Capture-The-Flag Badge

This badge is a mashup of challenges created by PentesterLab for the previous Ruxcon and Nullcon CTF. Little details are given on how to solve them as part of the course

6

Exercises

219

Completed this badge

11

CPEs

CVE-2015-3224

This exercise is a challenge written for Nullcon CTF in 2015

Difficulty: EASY
  • Rails
  • Completed by 911 students
  • Takes Less than an hour on average

Werkzeug DEBUG

This challenge was written for Ruxcon CTF 2015 and cover the Debug mode of Werkzeug/Flask

Difficulty: EASY
  • Python
  • Completed by 885 students
  • Takes Less than an hour on average

Padding Oracle

This exercise covers an attack against CBC mode. This attack can be used to decrypt data and re-encrypt arbitrary data

Difficulty: MEDIUM
  • PHP
  • Completed by 564 students
  • Takes Between 1 and 2 hours on average

Luhn

This challenge was written for Ruxcon CTF 2015. It's an SQL injection with a twist

Difficulty: HARD
  • Python
  • Completed by 401 students
  • Takes Between 2 and 4 hours on average

Unickle

This challenge was written for Ruxcon CTF 2015. It's an SQL injection mixed with a remote code execution.

Difficulty: HARD
  • Python
  • Completed by 455 students
  • Takes Between 1 and 2 hours on average

ECDSA

This exercise covers the exploitation of a weakness in the usage of ECDSA

Difficulty: HARD
  • PHP/Apache/Mysql
  • Completed by 232 students
  • Takes Between 2 and 4 hours on average