kikko
16
Place19515
Points448
Challenges165
Compromissions
79%
App - Script
705 Points26 / 33
- o Bash - System 1
- o sudo - faiblesse de configuration
- o Bash - System 2
- o LaTeX - Input
- o Powershell - Command injection
- x AppArmor - Jail Introduction
- o Bash - unquoted expression injection
- o Docker - I am groot
- o Perl - Command injection
- o Powershell - SecureString
- o Bash - cron
- o LaTeX - Execution de commandes
- o Python - input()
- x R : exécution de code
- o Powershell - Basic jail
- o Python - pickle
- o Bash - quoted expression injection
- x Docker - Sys-Admin’s Docker
- o Shared Objects hijacking
- o SSH - Agent Hijacking
- x AppArmor - Jail Medium
- o Bash - race condition
- x Docker - Talk through me
- o Python - format string
- o Python - PyJail 1
- o PHP - Jail
- o Python - PyJail 2
- o Python - Jail - Exec
- o Javascript - Jail
- o Python - Jail - Garbage collector
- o Bash - Shells restreints
- x Python - Eval Is Evil
- x Deep learning - Modèle malveillant
89%
App - Système
6305 Points83 / 93
- o ELF x86 - Stack buffer overflow basic 1
- x ELF x64 - Basic heap overflow
- o ELF x86 - Stack buffer overflow basic 2
- o PE32 - Stack buffer overflow basic
- o ELF x86 - Format string bug basic 1
- o ELF x64 - Stack buffer overflow - basic
- o ELF x86 - Format string bug basic 2
- o ELF x86 - Race condition
- o ELF ARM - Stack buffer overflow - basic
- o ELF MIPS - Stack buffer overflow - No NX
- o ELF x64 - Double free
- o ELF x86 - Stack buffer overflow basic 3
- o ELF x86 - Use After Free - basic
- o ELF ARM - Stack Spraying
- o ELF x64 - Stack buffer overflow - PIE
- o ELF x86 - BSS buffer overflow
- o ELF x86 - Stack buffer overflow basic 4
- o ELF x86 - Stack buffer overflow basic 6
- o ELF x86 - Format String Bug Basic 3
- o PE32 - Stack buffer overflow avancé
- o ELF ARM - Basic ROP
- o ELF MIPS - Basic ROP
- x ELF RISC-V - Intro - let’s do the ROP
- x ELF x64 - Stack buffer overflow - Stack pivot
- o ELF x86 - Stack buffer overflow - C++ vtables
- o PE32+ Format string bug
- o ELF x64 - Logic bug
- o ELF x86 - Bug Hunting - Plusieurs problèmes
- o ELF x86 - Stack buffer and integer overflow
- o ELF x86 - Stack buffer overflow - ret2dl_resolve
- o ELF x86 - Stack buffer overflow basic 5
- o ELF x64 - Stack buffer overflow - avancé
- o ELF MIPS - Format String Glitch
- o ELF x64 - Heap Filling
- o ELF x86 - Information leakage with Stack Smashing Protector
- o ELF x64 - File Structure Hacking
- o ELF ARM - Race condition
- o ELF x64 - Browser exploit - Intro
- x ELF x64 - Buggy VM
- o ELF x64 - Heap Safe-Linking Bypass
- o ELF x64 - ret2dl_init
- o ELF x86 - Out of bounds attack - French Paradox
- o ELF x86 - Remote BSS buffer overflow
- o ELF x86 - Remote Format String bug
- o PE32+ Basic ROP
- o ELF x64 - Remote heap buffer overflow - tcache
- o ELF x86 - Blind remote format string bug
- o LinKern ARM - syscall vulnérable
- o LinKern x86 - Buffer overflow basic 1
- o ELF x64 - Sigreturn Oriented Programming
- o LinKern x86 - Null pointer dereference
- x ELF x64 - Syscall chaining
- o LinKern x64 - Race condition
- o ELF ARM - Shellcode alphanumérique
- o ELF MIPS - URLEncoded Format String bug
- x ELF x64 - Blind SROP
- x ELF x64 - Heap Hop
- o ELF x86 - Hardened binary 1
- o ELF x86 - Hardened binary 2
- o ELF x86 - Hardened binary 3
- o ELF x86 - Hardened binary 4
- o LinKern MIPSel - Vulnerable ioctl
- o LinKern x64 - code réentrant
- o ELF ARM - Heap format string bug
- o ELF ARM - Format String bug
- o ELF ARM - Use After Free
- o ELF x64 - FILE structure hijacking
- o ELF x64 - Heap feng-shui
- o ELF x64 - Off-by-one bug
- o ELF x86 - Hardened binary 5
- o LinKern ARM - Stack Overflow
- o LinKern x86 - basic ROP
- o ELF ARM - Heap Off-by-One
- x ELF x64 - Advanced blind format string exploitation
- o ELF x64 - Remote Heap buffer overflow 1
- o ELF x86 - Hardened binary 6
- o ELF x86 - Hardened binary 7
- o ELF x86 - Remote stack buffer overflow - Hardened
- o LinKern x64 - RowHammer
- o LinKern x64 - SLUB off-by-one
- o ELF ARM - Heap buffer overflow - Wilderness
- o ELF ARM - Heap Overflow
- x ELF ARM64 - Heap Underflow
