Welcome all

Root Me allows everyone to test and improve their knowledge in computer security and hacking. Our community helps us maintain a dedicated learning hack platform, publishing hacking challenges with their solution, news, tools and discussions on the latest events.

Root-Me on Twitter

30 July 2015

Now you can stay informed of all the news and all the new challenges of your platform by following @rootme_org on Twitter.
Do you like spending time on challenges and always learn more skills ? Follow us and share around!

Root-Me reachable over IPv6

4 January 2015

Root-Me made a big step forward and has now one foot in the IPv4 world and an other in the IPv6 hot and shiny one. The other good news is that you don’t have to do anything: it should just work with or without IPv6 support on your side.


Very few but some challenges remain IPv4 only though. The CTF AllTheDay architecture is ready for IPv6, but most of the CTF Virtual Machines are not and until we fix them, CTF will continue to be an IPv4 only thing (hopefully it won’t stay so for to long).

A big thanks to the team and especially to spump for the work behind this !

Public solutions and cheating

29 November 2014

Due to a lot of abuse, and in order to clarify the situation, the legal disclaimer page has been modified; we invite you to consult it regularly.

Root me already offers to share your solutions with other players directly on the website, while not "spoiled" those who have not yet solved the challenge.

These rules should allow us to keep together an emulation’s spirit while continuing to learn infosecurity in a fun way.

crypto/transposition - rail fence challenge modified

18 May 2014

The cryptanalysis challenge "Transposition — rail fence" suffered from two main problems:
- key was badly chosen and the challenge was a corner case of the algorithm
- the cleartext was the result of an encryption instead of decryption as one would normally expect: this is against the philosophy behind this plateform, especially for easy challenges

The challenge has thus been rectified, previous validations were reset. Submitted solutions have also been removed as they were not correct but working for the corner case.

Thanks for your understanding!

199 Challenges

Hundreds of challenges are available to train yourself in different and not simulated environments, offering you a way to learn a lot of hacking technics !

31 Virtual Environnements

Dozens of virtual environments are available, accessible with a few clicks, to give you a realistic learning environment, without any limitation.

869 Solutions

Each challenge is associated with a multitude of solutions, related resources allowing you to learn and to see the way followed by other users.

The goal of this portal is to permit anyone to improve his hacking skills through different sort of security challenges, papers and tools.

- Propose articles, news, submit tools and challenges.
- Discuss on the forum or on our IRC channel
- Leave us a message in the shoutbox

We need help to maintain the english part of the portal !

Challenge Results Challenge Results

Pseudo Challenge Lang date
koonlamet   File upload - null byte en 5 October 2015 at 02:50
TwiSka   Clair connu - XOR fr 5 October 2015 at 02:47
Punkachu   ETHERNET - trame fr 5 October 2015 at 02:44
TwiSka   HTTP Headers fr 5 October 2015 at 02:41
Michael Gottburg   Néonazi à l’intérieur fr 5 October 2015 at 02:37
Cesium   Javascript - Obfuscation 3 fr 5 October 2015 at 02:17
sharsil   Pixel Madness en 5 October 2015 at 02:06
Jean-Claude Dusse   HTTP Headers fr 5 October 2015 at 02:05
Punkachu   TELNET - authentification fr 5 October 2015 at 02:03
Jean-Claude Dusse   HTTP directory indexing fr 5 October 2015 at 02:01

Solution Solution

Author Challenge Lang date
zombie   ELF64 - Stack buffer overflow - avancé fr 29 September 2015 at 07:37
wszostak   Code - Pseudo Random Number Generator en 28 September 2015 at 19:19
eshiho   Encoding - UU en 28 September 2015 at 13:59
toniohawk   Décomposition pixelisée fr 28 September 2015 at 13:58
miaouPlop   ELF32 - Blind remote format string bug fr 22 September 2015 at 20:44
franb   ELF32 - Blind remote format string bug fr 22 September 2015 at 18:40
Igor Palmieri   SQL injection - string en 21 September 2015 at 19:11
DrStache   User-agent fr 21 September 2015 at 17:30
mksecurity   Pixel Madness en 18 September 2015 at 20:18
Asuwiel   ELF - Fake Instructions fr 18 September 2015 at 20:16