Capture-The-Flag Badge

317 Completed
6 Exercises

This badge is a mashup of challenges created by PentesterLab for the previous Ruxcon and Nullcon CTF. Little details are given on how to solve them as part of the course

Exercises

Medium
CVE-2015-3224
  • This exercise is a challenge written for Nullcon CTF in 2015
  • Completed by 1583 students
  • Takes < 1 Hr. on average
  • Rails
  • CWE-284

 

Medium
Werkzeug DEBUG
  • This challenge was written for Ruxcon CTF 2015 and cover the Debug mode of Werkzeug/Flask
  • Completed by 1570 students
  • Takes < 1 Hr. on average
  • Python

 

Medium
Padding Oracle
  • This exercise covers an attack against CBC mode. This attack can be used to decrypt data and re-encrypt arbitrary data
  • Completed by 816 students
  • Takes 1-2 Hrs. on average
  • PHP

 

Hard
Luhn
  • This challenge was written for Ruxcon CTF 2015. It's an SQL injection with a twist
  • Completed by 602 students
  • Takes 2-4 Hrs. on average
  • Python

 

Hard
Unickle
  • This challenge was written for Ruxcon CTF 2015. It's an SQL injection mixed with a remote code execution.
  • Completed by 654 students
  • Takes 1-2 Hrs. on average
  • Python

 

Hard
ECDSA
  • This exercise covers the exploitation of a weakness in the usage of ECDSA
  • Completed by 336 students
  • Takes 2-4 Hrs. on average
  • PHP/Apache/Mysql
  • Crypto