Writeup du challenge réaliste Escalate Me proposé par la plateforme RootMe à l'European Cyber Cup 2022 à Lille.
linuxprivilege-escalationwriteup
June 10, 2022
HeroCTF 2021 - Rooting servers, for fun and CTF points
This writeup describes how I became root on the server hosting the HeroCTF v3 kernel challenges, by exploiting a vulnerable challenge.
linuxprivilege-escalationwebwriteup
May 6, 2021
FCSC 2021 - Intro - bofbof
This challenge will cover a basic stack buffer overflow on the bofbof challenge of the France CyberSecurity Challenge (FCSC) 2021
pwnwriteup
May 3, 2021
FCSC 2021 - Intro - Bonus Points
In this challenge you will discover and exploit the unsigned integer overflow vulnerability, to set an arbitrary score in this service.
pwnwriteup
May 3, 2021
FCSC 2021 - Intro - Known Plaintext
In this challenge, you will perform an analysis of this XOR cryptosystem to decipher the flag
cryptographywriteup
May 3, 2021
FCSC 2021 - Intro - Dérèglement
This forensics challenge addresses the DOCX file format, in which a flag is hidden in plaintext.
forensicwriteup
May 3, 2021
FCSC 2021 - Intro - guessy
In this challenge you will learn how to reverse a basic crackme with several basic validation steps.
reversewriteup
May 3, 2021
FCSC 2021 - Intro - La PIN
This challenge focuses on a weak python script using AES GCM for encrypting the flag.
cryptographywriteup
May 3, 2021
FCSC 2021 - Intro - Push it to the limit
This web application is vulnerable to an SQL injection in the login page. We will exploit it to bypass the authentication page and extract the administrator password.
sql-injectionswriteup
May 3, 2021
FCSC 2021 - Intro - Random Search
This web application allow us to perform a Stored Cross Site Scripting (XSS) attack. We will use it to retrieve cookies from the administrator and get the flag.
webwriteup
May 3, 2021
FCSC 2021 - Intro - Rituel du Boutisme
In this forensics challenge we need to find a flag in a disk image. We will need to change the endianness to read the flag with strings.
forensicwriteup
May 3, 2021
FCSC 2021 - Intro - Rituel en Chaine
In this forensics challenge, we need to find a flag in a disk image. To do this, we'll use the powerful strings command.
forensicwriteup
May 3, 2021
FCSC 2021 - Intro - Snake
This challenge gives us access to a python interpreter and asks us to read the flag.txt. We will read the file, and for fun, open a shell afterwards.
pyjailwriteup
May 3, 2021
FCSC 2021 - Intro - Waterfall
A flag was hidden in the spectrogram of this signal. We will open the IQ file and display it as a waterfall to get it !
radio-frequencieswriteup
May 3, 2021
DVID Writeup 06 - Bluetooth - Characteristics 2
This challenge focuses on Bluetooth Low Energy characteristics for IoT devices.
hardwareradio-frequencieswriteup
January 25, 2021
DVID Writeup 05 - Bluetooth - Characteristics
This challenge focuses on Bluetooth Low Energy characteristics for IoT devices.
hardwareradio-frequencieswriteup
January 25, 2021
DVID Writeup 04 - Bluetooth - Advertising
This challenge focuses on the advertising phase of Bluetooth Low Energy for IoT devices.
hardwareradio-frequencieswriteup
January 25, 2021
DVID Writeup 03 - Firmware - Default password
In this challenge, you will learn about the dangers of default passwords in IoT devices
hardwarewriteup
January 25, 2021
DVID Writeup 02 - Firmware - Hardcoded password
In this challenge, we will focus on an extremely common vulnerability, default hardcoded passwords
hardwarewriteup
January 25, 2021
DVID Writeup 01 - Hardware - Find the Datasheet
In this challenge, you will learn how to burn a firmware and interact with the Damn Vulnerable Iot Device (DVID)
hardwarewriteup
January 25, 2021
Damn Vulnerable IoT Device (DVID) writeup series
The Damn Vulnerable IoT Device (DVID) project is aiming to provide a device to experiment with common attacks on the Internet of Things (IoT)
