breves News
challenges Challenges
solutions  Solutions
news Forum
offre Offers

Recently

1 week ago #

First set of Forensic challenges on Windows / Active Directory

The first set of Windows / Active Directory challenges is now available in the Forensic category !

Huge thanks to Podalirius for these challenges ! 🦋

1 month ago #

Registration and Planning CTF Root-Me

We announce the start of registration for this weekend’s CTF Root-Me!
You can register by following this link:
➡️ https://ctf10kd.root-me.org/register

Registration code : RootMe4TheWin

📢 Here’s also the schedule of conferences during the weekend on Twitch https://www.twitch.tv/rootme_org :

Vendredi 21/10

  • 19h - @voydstack - Writing shellcodes for dummies
  • 20h - @Arsouyes - The history of hacking part 1
  • 21h - @Amossys - Human resources recruitment in the CyberSecurity sector

Samedi 22/10

  • 14h - @Hugo VINCENT - Synacktiv - Finding java deserialization gadgets with CodeQL
  • 16h - @Elf - From kernel module to eBPF
  • 18h - @Elf - Fusée gelée

Dimanche 23/10

  • 14h - @Arsouyes - The history of hacking part 2
  • 18h - @BlackRaven - An introduction to RSA

The CTF will end Sunday at 8pm followed by the announcement of the winners and prizes. 🏆
En récompense :

  • Customized Root-Me Clothing
  • Goodies
  • Premium
  • Discount on premiums

Don’t forget to join the Discord to keep up with upcoming conference and CTF announcements

See you Friday at 7pm (UTC+2) for the beginning of the conferences and at 8pm for the launch of the CTF

1 month ago #

New series of challenges: Cracking

A new series of Cracking challenges is available!

Thanks to 0x0ff, exti0p, Algorab and erk3 for these challenges !  😎

1 month ago #

GreHack 10th edition in Grenoble

For the 10th consecutive year, the Grenoble hacking conference, GreHack22 is organized by the association Securimag!
After 2 years in online format, the GreHack conference returns in force with a new formula.

The program:

  • CONFERENCE : Friday 18 all day. Various topics around infosec: program announced soon.
  • WORKSHOP : Friday 18 afternoon. Various topics around infosec: program announced soon.
  • PARTY : Friday 18 night. THE social event to talk about security and drinking beers. 🍻
  • CTF : Saturday 19 all day. A 8-hour competition for beginner and experienced hackers.

Dates: November 18 & 19 2022.
Opening of the registration: October 15th.

More information on the website: https://grehack.fr
Follow us on Twitter for the latest news: https://twitter.com/grehackconf

They are waiting for you, and don’t forget: "new is still not always better" 😎

1 month ago #

Review of the challenges

As methodologies, tools and technologies evolve, we have decided to re-evaluate the point value of some of the platform’s challenges.
We believe that some of them may have been undervalued/overvalued at the time of their release, or that over time others have become easier to achieve.
Therefore, as of today, the following changes have been applied to all the challenges below. Please take into account the server cache if some of the changes do not appear.

App-Script:
° Bash - Quoted expression injection (UP) : 25 -> 30 points
° Bash - Race condition (UP) : 25 -> 35 points
° Bash - Restricted Shells (DOWN) : 70 -> 60 points

Realistic:
° Well-Known (UP) : 35 - > 45 points
° Root me, for real (UP) : 50 -> 70 points
° Django Unchained (DOWN) : 60 -> 50 points
° Red Pills (DOWN) : 80 -> 70 points

Web-Server:
° PHP - Unserialize overflow (UP) : 40 -> 55 points
° Node JS Protoype Pollution Bypass (UP) : 35 -> 45 points
° File Upload Polyglot (UP) : 40 -> 45 points

Steganography:
° WAV - Noise Analysis (DOWN) : 15 -> 10 points
° George and Alfred (DOWN) : 15 -> 10 points
° Base Jumper (UP) : 25 -> 35 points
° Hide & Seek (UP) : 25 -> 45 points
° Angecryption (UP) : 30 -> 35 points
° Crypt Art (DOWN) : 35 -> 25 points

