SANS Penetration Testing

2014 SANS Holiday Hack Winners and Official Answers

[Editor's Note: Every year for eleven seasons now, SANS creates a Holiday Hack challenge for you to build your skills with real-world infosec tools and techniques, all the while having some good holiday-inspired fun, for everyone to participate in, no charge at all. If you haven't checked out our most recent SANS Holiday Hack Challenge, you should definitely read through it. This years' challenge was written by Ed Skoudis and Josh Wright, with support from Tom Hessman and the vocal stylings of James Lyne. We'll keep the challenge itself, the target servers, and the file system image available for as long as possible, so you can continue to work through it, either on your own, or referencing the official answers cited below. Have fun!!! Following immediately below is our official announcement of winners and answers. -Ed.]

Lynn Cratchit emerged from the rather toasty Secret Room, a gentle smile lighting up her countenance.

"Mr. Scrooge? have you finished judging this year's SANS Holiday Hack Challenge entries?" she inquired.

A bedraggled Scrooge looked up wearily from his desk, surrounded by piles upon piles of papers stacked high all about. An increasingly healthy Tiny Tom looked upon the scene whilst holding an impossibly cute orphaned puppy, awaiting Scrooge's answer.

The old man began to speak slowly, "All told, we received an avalanche of responses to our challenge, several hundred people from around the globe sending in their answers. Their response was both overwhelming and?" the old man paused? "Wonderful." His eyes, I tell you, started to sparkle.

"I'm deeply touched by the outpouring of technical wizardry, analytical excellence, whimsical wit, and outright humor in these answers! Some were marvels of concision, while others were detailed treatises several dozen pages long. Many were straight arrow, while others plunged for the jugular of hilarity. Think about it! Those ghosts posed challenges from many different skill sets: social engineering, penetration testing, packet analysis, forensics analysis, and so much more! But, all in all, these very entries have shown beyond a doubt the great skill, extreme discipline, special patience, good will, and amazing character of people in our community. Why, one joker even posited this preposterous thing in his answers:

The characters in the story appear to be a loose portrayal of the staff of Counter Hack Challenges: Skoudis as Scrooge, Tom Hessman as Tiny Tom (rather than Tiny Tim), and Lynn Schifano as Mrs. Lynn Cratchit; and apparently, Ed keeps the secret room at the office a little cold for Lynn and Tom."

"What nonsense!" laughed Cratchet, as her new heater chugged away spreading its radiant warmth throughout the Secret Room.

After a hearty guffaw, Tiny Tom asked the most pertinent question, "So? do we have a winner, Dear Scrooge?"

"Why yes, we do! There were so many great entries. Behold, here are the lists of noteworthy responses and our winners." Scrooge handed a scroll to Ms. Cratchit bearing the following proclamation....

Ebenezer Scrooge here? I'm delighted to announce this year's honorable mentions and winners for the 2014 Holiday Hack Challenge, "A Christmas Hacking Carol."

Honorable Mentions

All of these dear people correctly solved each challenge and recovered every one of the ghosts' secrets. They are worthy of praise and have earned an honorable mention:

Anthony CaninoJoshua Roark
Ben AllenKerem Kocaer
Brad BerkemierMark Elliott
Brian BoswellMark Guth
Brian WiltseMartin Tyrer
Bryan RhodesMatt Edmondson
Bryan SmithMatt Keyser
Charles.L.RiceMichael Dyrmose
Chris WallaceMohammed Faiz Ahmed Quadri
Christopher DubskyNick McKerrall
Dan C'ndeaPgntest
Davide BerraPiotras
Dominick BarbuscioRichard Tafoya
Giacomo MilaniThomas Herrell
jane doeTom Pohl
Johnny MedinaTyler Halfpop
Jon SearlesWarren J Raquel
Joshua RoarkYassine id bougnoun
Kerem Kocaer

REALLY Honorable Mentions

In this next group, we have people whose answers included some extra special narrative or deep technical insights. These folks have earned a REALLY Honorable Mention:

Annah WaggonerJosh V
AnthonyMagnus Lund Jacobsen
Austyn KrutsingerMario Acosta Arteaga
Carrie RobertsMichael Pella
Chris Andre Solberg DaleNick McKerrall
Christian BajadaPatrick Mooney
Delaney NgPaul M. Goffar
DineshPeter Dayok
Eddy VanlerbergheRichard Gold
Gebhard ZocherRick El-Darwish
Harinderjeet SinghRonnnie Friis Salomonsen
Ian Spyder LovecraftFabrizio
Jam4arTsvetelin Choranov
Jonas Strand

Stunning Awesomeness

This next group of answers exhibited simply stunning awesomeness. Each was a contender for the top slot, and it was a true honor to read their answers.

Anatolie Prisacaru (shark0der): A wealth of technical insight in this one. The Force is strong with its author, for sure!

