root-me-spip

Data

Validaciones

103 Compromissions 9%

Nota  Notación

9 votos

Descripción

Attention : this CTF-ATD is linked to the challenge "Root Me, for real"

At the end of 2021, we were able to authenticate with administrative privileges on the Root-Me backoffice using, among other things, a 0day vulnerability in the SQL engine of SPIP 4.0.0.

The vulnerability has been corrected in version 4.0.1 of the software. This challenge is a simple SPIP site in vulnerable version. Find the bug in your turn, exploit it, and pass root to recover the flag !

Tiempo de compromiso

4 horas

Sistema operativo

 linux

iniciar este entorno virtual

 177 Entorno virtuales

Resultados Nombre Validaciones Dificuldad  Dificuldad Autor o autora Nota  Notación
pas_valide Metasploitable 2 40% 8659
pas_valide Basic pentesting 1 32% 4755
pas_valide LAMP security CTF5 25% 3894
pas_valide Docker - I am groot 51% 3133 Ech0
pas_valide LAMP security CTF4 35% 2725
pas_valide SSH Agent Hijacking 26% 2392 mayfly
pas_valide SSRF Box 18% 1815 sambecks
pas_valide Metasploitable 12% 1733
pas_valide Mr. Robot 1 21% 1646
pas_valide End Droid 35% 1341
pas_valide Imagick 22% 1052 sambecks
pas_valide SamBox v2 13% 990 sambecks
pas_valide Docker - Sys-Admin’s Docker 40% 976 Ech0
pas_valide Kioptrix level 2 24% 972
pas_valide LAMP security CTF7 39% 891
pas_valide VulnVoIP 17% 861
pas_valide SamBox v1 7% 727 sambecks
pas_valide Docker - Talk through me 42% 662 Ech0
pas_valide Django unchained 23% 633 TiWim
pas_valide Well-Known 10% 627 sm0k
pas_valide Windows - Group Policy Preferences Passwords 25% 611
pas_valide LAMP security CTF6 18% 606
pas_valide Kioptrix level 3 32% 575
pas_valide Shared Objects Hijacking 13% 567 das
pas_valide BreakingRootme2020 15% 521 Laluka
pas_valide Windows XP pro 01 5% 498 g0uZ
pas_valide Awky 8% 497 sbrk
pas_valide Windows - KerbeRoast 18% 479
pas_valide Rootkit Cold Case 16% 468 franb
pas_valide Kioptrix level 4 34% 462
pas_valide Websocket - 0 protection 6% 455 Worty
pas_valide Windows - ASRepRoast 35% 439
pas_valide Bluebox - Microsoft Pentest 4% 420
pas_valide pWnOS 32% 402
pas_valide Hackademic RTB1 19% 364
pas_valide DC-1 15% 348
pas_valide SamBox v3 5% 334 sambecks
pas_valide Bluebox 2 - Pentest 3% 311 sambecks
pas_valide Exploit KB Vulnerable Web App 12% 306
pas_valide SAP Pentest 7% 293 iggy
pas_valide Holynix v1 24% 292
pas_valide LAMP security CTF8 14% 291
pas_valide /dev/random : Pipe 5% 236
pas_valide A bittersweet shellfony 12% 234 mayfly
pas_valide LordoftheRoot 25% 232
pas_valide Hopital Bozobe 8% 230 sambecks
pas_valide Acid: Server 12% 219
pas_valide FristiLeaks 1.3 28% 216
pas_valide SkyTower 24% 214
pas_valide Ubuntu 8.04 weak 5% 206 g0uZ