Hacken Cup: How It Happened

An onsite bug bounty marathon (such as Hacken Cup) is a great opportunity for the HackenProof team to meet white hat hackers from our community in person. Face to face communication is very important because it gives us a chance to ask hackers for direct feedback about the product we are building. In addition, our clients use this rare chance to get hacked by some of the best hackers in the world Everyone’s a winner here.

Mind you, it’s not the first time HackenProof has hosted a bug bounty marathon. Last year, we’ve hosted HackIT Cup in Kharkiv, Ukraine.

We’ve started planning Hacken Cup all the way in summer, looking for clients that would make interesting targets for our hackers. In order to apply to Hacken Cup, hackers had to go through a simple CTF (Kudos to Arbin for an amazing “video-writeup” and Sahil for a text write-up). It was a great challenge to organize the event, but after lot’s of work, we’ve been standing in the airport meeting our first arrivals. All in all, 25 hackers have arrived in Ukraine.

The main event – Hacken Cup

The event itself took place in Kyiv, on the 8th of October at Blockchain Hub. We’ve lined up 3 targets for our hackers:
Crypviser (an all-in-one decentralized communications platform), Uklon – the biggest peer-to-peer ridesharing app in Ukraine and an international social platform.

The hacking started at 10:30 a.m. Hackers had 9 hours to find and report vulnerabilities. The race was ON!

What have we been doing through the event

The HackenProof team has been busy, handling all the issues and resolving any problems that hackers had during the event. Triage team was sweating hard to process that waterfall of reports coming in.

Apart from keeping an eye on the event, head of HackenProof team – Evgenia Broshevan was talking to the local media, explaining the importance of bug bounty programs in modern day world.

And giving a tour to the partners Long Hash, who we had the honor to have as a guest at our event.

After 9 long hours of hacking and hard work, the guys have managed to produce an astonishing result:

102 submissions were received! This is how the leaderboard looked like when the flag dropped:

Onwards to the award ceremony:

Taxi Drivers earned the most reputation at the competition (we all know where this team name comes from ;). Sahil, Geekboy, and Yassine showed an amazing result, reporting 23 bugs.

We would also like to mention the CUBETEAM (Sam and Abdullah) for the most rewards earned at Hacken Cup.

Apart from praising the winners, we would like to say that everyone showed amazing skill throughout the event. Both HackenProof and our clients were surprised by the amount of reported generated in a single working day

The afterparty

After the event, the team, the clients, and other guests went to the afterparty to celebrate the awesome job our hackers have done.

One of the keynote guests was Mike Boxmining which got an awesome present from Hacken for his wedding anniversary!

This was a great opportunity for hackers to finally talk to each other and discuss the bugs they’ve found during Hacken Cup.

Despite the eventful day, we’ve planned a surprise for our hackers. The next morning we were scheduled for a trip to the legendary Chernobyl!

But that’s a story for another time… stay tuned to find out what happened to the whole team in the Exclusion zone