (who will receive an Online SANS Course)

 

Michael Pella – Michael’s work was incredibly detailed, uncovering and inventorying more detailed evidence than almost everyone, and even gaining root access to SuperGnome-04.  His write-up is a delight to read.  GREAT job, Michael!  Congrats!

 

Item #11: OFFICIAL ANSWERS

 

We had so many great entries, it was really hard to choose our official answers.  We like our official answers to be ones that other people can use to learn and enjoy.  This year, we are designating two sets of official answers, those by ctfhacker and Michael Pella.  We heartily recommend that you look through those great answers for insight and inspiration.  Thank you!

 

And with that, we’ll draw to a close.  On behalf of the leadership of the Whoville Police Department, the entire Counter Hack crew, and the SANS Institute, I’d like to thank you all for participating.  Also, we’re already starting work on next year’s SANS Holiday Hack Challenge, which is going to be a real doozy… another Christmas mystery!  I hope you’ll join us when we launch it on December 9, 2016!

 

Thank you!

-- Ed Skoudis, on behalf of Counter Hack and Friends

 

 

Forrest Fleming

Giacomo Milani

Hecber Cordova

Hendrik Spiegel

horned_pony

Jander Magi

Janusz Jasinski

Jeremy Bryant

Jeremy Fox

Jevan Gray

Joe Rozner

John Lytle

John Sonnenschein

Justin Palk

Keith Bartholomew

Kenny Long

Kevin Cooper

Kevin Hayes

Kevin TeStrake

Marcin Szymankiewicz

Marcus Miguez

Martin Apel

Matt Killion

 

Olav Haugan

Oleksandr Synetskyi

Pax Whitmore

Patrick Fitzgerald

Patrick Mooney

Peter McDonnell

Philippe

pyklops

Rich Cassara

Richard Davis

Robert Habermann

Robert Wessen

Sándor Nemes

Scott Finlon

Shaun Huynh

Stanislav Barta

Stavros M

Tom Wood

Tyler Scott

Whinson Lim

Toth Istvan

Vlad Grigorescu