May 20, 2017

Engine-4 Bayamón, Puerto Rico

= LEARN =

ROUTER EXPLOITATION, CSRF, XSS, AUTH BYPASS

Our contest network lets you get a chance to try your hand at numerous exploits that are commonly found in embedded electronics.

= CTF PRIZES =

Prizes are limited! There will be only one first, second, and third place winner, and other prizes will be given while they last. If there is a tie, it is the first to reach that score who is the winner.

First Place Second Place Third Place
$75 Amazon Gift Card $50 Amazon Gift Card $25 Amazon Gift Card

= 0-DAY TRACK =

This contest only runs during DEF CON

Rules for 0-DAY TRACK

Identify and exploit a vulnerability:

Submit 0-Day overview and proof of responsible disclosure:

Demonstrate your exploit:

Email us if you have any questions or concerns: sohopeless@securityevaluators.com



Devices for 0-DAY TRACK

Device Software/Firmware Version
Google OnHub 7978.51.0
Amazon Echo 3077
Blossom Smart Watering Controller 0.8.1040 | 1040
Motorola FOCUS73 (model 0173) 01.19.32
Canary (Model CAN100USBK) v.1.4.0
Withings Wireless BP Monitor
Mimo Smart Nursery
Blipcare Wireless Blood Pressure Monitor 10.1
Apple Time Capsule 7.7.3
ZyXel Wireless Router (NBG6716) V1.00(AAKG.8)C0
ASUS RT-AC3200 3.0.0.4.378.9529
FitBit Alta 21.21.36.9
FitBit Blaze 17.8.200.3
i-Spy Tank v3.2.1
Netgear Push2TV PTV3000 2.4.53
Wink Hub
Wink Relay
Google NestCam 174-580038
Parrot Mini Drone Jumping Sumo 1.99.0
August Smart Lock (HomeKit Enabled) 35960934-2.1.47-2.1.47
WD My Cloud NAS v04.04.03-113
Brita Smart Filter
Samsung RF22K9581SG
Whirlpool WTW8700EC
LG LP1415WXRSM
Sony KDL48W650D

= PAST WINNERS =