Архив метки: ctf

Pentest Cyprus 3.0

In October 8, there was a PentestCyprus 3.0, a CTF competition in Larnaca, where I participated and won it.
There were total 25 tasks in 6 categories: Web, Cryptography, Forensics, Reverse Engineering, PWN and Miscellaneous. First, I will tell about tasks I’ve managed to do in 3 hours of contest. If I will have free time, I will try to solve the rest and publish solutions to them.

All puzzles are still available online, you just have to register.
Читать далее Pentest Cyprus 3.0

Vulnerable Docker VM

In the information security world, there are so called CTF (Capture The Flag) challenges. This is mind sport, where you should hack or somehow extract the information from computer systems, in most cases connected with the internet or other network. Strangely, but I never participated in this kind of stuff. Several days ago the company named NotSoSecure posted the CTF challenge called Vulnerable Docker VM. Docker becomes widespread these days, so I decided to try out both Docker and that CTF thing. The quest itself was not competitive — there are no winners or losers, no time limit, so there was no pressure, what is good for beginners like me. VirtualBox image with some Docker infrastructure is provided for you. The goal is to gain control over host system and to find 3 flags. I managed to find only 2 flags and escape from Docker. Below you will find the solution, so if you want to try the challenge yourself, then stop here.
Читать далее Vulnerable Docker VM