n00bs CTF Labs – Infosec Institute

Description

CTF: n00bs CTF Labs by Infosec Institute
URL: http://ctf.infosecinstitute.com
Category: Web
Description:
We have a special feature for this edition. We just launched a Capture-The-Flag activity which you can access directly at ctf.infosecinstitute.com. This is for beginners and newcomers to security. There are 15 levels to test your skills. We’re offering bounties ($) at each level for those who will help others learn the concepts.

Note from Pacman’s Army: As mentioned by the organiser – Infosec Institute – this CTF is meant as a resource to share knowledge and tips rather than skills competition. Therefore, the write-ups will include n00bs tips.

 

Continue reading

Pwn Adventure 3 – How to install your server

Ghost in the Shellcode is an awesome CTF that contains different kinds of challenges: pwnable, crypto, web, etc. But it also has a unique category, they (kudos Rusty Wagner – Vector35) have developed Pwn Adventure 3, a MMORPG where participants have to reverse engineer the game logic and unlock items or characteristic (jump higher, run faster, etc) in order to finish “impossible” quests (7 in total).

While the team has kept an official server running – available by default when downloading the client, it is possible to run your own instance. Here are the reasons why you should use your own instance:

  • The server has limited resource so you might experience some lag if too many users are connected
  • You control you own instance with your own parameters
  • It’s always fun to build your own server
  • You won’t have problem with “already used” team/user name
  • You will be able to be part of the admin team in the game
  • You will reduce the load on the official server which would allow more people to enjoy the game (be altruistic)

If those reasons convinced you, let’s install that server!

Continue reading

Hack.lu 2014 – Dalton’s Corporate Security Safe for Business

Description

CTF: Hack.lu 2014
Title: Dalton’s Corporate Security Safe for Business
Author: freddy
Category: Web
Points: 200 (+50) Points
URL: https://wildwildweb.fluxfingers.net/challenges/18
Description:
The Dalton Brothers are tricking people into buying their “safe” locks. So they can rob them afterwards. The lock has some safety features, as it resets itself after a few seconds. It also requires a lot of valid inputs before it’s letting you open it. Please find out what their weakness is and report back.
link

Continue reading

Hack.lu 2014 – Wanted: Translator

Description

CTF: Hack.lu 2014
Title: Hidden in ρlaιn sιght
Author: qll & javex
Category: Misc
Points: 35 Points
URL: https://wildwildweb.fluxfingers.net/challenges/36
Description:
We are in desperate need of a translator who understands the languages of various Indian tribes. We already know how to speak to the Apache tribe via HTTP but we have some stuff missing. We offer 5$ per successfully translated language.

Continue reading

Hack.lu 2014 – Barmixing-Bot

Description

CTF: Hack.lu 2014
Title: Barmixing-Bot
Author: freddy
Category: Misc
Points: 200 (+80) Points
URL: https://wildwildweb.fluxfingers.net/challenges/20
Description:
There’s a fun and quirky IRC bot to play with. It responds to commands in private chat but also in #hacklu-saloon on freenode. We think it’s involved in a devious scheme that distracts people to get their money pickpocketed. So be careful!

Continue reading