Announcing the winners of the 2026 Magnet Virtual Summit CTF
Hi, all! This is Jessica Hyde and I am so excited to share the winners from the Magnet Virtual Summit 2026 CTF, as well as images, the challenges, and the questions! The Magnet Virtual Summit 2026 CTF was another exciting competition. We had over 3,950 people register for the CTF and 1,041 folks solved at least one question —record breaking participation!
We’re happy to announce the winners:
- First place: lwei
- Second Place: CaptureLeFlague
- Third Place: Rich_Titan_Digital
And as always, we kept the game open for a First to Finish winner. This is the first player to get a perfect score which happened 7.5 hours after the start of the game.
- First to Finish: FAlhumaid
Figure 1: Scoreboard showing CTF when it closed
We want to give you the opportunity to keep working through the challenges, so we’re sharing the questions and links to the images below in addition to links to community solves.
Images
Still need a copy of the forensic images? We are happy to have released an iOS 18 Full File System image as part of this data set as well as an Android 14 image, Windows 11, and a MacOS Sequoia image. There is plenty to explore in these data sets beyond the CTF itself. Download the images here:
SHA256: 46402902a512f4f06a50bb130d381dceb84045013aae90c2cc36eef711eea8d0
SHA256: 74eb03756b8fd825670ba58915bc6d3458b7bdd41d23db9d9dcbd4ba1c1e3539
SHA256: 78f3339ee2fb1879860053635325a2f8e9d9a2f34c59bdce73e20c5048435333
SHA256: e907354cdba94afd2d0f41acbfbd8c25880cd00947ab2a6bd972958baec48790
Please download with a chromium-based browser so you can resume the downloads if they fail.
Questions
| Challenge Name | Question |
|---|---|
| Cipher Challenge |   |
| Can you Handle this one? | Hi Jessica! 00110110 00111000 00100000 00110111 00110100 00100000 00110111 00110100 00100000 00110111 00110000 00100000 00110111 00110011 00100000 00110011 01100001 00100000 00110010 01100110 00100000 00110010 01100110 00100000 00110111 00110011 00100000 00110111 00110100 00100000 00110110 00110001 00100000 00110111 00110010 00100000 00110111 00110100 00100000 00110110 01100100 00100000 00110110 00110101 00100000 00110010 01100101 00100000 00110111 00110011 00100000 00110111 00110100 00100000 00110110 00110001 00100000 00110111 00110010 00100000 00110110 01100010 00100000 00110011 00110100 00100000 00110110 01100101 00100000 00110011 00110110 00100000 00110010 01100101 00100000 00110110 00110011 00100000 00110110 01100110 00100000 00110110 01100100 00100000 00110010 01100110 |
| Peel Back the Layers | Can you find the hidden link? (Provide the redirected resource URL) https://mvs26.hexordiactf.com/Ciphers/ThisIsFine.pxz |
| Good Grief! | The Great Pumpkin’s Inverse Logic https://mvs26.hexordiactf.com/Ciphers/VanPelt.png |
| Resident Evil | Can you find the link? https://mvs26.hexordiactf.com/Ciphers/Challenge3.vhdx |
| Bonsoir Elliot | It’s not that Deep, just Sound it out (shout out to int80) https://mvs26.hexordiactf.com/Ciphers/HideNSeek.wav |
| Cows come in all shapes and sizes | Decode the secret message: https://drive.google.com/file/d/1p4HHKDdSkbROm85c9pxbi7apJTXM_ND9/view?usp=drive_link |
iOS | |
| Need a Challenge? | What Instagram handle does User ID 2278169415 belong to? |
| So Thoughtful | What item does the user need to buy for Christmas? |
| Don’t Lose your Data | In UTC when was the last iCloud backup? (YYYY-MM-DD HH:MM:SS) |
| What a caring coworker | How many people did the user message expressing concern about Daniel? |
| Go the Distance | What was the farthest distance the user logged in meters? (Round to the nearest hundredth) |
| Do you have any games on your phone? | What genre of app did the user download the most of? |
| That would look nice in my garage | What is the make and model of the car that was photographed without a iPhone? |
| Where are we going? | What airport was the phone near when it pinged off of a cell tower on 2025-12-16 22:47:24 (UTC)? |
| I prefer the color blue | What is the name including extension of the purple tagged file? |
| I like your spirit | What secondhand item was the user searching for? |
