SANS Christmas Challenge 2018

Posted on lun. 14 janvier 2019 in Write-up

sans_christmas_challenge_2018_logo.png

🎵 I'm dreaming of a pwned Christmaaaaas 🎵 As usual, here's my write-up for the 2018 SANS Christmas Challenge.

Continue reading

SANS Christmas Challenge 2017

Posted on mer. 10 janvier 2018 in Write-up

sans_christmas_challenge_2017_logo.png

'Tis the season to be pwning, falalalala lalalala. As usual, here's my write-up for the 2017 SANS Christmas Challenge.

Continue reading

SANS Christmas Challenge 2016

Posted on jeu. 05 janvier 2017 in Write-up

sans_christmas_challenge_2016_logo.png

This blog is beginning to look a lot like being exclusively about SANS Christmas Challenges write-ups. What can I say, they're so good! Anyway, let's roll for the 2016 edition of this marvelous Christmas Challenge.

Everything starts again with the Dosis children. As they're reminiscing on last year's Christmas, they …

Continue reading

SANS Christmas Challenge 2015

Posted on sam. 09 janvier 2016 in Write-up

sans_christmas_challenge_2015_logo.png

This year again, the SANS institute delights us with a wonderful Christmas Challenge.

We follow the Dosis family, after they purchase a Gnome in Your Home for their kids, Jessica and Joshua. These two kids, especially bright for their age, tinker with the gnome, to find that it has a …

Continue reading

SANS Christmas Challenge 2012

Posted on lun. 07 janvier 2013 in Write-up

sans_christmas_challenge_2012_logo.jpg

During December, SANS posted a Christmas challenge based on a Christmas story.

This year, Santa is sad because he feels that nobody believes in him anymore, so he decides to cancel Christmas. Mrs. Claus wants to cheer her husband up, in order not to let children down, but her reindeer …

Continue reading

Stripe CTF: Level #8

Posted on sam. 15 décembre 2012 in Write-up

level08-logo.jpg

You can find the code for this level here.

(sha256: d211aa240a0a59eb1f56d3c42a55080d0e27eea2c04bc4410bf608824c847c96)

This is it. The final level to the Stripe CTF. The goal here is to retrieve a 12-digit password, which is too long to brute force. Let's see how we can use the protocol to our advantage.

The infrastructure …

Continue reading

Stripe CTF: Level #7

Posted on dim. 09 décembre 2012 in Write-up

level07-logo.jpg

You can find the code for this level here.

(sha256: d497f25a620a2ad5e3850bf642cfc1df988e32b612d06f48fffa271912726e86)

This level is the most delicious of all: you can order waffles online, and the company will have them delivered to the location you specified. There are seven types of waffle: veritaffle, belgian, brussels, eggo, chicken (premium), dream (premium …

Continue reading

Stripe CTF: Level #6

Posted on dim. 28 octobre 2012 in Write-up

level06-logo.jpg

You can find the code for this level here.

(sha256: 0fed78164db1eced67ff8eeba0998c81901880b293667f63f74e2838e63d2bf3)

This level is a message board: you can share updates with your friends. The only thing is, you can't put messages with quotes and double quotes, in order to prevent SQL injection. You also can't change your password, but …

Continue reading

Stripe CTF: Level #5

Posted on sam. 27 octobre 2012 in Write-up

level05-logo.jpg

You can find the code for this level here.

(sha256: 82b066cca46fd24a16959ada973d6df0d7c693f7791a8b673add276f324a5885)

This level wants to solve a real problem: identification. We have too many online accounts and we have to remember usernames/passwords for everyone of them. It would be way simpler to be able to log into a new …

Continue reading

Stripe CTF: Level #4

Posted on sam. 27 octobre 2012 in Write-up

level04-logo.jpg

You can find the code for this level here.

(sha256: 07a8338f0ecf92537daedb60709cd8211a790a23f9c25a101e069614b32da2a8)

This level wants you to spread joy over the world. You have a certain amount of karma you can distribute to people. But to be sure that you only send karma to people you really trust to be good …

Continue reading