Remote Password Manager [fore, 347 points, 12 solves] TLDR; The challenge consists of a single vmem file (VM memory dump). After some analysis, one of the things that stand out was that the `mstsc.exe` process was running. After a little bit of poking around, the flag could be found in one of the images preserved in the process memory.
The starting point of the challenge is a vmem file. It is a virtual memory file used by various hypervisors to store RAM on VM suspension.
Secure Extractor [pentest, 22 solves] TLDR; You had to exploit file upload mechanism in python application to get access to python developer console. To escalate to the root user, you had to make use of bash script, which was executed every minute by cron.
There are only few CTFs during the year, which have “pentest” or “network” challanges. InCTF is one of them. For each challange you had to download separate OpenVPN config and connect to the enviroment.