At first you will be faced with problems that will require little to no knowledge of web scripting language. Pretty soon the plot thickens ...
This series of events confronts you with the use of scripting language / client side programming. They are mostly scripts to analyze and understand. This will allow you to learn this language which is in widespread use on the internet.
Insecure browser information storage
|Results||Challenge's Name||Validations||Number of points||Difficulty||Author||Note||Solution|
|Flash - Authentication||69||40 Points||Medium||koma||0|
|HTTP Response Splitting||10||60 Points||Hard||Arod||0|
You can simply share the link to see your score in your profile
please add feature to share my score on social networks (fb,tw etc)
stor: it works for me. You have to be also connected with the same IP to the site to get access.
hardened binary ssh server (challenge03.root-me.org:2224) is down?
the CTF were down yes
That me or the CTF are down ?
The discussion goes on on the forum
i dont get it. i am using nslookup. but i cant to a zone transfer because of the security settings
find a tool to speak to a dns server
can someobe give me a hint fo network dns zone transfer challenge? i can connect to the dns server but ls -d ch11.... doesnt seem to work.
The App-Script Shell4 challenge has been changed. Those who already did it can do it again.
English forums for challenge are now open, and yes, challenge list are yet in same order as in french part.
Yeah, it looks like C&C-1 is a bit trickier than that. A good starting point are the related ressources.
You are welcome to post your challenge related questions on the forum so it can help out other people too.
Seriously don’t understand C&C level 1. I have literally tried every accepted foreign IP address that just talks to one computer on the network. Only problem is there are like none
The App-Script Shell5 challenge is down until tomorrow morning.
Hi.Im trying to root LAMP ctf6 and Im stuck here.Im in the machine but as an apache user..So I uploaded a local exploit, 8478.sh and run ./8478.sh 379 but the generated SUID file isnt owned by root,still apache..Where Im I going wrong?
section EN, main page, solutions: no challenge name!
The Root-Me.org team whishes a Merry Christmas to everyone !
New crypto challenge "Padding Oracle" released !
Go ! go !
test reload auto & close auto post edition
test chatbox en