- o ELF x64 - Seccomp Whitelist
- o ELF x86 - Blind ROP
- o LinKern x64 - Memory exploration
- o WinKern x64 - Stack buffer overflow avancé - ROP
- o WinKern x64 - Use After Free
- o ELF x64 - Remote Heap buffer overflow 2
- o ELF x64 - Advanced Heap Exploitation - Heap Leakless & Fortified
- o ELF x64 - Blind ROP
- o ELF x64 - Browser exploit - BitString
- x ELF ARM64 - Multithreading
73%
Cracking
1865 Points48 / 66
- o ELF x86 - 0 protection
- o ELF x86 - Basique
- o PE x86 - 0 protection
- o ELF C++ - 0 protection
- x Godot - 0 protection
- o PE DotNet - 0 protection
- x APK - Introduction
- o ELF MIPS - Basic Crackme
- o ELF x64 - Golang basique
- o ELF x86 - Fake Instructions
- o ELF x86 - Ptrace
- x Godot - Bytecode
- o WASM - Introduction
- x APK - Flutter Debug
- o ELF ARM - Basic Crackme
- o ELF x64 - Basic KeygenMe
- x Gestion de sauvegarde sous Unity3D
- x Godot - Mono
- o PE DotNet - Basic Anti-Debug
- o PE DotNet - Basic Crackme
- o PYC - ByteCode
- o ELF x86 - Pas de points d’arrêt logiciels
- o Lua - Bytecode
- o MachO x64 - keygenme or not
- o ELF ARM - crackme 1337
- o ELF x86 - CrackPass
- o ELF x86 - ExploitMe
- o ELF x86 - Random Crackme
- o GB - Basic GameBoy crackme
- o PDF - Javascript
- o PE x86 - Xor Madness
- o Powershell DeObfuscation
- o ELF ARM - Crypted
- o ELF x64 - Automatisation du crackme
- x Godot - Modèle 3D
- x NRO ARM - Switch homebrew
- o PE x86 - SEHVEH
- o APK - Anti-debug
- o APK - Insomni’Droid
- x ELF x64 - Rust backdoor
- x ELF x64 - Rust Crackme
- x PE x64 - UEFI Secure Boot
- o APK - Root My Droid
- o ELF x64 - Nanomites - Introduction
- o ELF x86 - Anti-debug
- o PE DotNet - KeygenMe
- x PE x64 - Bazar dans les tables
- o PE x86 - AutoPE
- x PYC - Self Modifying (Byte)Code
- x PYC - Snakeygen
- o ELF x86 - KeygenMe
- x HackerMan
- x Unity - Mono - Basic Game Hacking
- o WASM - Trouvez le PNJ
- o Bash - VM
- o ELF x64 - KeyGenMe
- o ELF x64 - Anti-debug et equations
- x Unity - IL2CPP - Basic Game Hacking
- o ELF x64 - Nanomites
- o ELF x86 - Packed
- o PE x86 - RunPE
- o ELF x86 - VM
- o ELF x64 - Hidden Control Flow
- o Ringgit
- x Voracious Nanomites
- o White-Box Cryptography #2
81%
Cryptanalyse
1850 Points57 / 70
- o Encodage - ASCII
- o Encodage - UU
- o Hash - DCC
- o Hash - DCC2
- o Hash - LM
- o Hash - Message Digest 5
- o Hash - NT
- o Hash - SHA-2
- o Chiffrement par décalage
- o CISCO - Salted Password
- o Décomposition pixelisée
- o ELF64 - Chiffrement avec le PID
- o Fichier - PKZIP
- o Substitution monoalphabétique - César
- x Circular Bit Shift
- o Clair connu - XOR
- o Code - Pseudo Random Number Generator
- x Encodage - Codebook
- x Fichier - PKZIP 2
- o File - Insecure storage 1
- o Substitution polyalphabétique - Vigenère
- o Système - Android lock pattern
- o Transposition - Rail Fence
- o AES - CBC - Bit-Flipping Attack
- o AES - ECB
- x AES - ECB - Copy Paste
- o LFSR - Clair connu
- o RSA - Factorisation
- o RSA - Oracle de déchiffrement
- o Service - Timing attack
- o Substitution monoalphabétique - Polybe
- o Twisted secret
- o Vecteur d’initialisation
- x Chiffre de Hill
- o GEDEFU
- o OTP - Erreur d’implémentation
- o RSA - Clé privée corrompue 1
- o RSA - Fractions continues
- o RSA - Modules communs
- o Service - Hash length extension attack
- x Shamir Secret Sharing - Introduction
- o AES - 4 tours
- o ECDSA - Introduction
- o RSA - Padding
- o RSA - Signature
- x Shamir Secret Sharing - Traitor
- o AES128 - CTR
- o PHP - mt_rand
- o Problème du logarithme discret
- o RSA - Clé privée corrompue 2
- o RSA - Clé privée corrompue 3
- o RSA - Multiples destinataires
- o AES - Attaque par fautes #1
- x FEAL - Cryptanalyse différentielle
- o Machine Enigma
- x Side Channel - AES : CPA
- o ECDHE
- x RSA - H-rabin
- o RSA - Lee cooper
- o Service - CBC Padding
- x Side Channel - AES : premier round
- o Substitution polyalphabétique - Masque jetable
- o White-Box Cryptography
- o AES - Variante affaiblie
- x Shamir Secret Sharing - Reduction
- o Hash - SHA-3
- o AES - Attaque par fautes #2
- x Shamir Secret Sharing - Irreductible ?
- o AES-PMAC
- o ECDSA - Erreur d’implémentation