Solve the challenge

This year we have several challenges to discover. Solve as many as you can.

Each challenge solution results in a small token called a flag, which looks like "NIXU17{...}". Some challenges contain multiple flags. There are 14 flags to find in total (6 of them in the pcap), give or take.

Write down how you solved each challenge in its own section and submit your solutions if you found at least one flag. Include the source code of any programs or scripts you have written. If you made some progress with a challenge but were unable to get the flag, submit what you did nevertheless. Writeups are preferred in plaintext or PDF format; solutions with multiple files should be zipped.

If you are tempted to poke at a certain server whose domain name matches the regular expression /^[7aebitsc.onygu1]+$/ and has the following SHA-256 hash, go ahead, it is part of the challenge:

SHA-256(domain name) =

Any other domain is NOT part of the challenge.

Please don't break the challenge for others. If you experience technical issues with these challenges, you can send a report to challenge.bugs AT nixu com. We will post updates to this page if needed.

Have fun!
Start challenge!

This challenge will primarily test your mindset but also your security knowledge. There is a given scenario and a number of tasks to be attempted. Please submit your partial or complete answers as PDF attachment as part of your online application.

Have fun!
Start challenge!