BBS


Hacker History.

Bulletin Board System (BBS)

In the 90s, Bulletin Board Systems (BBS) played a monumental role in connecting the hacking community. In these challenges, you will experience what it was like to be a hacker in the 90s:

These challenges include both internal and external BBSes. Make sure to read the descriptions of each challenge.


Challenges

External BBS (login)

In this challenge, you will be logging on to a REAL BBS that has been running since the 90s! You will be connecting to 20 For Beers BBS! We recommend that you use SyncTerm terminal which supports rich ANSII and color use.

Once online, go to the DOOM mEETUP menu (selected with +). What is the password to get into the DOOM server?

Once you get the password, run

/challenge/checker.py

Which will give you the real flag when you provide the password from the external BBS.

External BBS (messaging)

In this challenge, you will be logging on to a REAL BBS that has been running since the 90s! You will be connecting to The 13th Leader BBS! Note this is a different BBS from the first challange.

We recommend that you use SyncTerm terminal which supports rich ANSII and color use. If you'd rather not, you can also just use nc in boring mode:

nc 13leader.net 8023

Once online, go to public message board and find a message from mahaloz. The flag format is hack{.+}, which you will submit to a program in the challenge which will give you your real local flag.

Once you get the flag, run

/challenge/checker.py

Which will give you the real flag when you provide the flag from the external BBS.

Internal BBS

Since BBS's often only allowed one line to be connected at a time, often admins had to limit users' daily use time. In this challenge, you will be interacting with a locally run BBS that has a very short visit time (15s). In real life, people made programs to download all data on the BBS, so only new data had to be read in real time.

Some users have left a flag lying around in the message boards, get it before we disconnect you.

The BBS server is running on localhost:1337 when you start the challenge. You can find the server code at /challenge/bbs_server.py.

Scripting Help

If you are new to scripting with Python, here is a script to get you started:

from pwn import *

bbs = remote("localhost", 1337)

# recieve until some specified string
data = bbs.recvuntil("Enter your choice: ")
print("data", data)

# select something in the menu
bbs.sendline("1") 
data = bbs.recvuntil("=== Main Menu ===")
print(data)

You should mostly be able to solve it with the APIs shown in the script. If you need more help see pwntools


30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank Hacker Badges Score