BerryDunn Holiday Hack Challenge Solution Report
| SANS 2025 Holiday Hack Challenge: Revenge of the Gnome(s) |
 |
|---|
About the Holiday Hack Challenge (HHC)
The SANS Holiday Hack Challenge is a free, annual cybersecurity competition designed to help participants strengthen their technical skills through practical, hands-on challenges. At its core, the event is a large-scale capture-the-flag (CTF) exercise where players engage in penetration testing, reverse engineering, cryptography, network analysis, and other security disciplines. Each challenge is crafted to simulate real-world scenarios, giving participants the opportunity to practice problem-solving and apply security concepts in a safe environment. Since its early beginnings in the 2000s, the challenge has steadily evolved, incorporating increasingly sophisticated puzzles and interactive environments that encourage both individual learning and team collaboration. Its primary purpose is to make skill development accessible to all levels of expertise, from students just starting out to seasoned professionals looking to refine their techniques. By offering a structured yet engaging platform, the Holiday Hack Challenge has become a respected training ground in the cybersecurity community, fostering growth, knowledge sharing, and the advancement of practical defensive and offensive security skills.
This year's HHC is structured in 3 Acts. Act 1 is intended to practice and polish skills. Some of these tools are old friends, and some of these tools may be unfamiliar. Act 2 increases the difficulty, in some cases chaining attacks to achieve the objective. Act 3 increases the complexity and difficulty for most of the objectives. The difficulty of an objective is rated on a 1-5 scale, with 1 being less difficult, and 5 being the most difficult.
The table below shows the number of participants that started the challenge, and how many completed each Act. Each member of the BerryDunn team completed Act 1 (21.7% of those who started the HHC). BerryDunn's Mitch Darrow and Spencer Treece completed Act 2 (8.5% of those who started the HHC). Mitch Darrow completed Act 3 (0.9% of those who started the HHC). This report was 1 of 21 reports to be recognized with a "Super Honorable Mention" Award. This is one step below the Grand prizing winning reports.
| Number of Participants | Percentage | |
|---|---|---|
| Started the Challenge | 14,100 | 100% |
| Completed Act 1 | 3,057 | 21.7% |
| Completed Act 2 | 1202 | 8.5% |
| Completed Act 3 | 136 | 0.9% |
Members of BerryDunn's IT Security Consulting team have participated in this event the last several years. The team uses the HHC for honing and developing staff member's skills. Each participant works independently. The team gathers once a week for a social hour where we are able to discuss objectives, tools, and techniques.
The list below is a curated list of the best of class solution for each objective, as determined by team consensus. Each write-up includes the following features:
- A high level summary of the solution including a MITRE ATT&CK Mapping
- An expandable section with the detailed solution, including screenshots and code snippets
- A summary of tools used
- A summary of hints for the objective
- An acknowledgements summary, thanking other participants for any guidance in solving the objective
Hack Challenge Solutions
A matrix of solution write-ups for each objective that team members completed may be found here:
All Solutions
The following are the BerryDunn IT Security team's official solutions to this year's HHC objectives:
Who is BerryDunn
Learn more about BerryDunn.
Find out more about BerryDunn's Cybersecurity Team and the services offered.
Meet the BerryDunn team members who participated in this year's challenge:
| Mitch Darrow | Spencer Treece | Kodi Berube |
