Web - Client

At first you will be faced with problems that will require little to no knowledge of web scripting language. Pretty soon the plot thickens ...

This series of events confronts you with the use of scripting language / client side programming. They are mostly scripts to analyze and understand. This will allow you to learn this language which is in widespread use on the internet.

Prerequisites:

Understanding a scripting language such javascript / vbscript
Understanding the operation of a debugger such firebug / javascript console

Challenges ahead:

HTTP spliting
Open redirect
Reflected XSS
CSRF
XST
Insecure browser information storage
Etc. ...

Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Who ?	Solution
	Flash - Authentification	2%	40 Points	Medium	koma	Who ?	0
	Javascript - Authentication	51%	5 Points	Very easy	g0uZ	Who ?	0
	Javascript - Authentification 2	42%	10 Points	Very easy	na5sim	Who ?	0
	Javascript - Native code	18%	15 Points	Easy	g0uZ	Who ?	0
	Javascript - Obfuscation 1	43%	10 Points	Easy	Hel0ck	Who ?	0
	Javascript - Obfuscation 2	35%	10 Points	Easy	Hel0ck	Who ?	0
	Javascript - Obfuscation 3	19%	30 Points	Medium	Hel0ck	Who ?	1
	Javascript - Obfuscation 4	2%	50 Points	Hard	aaSSfxxx	Who ?	0
	Javascript - Obfuscation 5	1%	70 Points	Very hard	Hel0ck	Who ?	0
	Javascript - Source	57%	5 Points	Very easy	g0uZ	Who ?	0
	Javascript - Stored XSS 1	6%	30 Points	Medium	Armel, g0uZ	Who ?	0
	Javascript - Stored XSS 2	3%	50 Points	Hard	g0uZ	Who ?	0

Challenge Results

Pseudo	Challenge	Lang	Date
skyron	Javascript - Obfuscation 1		23 May 2013 at 12:37
skyron	Javascript - Source		23 May 2013 at 12:04
benkow	Javascript - Obfuscation 1		23 May 2013 at 11:47
benkow	Javascript - Authentification 2		23 May 2013 at 11:41
jonave	Javascript - Obfuscation 1		22 May 2013 at 02:39
jonave	Javascript - Source		22 May 2013 at 02:24
jonave	Javascript - Authentication		22 May 2013 at 02:23
meh95	Javascript - Obfuscation 2		21 May 2013 at 22:43
quent	Javascript - Authentication		21 May 2013 at 20:42
meh95	Javascript - Obfuscation 1		21 May 2013 at 20:13

0 | 10 | 20 | 30 | 40

Last Posts

Users

33 visiteurs en ce moment

Last registered users : lerrixsnzIL riyelpicture m4tux Rodrigo fathur madani vt123

ShoutBox

m31z0nyx
23:25 04/05/2013
Hi Nick,
Yeah, it looks like C&C-1 is a bit trickier than that. A good starting point are the related ressources.
You are welcome to post your challenge related questions on the forum so it can help out other people too.
Regards,
Nick
17:13 29/04/2013
Seriously don’t understand C&C level 1. I have literally tried every accepted foreign IP address that just talks to one computer on the network. Only problem is there are like none
m31z0nyx
21:41 11/02/2013
Hi all,
The App-Script Shell5 challenge is down until tomorrow morning.
g0uZ
13:22 09/02/2013
test 2
g0uZ
09:40 09/02/2013
test message
r00ter
11:54 10/01/2013
Hi.Im trying to root LAMP ctf6 and Im stuck here.Im in the machine but as an apache user..So I uploaded a local exploit, 8478.sh and run ./8478.sh 379 but the generated SUID file isnt owned by root,still apache..Where Im I going wrong?
g0uZ
02:29 28/12/2012
fixed
spump
21:22 27/12/2012
section EN, main page, solutions: no challenge name!
m31z0nyx
16:56 24/12/2012
The Root-Me.org team whishes a Merry Christmas to everyone !
m31z0nyx
15:25 08/10/2012
New crypto challenge "Padding Oracle" released !
Go ! go !
g0uZ
15:11 31/08/2012
test reload auto & close auto post edition
g0uZ
14:58 31/08/2012
test chatbox en
Overlock
07:09 07/08/2012
http://www.root-me.org/en/Challenges-148/Cracking-158/AutoPE-604
poutred
g0uZ
20:44 22/05/2012
lot of "lang transition"’s bugs fixed (you should not change language as you do not explicitly ask)
g0uZ
20:01 23/04/2012
check : http://router.root-me.org/
m0x39
15:55 23/04/2012
hi, how come the wargames do not connect on port 2223 ? or on 22 the user and pass dont work ?
koma
16:19 26/02/2012
kapil sharma maybe you are searching at the wrong place
kapil sharma
19:25 25/02/2012
i am unable to understand that what paasword is putting into stegnography image method . .what is the puzzle?
kapil sharma
19:24 25/02/2012
i am unable to understand that what paasword is putting into stegnography image method . .what is the puzzle?
5P00N
22:07 07/02/2012
what do i do on here my friend told me it teaches you to hack from square 1
5P00N
22:07 07/02/2012
what do i do on here my friend told me it teaches you to hack from square1
Armel
22:07 27/08/2011
Of course John!
g0uZ
11:34 29/01/2011
Fixed : lang
handling bug.
g0uZ
19:07 23/01/2011
Welcome all !