The R1 Biggest Bug Bounty Challenge

The R1 team and their Bug Bounty Challenges is known to most North American Hackathon Hackers.
But this time was different. Prizes were not $1000 each, but $5000 each.

On January 2019, our R1 team rolled down for a great weekend at DeltaHacks the biggest Hackathon at McMaster University (Ontario, Canada). Where a ton of the best hackers came from neighboring US and Canadian Universities and Colleges to compete over prizes. 

Our gang had a simple challenge for the hackers over there.

Throw all you got at our R1 and if you break in and report any vulnerability affecting our R1 from an internal and external network point of views you go back with $5000 in CASH and a guaranteed interview with our team for an internship or a contract position.

We ran a few beginner-friendly workshops to install KALI/Backtrack and get vulnerability scanners running.
We reviewed fingerprinting and most exploits sources with the hackers.
We ran a workshop on wifi ninja hacking with some alfa network cards and a wifi pineapple, also ran a workshop on physical access hacking by using bad USB keys, usbkillers and serial port hacking.

Wished them luck and let them hit it for 48 hours (no sleep – no giving up). 

Some help was provided over the course of the competition we even gave them access to the official CEH (Certified Ethical Hacker) courseware and shared some good papers and articles about recent vulnerabilities they shud try and modeled few attack models and graphs, for beginners.


Lots of good shots. Few EXCELLENT trials.


We have seen Grad and Undergrad students trying EVIL TWINS, DDOS, Reflective DDOS, Fuzzing, Bruteforcing Credentials, Replay Attacks, Serial Based Attacks, Rubber Duckies, and more but no winner was announced.

We made it up for them by taking all the participants out for drinks and pizza and are now in the process of interviewing two of the brightest young minds we have seen trying to crack this puzzle.

Participants received swag and a free GRAVITY card to protect their contact less payment cards.

Thank you to Deltahacks, and McMaster University we had a blast.