App - Script

These challenges will help you to understand scripting vulnerabilities related to weak environment or configuration and development mistakes in some languages.

You will have credentials for each challenge. The goal is to leverage your privileges by exploiting some environment vulnerabilities (incorrect permissions on files, weak encryption, ...) and some development mistakes. This will allow you to get a password in order to validate your skills on the platform.

Prerequisite :
- Knowledges in UNIX shell environment and programming languages like Python and Perl.
- Knowledges in binary files manipulation tools.
- Knowledges in C language.

Challenge Results Challenge Results

Pseudo Challenge Lang date
Blackknigth41   SSH Agent Hijacking fr 15 October 2018 at 13:10
slash   Python - PyJail 1 fr 15 October 2018 at 12:46
R7T4K_ZER0   sudo - faiblesse de configuration fr 15 October 2018 at 11:11
matthew   Python - input() en 15 October 2018 at 10:39
matthew   Bash - cron en 15 October 2018 at 10:31
lyheric   Python - input() en 15 October 2018 at 10:22
matthew   Perl - Command injection en 15 October 2018 at 10:12
matthew   Bash - System 2 en 15 October 2018 at 09:44
N1lux   SSH Agent Hijacking fr 15 October 2018 at 08:34
supertoto   Perl - Command injection fr 15 October 2018 at 03:12