App - Script

These challenges will help you to understand scripting vulnerabilities related to weak environment or configuration and development mistakes in some languages.

You will have credentials for each challenge. The goal is to leverage your privileges by exploiting some environment vulnerabilities (incorrect permissions on files, weak encryption, ...) and some development mistakes. This will allow you to get a password in order to validate your skills on the platform.

Prerequisite :
Knowledges in UNIX shell environment and programming languages like Python and Perl.
Knowledges in binary files manipulation tools.
Knowledges in C language.

14 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	Bash - System 1	16% 12814	5		Lu33Y		10
	sudo - weak configuration	11% 8530	5		notfound		4
	Bash - System 2	10% 8212	10		Lu33Y		10
	Perl - Command injection	5% 3868	15		Tosh		4
	Bash - cron	6% 4242	20		g0uZ		7
	Python - input()	7% 5268	20		g0uZ		10
	Python - pickle	3% 1952	25		koma		6
	Python - PyJail 1	3% 2252	35		sambecks		3
	Bash/Awk - netstat parsing	1% 96	40		sbrk		2
	Python - PyJail 2	2% 1134	40		zM		8
	Python - Jail - Exec	1% 549	50		Arod		1
	Javascript - Jail	1% 123	55		waxous		2
	Python - Jail - Garbage collector	1% 116	55		n0d		0
	Restricted shells	1% 644	70		Yorin		1

Challenge Results

Pseudo	Challenge	Lang	date
majed	Bash - System 1		20 April 2018 at 16:22
fractalis	Python - input()		20 April 2018 at 15:14
VinDuv	Python - pickle		20 April 2018 at 14:59
sp4mm3n0t	Bash - System 1		20 April 2018 at 14:56
L0n3w0lf	Python - PyJail 2		20 April 2018 at 14:55
VinDuv	Python - input()		20 April 2018 at 14:24
VinDuv	Bash - cron		20 April 2018 at 14:21
VinDuv	sudo - faiblesse de configuration		20 April 2018 at 14:06
Tazadar	Python - input()		20 April 2018 at 13:03
BIBI	Python - PyJail 2		20 April 2018 at 12:36