http://wiki.zenk-security.com/ 2026-05-04T01:29:31+02:00 http://wiki.zenk-security.com/ http://wiki.zenk-security.com/lib/tpl/dokuwiki/images/favicon.ico text/html 2015-04-05T16:55:03+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:bpythonastic&rev=1428245703&do=diff Bpythonastic (Forensic300) lien pour télécharger l'archive : <http://repo.zenk-security.com/ctfs/ndh2k15/Bpythonastic.tar.gz> Après avoir extrait l'archive, on se retrouve face à un fichier “chall.raw”. On comprend rapidement que ce fichier est un dump mémoire d'une machine tournant sur linux. En effet, “dump.raw” contient plein de fichiers de différentes sortes et un coup de string nous donne la version exacte de la distribution linux utilisée : text/html 2015-04-05T17:01:22+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:clark_kent&rev=1428246082&do=diff Clark Kent (Reverse150) lien pour télécharger l'archive : <http://repo.zenk-security.com/ctfs/ndh2k15/clark.tar.gz> Après extraction de l'archive de l'épreuve, on a un fichier texte “Clark.txt” contenant une citation de Clark Ken et un binaire linux 32-bit. text/html 2015-04-05T15:30:05+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:cooper&rev=1428240605&do=diff Enoncé : "I am not crazy, my mother had me tested." (Sheldon) What did Sheldon ... huh sorry, Dr. Cooper really mean? Score 300 Link http://static.challs.nuitduhack.com/Cooper.tar.gz L'archive contient un exécutable PE 32 bits s'appellant “Cooper.exe”. text/html 2015-04-06T02:01:59+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:crackme_prime&rev=1428278519&do=diff Enoncé : "I am Optimus Prime, and I send this message to any surviving Autobots taking refuge among the stars. We are here, we are waiting." Keygen me, I'm the Prime. Validate your serial here : http://crackmeprime.challs.nuitduhack.com/ Score 150 Link http://static.challs.nuitduhack.com/prime.tar.gz On récupère davantage d'informations sur le fichier du challenge : text/html 2015-04-06T14:16:01+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:facebox&rev=1428322561&do=diff Web 100 points <http://quals.nuitduhack.com/challenges/view/10> <http://prod.facebox.challs.nuitduhack.com/> Énoncé “A shady company decided to write their own software for storing files in the cloud. No no no, this is OUR filebox. We decline any responsability in the usage of our filebox. In any event your files get lost, trashed, stolen or spy on : it's your fault, not ours.” You are investigating on the security of their cloud storage as it might have disastrous consequences i… text/html 2017-04-09T15:33:57+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:facesec&rev=1491744837&do=diff Web 100 points <http://quals.nuitduhack.com/challenges/view/11> <http://facesec.challs.nuitduhack.com/> Énoncé “Hello there, We are looking for a developer or security consultant to secure our filebox system. We stumbled upon your LinkedIn profile and it seems like you would be a perfect candidate for this job. Could you please send us your CV and Motivation letter? text/html 2015-04-05T14:46:16+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:game_of_life&rev=1428237976&do=diff Enoncé : "We're born alone, we live alone, we die alone. Only through our love and friendship can we create the illusion for the moment that we're not alone." (Orson Orwell) Cells cells cells, the basis of life. Don't let them die and tell us their secret. Score 150 Link http://static.challs.nuitduhack.com/GOL.tar.gz L'archive contient un cipher.txt illisible, et un script Python suivant : text/html 2015-04-05T18:32:07+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:mass_surveillance_software&rev=1428251527&do=diff Mass Surveillance Software lien pour télécharger l'archive : <http://repo.zenk-security.com/ctfs/ndh2k15/mass.tar.gz> Unpack Le binaire était packé avec un upx modifié, il suffisait donc de voir le pushad à 0x004460A0, de chercher le popad qui est à 0x00446235 et le tail jump pas très loin (à 0x00446243) qui pointe vers l'OEP : 0x004015A7 text/html 2017-04-09T15:33:57+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:private&rev=1491744837&do=diff Forensic 100 points <http://quals.nuitduhack.com/challenges/view/19> Énoncé “The quiet you are, the more you are able to ear” Link: <http://static.challs.nuitduhack.com/Private.tar.gz> Challenge On a affaire un fichier pcapng : text/html 2017-04-09T15:33:57+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:raptor&rev=1491744837&do=diff Misc 400 points <http://quals.nuitduhack.com/challenges/view/12> Énoncé Aucun énoncé, aucune précision ; seul un lien est présent : raptor.challs.nuitduhack.com:4142 Challenge Connectons-nous : [plo@hyperion Misc]$ nc raptor.challs.nuitduhack.com 4142 ~ » Welcome to the Raptor/1.0 Information Exchange Server ~ » You are anonymous - Read only access ! Available commands : +----------+-----------------+-------------------------------+-----------------------------… text/html 2015-04-05T14:51:43+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:secureauth&rev=1428238303&do=diff Enoncé : "There is a building. Inside this building there is a level where no elevator can go, and no stair can reach. This level is filled with doors. These doors lead to many places. Hidden places. But one door is special. One door leads to the source." (The Keymaker) Find the key. Open the door. Static client @ http://static.challs.nuitduhack.com/SecureAuthClient.tar.gz Score 350 Link secureauth.challs.nuitduhack.com:4241 L'archive contient le script Python suivant : text/html 2015-04-05T17:02:52+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:superman&rev=1428246172&do=diff Superman (Reverse500) lien pour télécharger l'archive : <http://repo.zenk-security.com/ctfs/ndh2k15/superman.tar.gz> Cette épreuve est construite de la même façon que Clark Kent, on a aussi le header elf à corriger, un ptrace, un calcul de checksum sur le code et une vérification si on est root ou pas. text/html 2015-04-07T13:00:42+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:updator&rev=1428404442&do=diff Exploit 200 points <http://quals.nuitduhack.com/challenges/view/9> <http://updator.challs.nuitduhack.com/> Énoncé Unhackable : “Not hackable; that cannot be hacked or broken into.” We manage updates and thus have fixes, this is not a PS3 as it is unhackable ... or is it? text/html 2017-04-09T15:33:57+02:00 http://wiki.zenk-security.com/doku.php?id=ndhquals2015:weshgrow&rev=1491744837&do=diff Enoncé : "HMAC MD5 or HMAC SHA1 are sooo obsoletes and sooo old. And they are clunky and sooo slooow! That is why, from today, we are introducing to the world a new HMAC algorithm. The best one invented ever : it's light, it's fast and it's secure, well it's the BHE or short for 'Best Hash Ever'." (C.E.C. - Cryptography Experts Company) Prove them wrong. Nous pouvions accéder à l'épreuve via l'URL suivante: