Note: This challenge has not been solved during the ctf.
Use flagCheck to input the flag you get from the challenge to get the actual flag
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
Note: This challenge has not been solved during the ctf.
Use flagCheck to input the flag you get from the challenge to get the actual flag
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
Note: This challenge has not been solved during the ctf.
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
Note: This challenge has not been solved during the ctf.
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
Use flagCheck to input the md5sum of a malicious file you get from the challenge to get the actual flag
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
Use flagCheck to input the flag you get from the challenge to get the actual flag
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
we
are investigating an illegal online gambling site. To find any evidence
to support for illegal gambling, we must access the oracle database
with administrator privileges. The suspect says that he does not know
the administrator password, but we know for sure that he is lying.
The password is estimated to be longer than 8 characters. However, we
don't have enough time to apply a brute-force attack. In order to
request an arrest warrant, we must find the evidence of illegal gambling
before the YUT-Challenge is over.
By using social engineering, we were able to find various data about the
suspect. By analyzing the data, the suspect always include last four
digits('1024') of his phone number in his password. Hence, we may assume
that his phone number is included in the administrator password for the
database.
The given file is the dump file of sys.user$ table in oracle database.
(The data file of system tablespace is too big to upload.)
Find the password of 'SYSTEM' account.
Use flagCheck to input the flag you get from the challenge to get the actual flag
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
Use flagCheck to input the flag you get from the challenge to get the actual flag
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
We have been trying to read Bob's emails for 5 years.
We sniffed all his traffic and reversed his POP3 encrypted protocol.
He is using a good block cipher, CBC mode and unique initialization vectors for each command.
We easily found Alice password and decrypted her mails but we never found the server key or his passwords.
Until one day when Bob had very bad luck and we were able to decrypt all his mails.
Get bobpop.cap, discover what happened and read his mails.
Note: This challenge has not been solved during the ctf.
Author: Ministry of Science and ICT
Connect with SSH
Link your SSH key, then connect with: ssh hacker@pwn.college
30-Day Scoreboard:
This scoreboard reflects solves for challenges in this module after the module launched in this dojo.