App - Script

These challenges will help you to understand scripting vulnerabilities related to weak environment or configuration and development mistakes in some languages.

You will have credentials for each challenge. The goal is to leverage your privileges by exploiting some environment vulnerabilities (incorrect permissions on files, weak encryption, ...) and some development mistakes. This will allow you to get a password in order to validate your skills on the platform.

Prerequisite :
- Knowledges in UNIX shell environment and programming languages like Python and Perl.
- Knowledges in binary files manipulation tools.
- Knowledges in C language.

Challenges associated with this section 12 Challenges

Results Challenge's Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution
pas_valide ELF32 - System 1 15% 6886 5 Lu33Y 6
pas_valide sudo - weak configuration 10% 4205 5 notfound 1
pas_valide ELF32 - System 2 11% 4708 10 Lu33Y 8
pas_valide Perl - Command injection 4% 1802 15 Tosh 3
pas_valide Bash - cron 6% 2346 20 g0uZ 6
pas_valide Python - input() 7% 2833 20 g0uZ 8
pas_valide Python - pickle 3% 1168 25 koma 5
pas_valide Python - PyJail 1 2% 926 35 sambecks 1
pas_valide Python - PyJail 2 2% 521 40 zM 5
pas_valide Python - Pyjail 3 1% 357 50 Arod 1
pas_valide Javascript - Jail 1% 47 55 waxous 0
pas_valide Restricted shells 1% 107 70 Yorin 1

Challenge Results Challenge Results

Pseudo Challenge Lang date
Maksyms   Python - PyJail 1 en 26 February 2017 at 07:41
Dumbledouche   ELF32 - System 1 fr 26 February 2017 at 07:26
rubisom   sudo - faiblesse de configuration fr 26 February 2017 at 02:00
FoxNew   ELF32 - System 1 fr 26 February 2017 at 01:25
arn   Python - PyJail 1 fr 26 February 2017 at 00:45
homoyi   Restricted shells en 25 February 2017 at 23:25
dlxn   ELF32 - System 1 fr 25 February 2017 at 22:11
omarnvidia   Python - PyJail 1 fr 25 February 2017 at 21:07
lgyanf   Python - Pyjail 3 en 25 February 2017 at 21:03
omarnvidia   Perl - Command injection fr 25 February 2017 at 20:57