Virtual environnement to attack can be reached at : ctf12.root-me.org
Time remaining : 02:17:02
Informations
- Virtual environnement chosen : root-me-spip
- Description : Attention : this CTF-ATD is linked to the challenge "Root Me, for real"
At the end of 2021, we were able to authenticate with administrative privileges on the Root-Me backoffice using, among other things, a 0day vulnerability in the SQL engine of SPIP 4.0.0.
The vulnerability has been corrected in version 4.0.1 of the software. This challenge is a simple SPIP site in vulnerable version. Find the bug in your turn, exploit it, and pass root to recover the flag ! Game duration : 240 min
- Validation flag is stored in the file /passwd
- Only registered players for this game can attack the virtual environnement.
- A tempo prevent game starting to early or too late.
- Game will start when one player has choosen his virtual environnement and declared himself as ready.
Player's list
- darkveiderg (choice : root-me-spip, ready)
World Map
35 Available rooms
| Room | Virtual environnement chosen | State | Attackers count |
| ctf01 | Well-Known |
 Time remaining : 03:18:39 |
1 mire |
| ctf02 | Well-Known |
Time remaining : 03:19:34 |
1 Rob |
| ctf03 | Docker - Sys-Admin’s Docker |
Time remaining : 03:22:03 |
1 Bachi |
| ctf04 | Windows - ZeroLogon |
Time remaining : 01:42:43 |
1 rHACK00n |
| ctf05 |
|
0 | |
| ctf06 |
|
0 | |
| ctf07 | LAMP security CTF5 |
Time remaining : 03:01:22 |
2 0xffff, b4n3 |
| ctf08 |
|
0 | |
| ctf09 | End Droid |
Time remaining : 03:51:09 |
1 Jamal |
| ctf10 |
|
0 | |
| ctf11 |
|
0 | |
| ctf12 | root-me-spip |
Time remaining : 02:17:02 |
1 darkveiderg |
| ctf13 | OpenClassrooms - DVWA |
Time remaining : 02:19:27 |
1 rob |
| ctf14 |
|
0 | |
| ctf15 | Apprenti-Scraper |
Time remaining : 00:00:23 |
2 val, raaphael273 |
| ctf16 |
|
0 | |
| ctf17 |
|
0 | |
| ctf18 | Windows - sAMAccountName spoofing |
Time remaining : 01:08:27 |
1 0xSpectra |
| ctf19 | Docker - Talk through me |
Time remaining : 00:46:13 |
1 Neriss |
| ctf20 |
|
0 | |
| ctf21 |
|
0 | |
| ctf22 |
|
0 | |
| ctf23 |
|
0 | |
| ctf24 |
|
0 | |
| ctf25 |
|
0 | |
| ctf26 | The Ether : EvilScience |
Time remaining : 02:06:54 |
1 Usurper |
| ctf27 |
|
0 | |
| ctf28 |
|
0 | |
| ctf29 |
|
0 | |
| ctf30 |
|
0 | |
| ctf31 |
|
0 | |
| ctf32 |
|
0 | |
| ctf33 |
|
0 | |
| ctf34 |
|
0 | |
| ctf35 |
|
0 |
CTF Results
| Pseudo | Virtual Environnement | Attackers count | Time start | Environnement compromised in |
| - | Hopital Bozobe | 0 | 3 March 2019 at 23:15 | - |
| - | Exploit KB Vulnerable Web App | 0 | 3 March 2019 at 21:47 | - |
| - | SamBox v1 | 1 | 3 March 2019 at 21:38 | - |
| - | Metasploitable | 2 | 3 March 2019 at 21:32 | - |
| ∇ | SSH Agent Hijacking | 1 | 3 March 2019 at 21:30 | 0h33 |