Forensic:
° Rootkit coldcase (UP) : 45 -> 50 points
° Multi Devices (UP) : 40 -> 45 points

Network:
° RipV1 - No Authentication (UP) : 40 -> 55 points
° RF Key Fixed Code (DOWN) : 30 -> 20 points

Cracking:
° Powershell Deobfuscation (DOWN) : 40 -> 30 points
° Godot Mono (DOWN) : 25 -> 20 points
° Root My Droid (Change of category) : previously Forensic
° Insomni’Droid (Category change) : previously Forensic

We are listening to the Root-Me community and if you think that some challenges should still be re-evaluated, do not hesitate to inform by private message a member of the @QA team on Discord specifying the challenge as well as the reasons why you would like to see it re-evaluated 😄.

Sincerely,
The Root-Me team.

1 month ago #

Oteria Cyber Cup - First edition of the CTF

Registration launched for the first edition of the Oteria Cyber Cup. The CTF is organized by our sponsor Oteria Cyber School and will take place on December 17th from 10am to 5pm.

The event is open to all students from Bac+1 to Bac+4, in teams of 4 to 5 people
- 7 hours of challenges: Web Pentest, OSINT, Hardware, Reverse Engineering, Application vulnerabilities, Reconstitution of crushed documents,...
- Challenges designed by Franck Ebel, Julien Métayer, Jerome Hennecart and the Renault Digital teams
- 1750 € cash prize
- Interviews for a work placement with one of the event’s sponsors from September 23 for the team members of the Top10 teams
- Sponsors : Renault Digital, Advens, the DRSD

The challenges of this first edition will be centered around the theme of the Autonomous Car. Renault Digital teams will notably install a circuit of Robocars, mini autonomous cars, for the hardware challenge.
The challenges have been designed to be progressive and the first levels are accessible to all students with a background in computer science, networking, programming,... Only the best students can hope to get all the flags.
Whether you want to discover the Capture The Flag or to test yourself on the most complex flags, everyone will find something to do!
Places are limited to 20 teams - Registration open here: https://www.oteria-cyber-cup.fr/inscription

1 month ago #

New series of challenges: Realist

A new series of challenges from the Realist category is available!

Thanks to das, CanardMandarin, and Mizu for these challenges!  😎

2 months ago #

Migration of Ethereum challenges

Because of the end of life of the Ropsten testnet, the Ethereum programming challenges have been migrated to the Goerli testnet. This does not impact the difficulty of the challenges.
 https://blog.ethereum.org/2022/06/21/testnet-deprecation
 https://www.alchemy.com/the-merge

2 months ago #

CTF - 10K members Discord

The Discord Root-Me server has now more than 10K members! Thanks to you for joining us 🙏 😁
To celebrate this correctly, we are preparing a nice event 👀

Save the date: Friday 21 to Sunday 23 October
On the agenda: a CTF with the categories #pwn #reverse #web #crypto #forensic #programming and #OSINT 🔍
As well as several Twitch conferences and surprises planned for the winners : 🏆
 Goodies
 Premium discounts
 Premium access

You will soon be informed about the registration process and the schedule for the event!

2 months ago #

Qualification phases for the Red Team Competition /CSAW

This year, the Red Team Competition is co-organized by Grenoble INP-Esisar and Root-Me PRO.
The final event will take place alongside CSAW and is open to all high school students, whether you are a beginner or an insider in cybersecurity topics. 👨🎓

In order to be able to participate in the final event on Thursday, November 10 on the ESISAR campus, register for the qualifying phase which takes place online on a dedicated Root-Me PRO environment.
Link to register here. https://esisar.grenoble-inp.fr/fr/l-ecole/csaw-ouverture-des-inscriptions-pour-les-lyceens

Details on the participation rules here. https://www.csaw.io/red
This qualification phase lasts 1 month: from Thursday, September 15 to Saturday, October 15.
The objective is simple: to complete as many challenges as possible among the proposed selection!

Have fun and good root to all! ☠️