To be part of this competition you need to do three things: download the challenges, install our data collection framework, and accept the IRB (Institutional Review Board) paperwork. Then, hack away at the challenges, and win the big bucks! 

  1.  Go here to create a token for the competition. This can be any unique string. Save this token; you will need it later.
  2. Install a virtual machine player/hypervisor for the device where you will do your attacks. We recommend either VMWare or VirtualBox; select an appropriate option for your operating system.
  3. Log in to your virtual machine, start a browser, go here, enter the token you set in step 1), press the "Set" button, and click the link to download the installer script. You need to run this installer on all devices you will be running your attacks on, physical machines as well as virtual machines.
  4. Follow the installation instructions below, depending on your plaform.
  5. With the data collection running, download the challenges here.
  6. When you install the data collection framework you will be asked to agree with the IRB (Institutional Review Board) agreement.

Linux/x86 Installation

This software has been tested on Ubuntu and Kali Linux, but may work on other versions of Linux. We recommend Kali Linux for security competitions, as it has handy tools for these problems.

  • Open a terminal and run  the installer by issuing the commands:
    chmod a+rx ./
         > sudo ./"

Windows Installation

Windows support is currently in beta testing but should work on Windows 10.  Please keep in touch with the study admins when using it to ensure data is being uploaded correctly.

  • On your Windows virtual machine, download and install the latest version of Java. We use the Oracle JDK but other virtual machines may also work. 
  • Open a terminal (search for "cmd" on the start menu), right click, and select "Run as Administrator" before navigating to the folder where the downloaded install script resides.
  • Run the installer by issuing the command:

Linux/ARM Installation

For the ARM challenges, we recommend that you run them directly on an RPi 4, without a virtual machine. To do so, follow the installation instructions for Linux above.

Attacking the Challenges

Execute your attack while running the data collection. 

  • You can use whatever tools and techniques you wish to attack the challenges. You are free to install any additional tools as long as you're running the data collection framework so we can see what you're doing!
  • If you wish, for extra points you can annotate the traces we collect, telling us what steps you're executing (such as "starting IDA pro", "trying decompilation", ...). To add your own annotations, enter them into the RevEngE UI that gets launched upon installation. Enter what you are doing (the annotation) before you begin and push "Add". Once you finish that task, push "End". If you restart your device, your current tasks will be stored and populated into the UI, but you will need to manually resume them by clicking on their buttons.