BFS Ekoparty 2022 Exploitation Challenges

Show us your skills, to get a free invite to the BFS VIP dinner/party as well as an opportunity to join our team!

Welcome to the Ekoparty 2022 Hiring Challenge. 

Complete one of the two challenges for the opportunity to get an interview for a security researcher position at BFS as well as a ticket to our VIP dinner/party event in Buenos Aires during the conference.  After the interview, there is one more difficult challenge required.

We offer:

  • More money than you currently make
  • Huge bonuses for each exploit developed
  • 100% remote position where you call the shots on when and where you work
  • 100% focus on VR, no need for continous QA or other boring tasks
  • No time wasting meetings or other corporate nonsense
  • Team members who help you up your game, while you help them up theirs
  • Option to attend leading security conferences and trainings
  • Annual ski trips, summer events and much more!

Solutions should be sent to: 

Linux Kernel Exploitation Challenge:

We've been busy implementing our brand new Blunder IPC driver module. We're still halfway implementing some of its most awesome features, but we thought it's ready for some battle testing.

Can you load it on an Ubuntu 22.04 VM with the latest kernel (5.15.0-52-generic) and get root by exploiting this module? (extra points if you make an exploit that works in CPUs with SMEP and SMAP)

You can download the module source here


Windows Exploitation Challenge:

  1. Only Python solutions without external libraries will be accepted 
  2. The goal is to execute the Windows Calculator (calc.exe)
  3. The solution should work on Windows 10 or Windows 11
  4. Process continuation is desirable (not mandatory)

You can download the application here