What’s the Advent of Cyber 2?

Advent of Cyber is an event of “hacking” organized by TryHackMe. It consists of a series of cybersecurity tasks that are released daily starting from the First of December. For the 25 consecutive days beginner friendly tasks are released. Each of the tasks has some theory that explains concepts and tools, it is also shown in the description of a task how the mentioned concepts can be used practically.

I heard about this event from a Facebook group at the end of November. After analyzing what is this all about I got hooked on the idea. Even though, as a Christian, I have a different association with the Advent, the concept of executing cyber security tasks for each day before Christmas sounded interesting. I knew that the tasks will be beginner level, so I hadn’t expected to learn a ton, but I liked the idea and also wanted to get familiar with the TryhackMe platform. And of course, prizes were also tempting: PWK courses, Raspberry Pi 400, WiFi Pineapple, USB Rubber Ducky, Security+ vouchers, and so on.

For the majority of the tasks, a virtual machine has to be deployed. Event participant tries to exploit a virtual machine in different ways: by the website, open services, insecure protocols, by exploiting various vulnerabilities. All the tasks were categorized into categories of:

  • Web
  • Networking
  • Scripting
  • Reverse Engineering
  • Blue Teaming
  • Special

My personal opinion about the event

I really liked the story behind the tasks. Every task was related to Santa’s servers. You had to help the elves to defend the servers to save Christmas. During the course servers were hacked, files were encrypted, stolen. Every minor detail helped to feel like you are really working with Santa’s team to save the Christmas. Usernames and passwords, websites, files on the servers, everything had a Christmas vibe. It was really interesting to follow along wih the story.

From the beginning I expected tasks to be easy, and I was right. This was for the beginners after all. For me, the tasks were pretty straightforward and doable. But of course, I am far from being an expert, for some of the days I had to glance at the solutions that TryHackMe uploaded for most of the tasks. Silly mistakes mostly - missing simple and obvious answers, going far into the wood thinking about complex solutions :). Even though the tasks were aimed at beginners, I learned new things. This is mostly related to the Windows: PowerShell, volume shadow copy service (VSS).

Also, the reverse engineering part. This was useful for me as I had zero experience in this.

But I believe that the complexity of this concept was sufficient. If complicated tasks were released for 25 consecutive days, everyone soon would hve become demotivated and would start cheating and looking for the answers.

TryHackMe Advent of Cyber 2 certificate This is the certificate a participant receives after finishing all the tasks

“When will the winners be announced?” - literally everyone

As now is the second day of Christmas and all of the gifts are unpacked and all the relatives are hugged virtually, there is not much to do because of the quarantine (except watching Harry Potter on the local TV), I decided to lurk on the Discord channel advent-of-cyber-2 of TryHackMe (and also do some other not very productive activities). As the Advent of Cyber 2 was over, there were plenty of questions like these:

  • When is the draw?
  • When they gonna announce the winners?
  • Does anyone know where THM gonna announce prizes?

I guess we all want to win something. However, it seems that for the majority of the participants the prize is the most important thing they want to take from this challenge. In the Discord channel of TryHackMe even some kind of desperation was noticed.

What saddens me is how some of the people are hyped for the prize and are dreaming to become the winners. It’s only my assumption, but I personally think that they think of winning a prize such as PWK course as a ticket to a cybersecurity career. Even though it might become a great trampoline, what these people miss is that you need to actually build your skills, and getting some kind of a voucher (PWK in this case) will not give you a position.

But again, this is only my personal opinion, which might be biased because of the many posts I’ve seen on Facebook newbie cybersecurity groups. Most of the people there ask how can you start in cybersecurity and what certificate should one take :).

Firstly, I thought that it was silly to wait for the draft and be checking if it already happened. But then I realized that this is like waiting for Santa - the process of waiting is more (or at least the same) fascinating than the moment of receiving the gifts.

How many of the participants done everything by themselves? My little case study

Well… I am a hacker after all (Editor note: more like pretending to be a hacker). I became curious about how many of the participants were referencing the videos and did not finished the challenge completely by themselves. I watched some of the videos myself a few times. However, I believe that some people were too lazy and only wanted to get the prizes, so they waited for the answers to be released in the YouTube videos. Too bad, but not every answer was there.

For the last task, the one that demanded to bypass a filter and upload a reverse shell, not all answers were released in the video. By the way, this is where many people struggled (from the number of questions asked on the Discord).

Anyway, according to the statistics I last time checked on the Advent of Cyber 2 room, a total of 25403 people joined the room. It is not clear how many of them finished the tasks.

The interesting part: how many of the people finished everything by their own?

  • Kick-off video at the time I accessed it had over 27k views on YouTube.
  • Day 2 video - over 15k
  • Day 3 video - over 8k. Either the task was easy for most of the participants, or the people lost the motivation after the first day.
  • Days 4 to 24 - the videos had from 2.3k to 11.9k views.

On average, TryHackMe videos where the solutions were explained had 8.2k views. So, potentially, 1 of 3 participants was watching the videos. But again, it is not clear how many of the 25k people that joined the room were doing the tasks.

What does it tell us? Nothing. Just a fun fact that shows everyone needs some help with one or another task :).

Final words

Shootout to the people who dedicated their work to make all this happen. Thank you, John Hammond and DarkSec I really liked your videos.

It was an amazing event that benefited many people. The story of it was also wonderful. I believe that it helped many people to gain basic skills and I really hope such an event will be organized next year!