| That’s not a Mario character | What is the mascot of the frozen dessert shop that the user visits a lot? |
| Welcome Home | What port was the host directed through for a sign-in? |
| They know their drinks! | What are the recorded coordinates of the place the user went to comment about a certain adult beverage? |
| Oops, all errors! | What word did the user misspell, then correct before sending over text on a Friday? (Format: type the misspelled word as-is) |
| Lights Out | What is the UUID of the process that is related to an initiated shutdown? |
| Take Your Time | How much time elapsed between Tom reading a phone number and sending their first message on a different platform? (Format: HH:MM:SS.sss) |
| Salt and Pepper | What is the password hashing algorithm for the “alexmaurie” user? |
Android | |
| Anything open this time of night? | What is the name of the establishment the user took a screenshot of? |
| Three Star Exit | What was the last time in UTC Clash Of Clans was closed? (Format: YYYY-MM-DD HH:MM:SS) |
| Long Distance Call | What country was the other party from for a rejected/declined call? |
| Clean Lens | What is the Ingress rating of the security camera that supports night vision? |
| The MVS Times | What was the answer to the first Wordle puzzle solved? |
| Secure Attachment | What is the name of the client the user was most recently working on? |
| Guess Again | What was the second guess on the first Wordle the user played? |
| Checked Out | What was the reason the Nike app was last exited? |
| Swimming School | What class had the most badges? |
| Smarty Pants | How many emails were automatically labeled as smartlabel notifications? |
| Put a Ring on it | What is the hex code of the content color for the entry that expires on 2025-12-01 15:06:45? |
| Some Data Hides Many STATs | What was the PID of the app that was in focus at 2025-12-15 17:48:09? |
| U Tree C | When in UTC was the timezone set? (YYYY-MM-DD HH:MM:SS) |
| Out of Bounds | What was the top package name in a splitscreen shortcut? |
Mac |   |
| Salt and Pepper | What is the password hashing algorithm for the “alexmaurie” user? |
| Pedal to the Metadata | What was the name of the racing game the user installed? |
| Running on Fumes | What was the lowest battery level the device reached? |
| Busy Day | How many tasks did the user have on 2025-12-10? |
| Hey Siri | At what time did the user last access a URL using Siri in UTC? (Format: YYYY-MM-DD HH:MM:SS) |
| Shell Shocked | What is the UUID of the zsh terminal session restored on 2025-11-20 19:31:51 (UTC) ? |
| Identity Crisis | What is the IMEI of the connected iPhone? |
| Welcome to ISS | What day did Alex become eligible to work at ISS? (Format: YYYY-MM-DD) |
| Ssssneaky Logs | What version of Python did the user have installed? |
| Blue’s Clues | What is the Bluetooth address of Alex’s iPhone? |
| Leased and Found | What’s the MAC address of the router that the user was leased on 2025-12-24 09:48:49 (UTC)? |
| Almost Done | How many seconds did it take for the system to totally install a 3rd-party cloud storage app? (Format: xx.xx) |
| Back to the Backup | What was the logical size of the second most recent backup? |
| Cloudy with a Chance of Data | What was the value associated with the most recent iCloud operation? |
| Checkmate | How many total knight moves were played? |
| Xtra Secure | What is the exec_cdhash of the event that occurred at 2025-12-01 09:23:52 PM? |
| Absolute-ly Caffeinated | At what time (UTC 24hr time, format HH:MM) did the user join the network of a cafe on the first day of the month? |
Solutions
The digital forensics community often share their solutions from the MVS CTF. As a complement to that, Hexordia is hosting solutions blogs using Magnet Forensics tools at hexordia.com/ctf
Thank you!
Thank you so much for playing! As always, a big shout out to the amazing Hexordia team that built the CTF including Adam Hachem, Kevin Pagano, and Elizabeth McPherson from Hexordia along with our amazing interns James Cangelosi, Cece Ehgotz, and Colin Yeager from the Champlain Digital Forensics Association for working with us to build this incredibly fun challenge for the community.