Andrew Rowbotham: This solution is brilliantly laid-out and nicely detailed, with XKCD to boot!

Chris Eckert: This is a GREAT write-up, complete with hilarious memes from throughout the Internet... a pleasure to read and absorb.

Jeremy Galloway (Cypher G): The animation in this solution is infectious with excitement. What a joy to read!

david switzer: Interested in some awesome rhyme, along with technical analysis? You gotta check this one out then!

Don C. Weber: This report is stunningly good, a virtuoso performance with an impressive style and format for incident response, along with recommendations for preventing future occurrences of ghastly hacking interventions.

Jerome Kleinen: With its alternative ending, this solution makes for very fun and compelling reading.

Jim Herubin: What a GREAT, detailed, and well-formatted solution. Nice work!

Joshua Tomkiel: This solution is smooth throughout, with a great description of each step, plus an excellent and clear format.

Rich Cassara: The 1940's Private Eye Film Noir feel to this solution was awesome, bringing a smile. Plus, he re-imagined the entire point of the challenge, wherein a team tricks Scrooge through the use of an Oculus Rift, rather creative pharmacology, and even a trebuchet to simulate all of the ghastly action. Simply amazing!

The Winners

And now? Our winners.

Random Draw

We'll start with our Random Draw winner, who will receive an autographed copy of the Counter Hack Reloaded book. Using a random number chosen by the fine folks at, our winner is....

Matt Keyser

Most Creative Answer

Next up is our Most Creative Answer that is Technically Correct, who will also receive the Counter Hack Reloaded book. The winner for this one is a simply delightful and hilarious story full of Dr. Who and even some Star Wars references. We smiled and laughed our way through this great set of answers. It's AWESOMELY creative! And the winner is....

Mike Cecil

Best Technical Answer

Competition here was fierce, with so many strong contenders. But, in looking through them all, we received a very special entry that graphically illustrated the solution to each and every challenge, step-by-step with FANTASTIC figures. If you'd like a quick and handy reference guide on how to conquer each challenge, you should definitely read this set of answers. Our best technical answer winner, who will also receive the Counter Hack Reloaded book, is?.

Masashi Fujiwara

GRAND Prize Winner

And finally we have our GRAND Prize winner, who receives a free SANS OnDemand course. This entry covers each and every twist of the challenge and its solution, highlighting all of the subtleties that Josh Wright and Ed Skoudis buried in the challenge. In fact, the answer is so good that we consider it the OFFICIAL answer for this year's SANS Holiday Hack challenge. If you are looking for how to conquer each and every one of the ghost's secrets, we urge you to read the GRAND Prize winning answer by?

Dave Lassalle

Congrats to all our winners!scrooge

The entire team here wishes to thank everyone who worked through the challenge! Josh Wright, Tom Hessman, Lynn Schifano, Tim Medin, Jeff McJunkin, Tom VanNorman, and me (old Ebenezer Scrooge) are truly honored that you invest your time each year developing your skills and having fun with our quirky creations. For each Holiday Hack, we try to create a little Christmas world, distinct from each of our previous challenges with brand new technical twists, offering you an opportunity to dig in and develop real-world information skills based on very recent attacks, tools, and techniques. Our goal is to create the very best challenges we are able to muster to spread some unique holiday fun by varying the style, technical approach, tools, and techniques every year. Also, we leave our challenges up for as long as possible. Feel free to work through them again, or even go through our previous ones, such as our 2013 installment (It's a Hackerful Life featuring attacks against Industrial Control Systems), 2012's challenge (The Year without a Santa Hack, focussed on web app pen testing), or 2011's missive (Grandma Got All Haxx0red by a Reindeer, chock full of in-depth packet analysis).

Oh, and one more thing? We're already starting work on our 2015 challenge, our best ever, which will feature some really distinct delights, including some whacky wireless, a little firmware analysis, and an Internet-wide scavenger hunt for special stuff we're going to squirrel away so that Santa himself couldn't find it. We'll launch it the second week of December, 2015. I can't wait!


Er? I mean?



p.s., If you like this kind of thing and want to build your skills through some excellent training, please do check out SANS course offerings, especially those in the Pen Test Curriculum. We've got lotsa great in-depth offerings to choose from, including SANS Security 560 on Network Pen Testing (which I'm teaching in Feb in Scottsdale AZ, March in Baltimore, April in Orlando, and May in Austin TX), SANS Security 575 on Mobile Device Security & Pen Testing, and SANS Security 660 on Advanced Pen Testing!


Posted February 14, 2015 at 10:21 PM | Permalink | Reply

Dan Kern

Hey Ed, Josh, et al''
Awesomeness again! Thanks again for a really fun holiday hack.
Quick Q: How did you embed the text you want into the memory of the web server to make the heartbleed query consistently successful using the ssltest script?

Post a Comment


* Indicates a required field.