App - Script

These challenges will help you to understand scripting vulnerabilities related to weak environment or configuration and development mistakes in some languages.

You will have credentials for each challenge. The goal is to leverage your privileges by exploiting some environment vulnerabilities (incorrect permissions on files, weak encryption, ...) and some development mistakes. This will allow you to get a password in order to validate your skills on the platform.

Prerequisite :
Knowledges in UNIX shell environment and programming languages like Python and Perl.
Knowledges in binary files manipulation tools.
Knowledges in C language.

15 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	Bash - System 1	15% 18098	5		Lu33Y		10
	sudo - weak configuration	11% 12181	5		notfound		4
	Bash - System 2	10% 11341	10		Lu33Y		10
	Perl - Command injection	5% 5664	15		Tosh		7
	Bash - cron	5% 5729	20		g0uZ		7
	Python - input()	7% 7437	20		g0uZ		11
	Python - pickle	2% 2406	25		koma		6
	SSH Agent Hijacking	1% 452	30		mayfly		4
	Python - PyJail 1	3% 3146	35		sambecks		3
	Bash/Awk - netstat parsing	1% 177	40		sbrk		3
	Python - PyJail 2	2% 1662	40		zM		9
	Python - Jail - Exec	1% 693	50		Arod		2
	Javascript - Jail	1% 167	55		waxous		2
	Python - Jail - Garbage collector	1% 185	55		n0d		1
	Restricted shells	1% 1009	70		Yorin		3

Challenge Results

Pseudo	Challenge	Lang	date
Al3x	Python - input()		22 February 2019 at 11:31
Al3x	Bash - cron		22 February 2019 at 11:16
Candyb	Bash - System 2		22 February 2019 at 11:11
Al3x	Perl - Command injection		22 February 2019 at 11:09
Al3x	Bash - System 2		22 February 2019 at 11:02
thabet	Bash - System 2		22 February 2019 at 10:59
r00t4rd	Bash - System 2		22 February 2019 at 10:59
berzerking	Bash - System 1		22 February 2019 at 10:56
r00t4rd	Bash - System 1		22 February 2019 at 10:37
Bakunine	Python - PyJail 1		22 February 2019 at 10:18