App - Script

These challenges will help you to understand scripting vulnerabilities related to weak environment or configuration and development mistakes in some languages.

You will have credentials for each challenge. The goal is to leverage your privileges by exploiting some environment vulnerabilities (incorrect permissions on files, weak encryption, ...) and some development mistakes. This will allow you to get a password in order to validate your skills on the platform.

Prerequisite :
Knowledges in UNIX shell environment and programming languages like Python and Perl.
Knowledges in binary files manipulation tools.
Knowledges in C language.

15 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	Bash - System 1	16% 16488	5		Lu33Y		10
	sudo - weak configuration	11% 11169	5		notfound		4
	Bash - System 2	10% 10477	10		Lu33Y		10
	Perl - Command injection	5% 5149	15		Tosh		6
	Bash - cron	6% 5309	20		g0uZ		7
	Python - input()	7% 6830	20		g0uZ		11
	Python - pickle	3% 2223	25		koma		6
	SSH Agent Hijacking	1% 221	30		mayfly		3
	Python - PyJail 1	3% 2913	35		sambecks		3
	Bash/Awk - netstat parsing	1% 158	40		sbrk		3
	Python - PyJail 2	2% 1534	40		zM		8
	Python - Jail - Exec	1% 651	50		Arod		2
	Javascript - Jail	1% 160	55		waxous		2
	Python - Jail - Garbage collector	1% 167	55		n0d		1
	Restricted shells	1% 914	70		Yorin		3

Challenge Results

Pseudo	Challenge	Lang	date
cuillere_a_soupe	Bash - System 1		11 December 2018 at 13:01
Johannes	Bash - System 1		11 December 2018 at 12:54
Jakob	Bash - System 2		11 December 2018 at 12:07
lecorsedegironde	Python - Jail - Exec		11 December 2018 at 11:59
Asterion	Python - input()		11 December 2018 at 11:52
darkkir	Perl - Command injection		11 December 2018 at 11:52
ValentinM	sudo - faiblesse de configuration		11 December 2018 at 11:13
darkkir	Bash - System 2		11 December 2018 at 11:08
ValentinM	Bash - System 2		11 December 2018 at 10:57
fhd	sudo - faiblesse de configuration		11 December 2018 at 10:46