NodeJS Hacking Challenge - writeup

Posted on Tue 26 January 2016 in posts • Tagged with ctf, nodejsLeave a comment

You can read the previous article on how to setup and access the NodeJS hacking challenge. I will now spoil the challenge, so if you want to try it yourself, stop reading now!

Scroll down for a TL;DR writeup.


1. getting an overview

index page

When we first access the page ...

Continue reading

NodeJS Hacking Challenge

Posted on Fri 22 January 2016 in posts • Tagged with ctf, nodejsLeave a comment

I really like to play CTFs (hacking games), because I always learn something new. But sometimes it's also fun to create a challenge yourself. A couple of days ago a nice NodeJS issue surfaced on my twitter feed and because I didn't have a lot of experience with ...

Continue reading

Creating a Hacking Game - Part 2: The System

Posted on Sun 09 August 2015 in posts • Tagged with ctf, grackerLeave a comment

For an introduction to my hacking game, checkout: Creating a Hacking Game - Part 1: Introduction

Creating this system was an interesting challenge - the main threat vector are root exploits. I'm not a sysadmin and my Linux knowledge is not very in-depth. But I'm still pretty confident in my ...

Continue reading

Creating a Hacking Game - Part 1: Introduction

Posted on Sat 08 August 2015 in posts • Tagged with ctf, grackerLeave a comment

This is a multi-part blog post about creating my own hacking game to teach other people the excitement of exploiting vulnerabilities. To try it out, just connect to ssh [email protected] with password level0. You only need a little bit of Linux command line knowledge. And get used to ...

Continue reading

Cyber Security Challenge Germany 2014

Posted on Sat 14 February 2015 in posts • Tagged with ctf, cscgLeave a comment

This is about my experience of the Cyber Security Challenge Germany 2014.

The Cyber Security Challange Germany is a Capture The Flag style competition for students which I participated in. It is mainly organised by the Internet Sicherheit Institut (ger.: Internet Security Institution) and Compass Security with support from many ...

Continue reading