santhacklaus/netrunner

Fork 0

netrunner is a Web challenge in a Cyberpunk ambiance, proposed in three parts during the Santhacklaus CTF https://challenges.deldel.fr/challenges#netrunner%20[1/3]

challenge ctf santhacklaus web

Go to file

Aymeric Sorek 63e0e28e1f typo fix readme		2019-08-02 15:34:43 +02:00
debian-ssh	Prod version CTF	2019-01-29 22:21:05 +01:00
php	Clean version, LICENSE and README added	2019-08-02 12:37:32 +02:00
resources	Functionnal web server on docker-compose	2018-11-07 09:51:45 +01:00
webroot	Prod version CTF	2019-01-29 22:21:05 +01:00
.gitignore	non-persistent db data	2019-08-02 13:13:14 +02:00
docker-compose.yml	non-persistent db data	2019-08-02 13:13:14 +02:00
LICENSE	Clean version, LICENSE and README added	2019-08-02 12:37:32 +02:00
README.md	typo fix readme	2019-08-02 15:34:43 +02:00

README.md

netrunner - [WEB] Challenge Santhacklaus

netrunner is a Web challenge proposed in three parts during the Santhacklaus CTF. This online event, santhacklaus.xyz, was a four students project from IMT Lille Douai (Telecom Lille). This Capture The Flag in jeopardy style lasted one week (14 to 21 December 2018) and gathered more than 400 participants.

Getting Started

Prerequisites

To use this project, you need to install Docker and Docker-Compose.

Configuration

You probably need to change the listening port in docker-compose.yml file to avoid conflict with other softwares, like another Web server.

...
ports:
    - "<chosen_port>:80"
...

Running

Move into the root repository, then, build and start all the containers with this following command:

docker-compose up -d

Now, you can access to the first part of this challenge at localhost:<chosen_port> and others parts at localhost:2077.

That's all! 😉

Online version

You can find a online version of this project on CTF;space platform.

During and after the CTF

Part 1

Statement

V, I got a mission for you!

We discoved a Netrunner who hack neural implants to create false memories. We spotted the target's interface on the Net at this address: http://IP

Find out who he is and a way to stop him.

Part 2

Statement

Nice V! I owe you one!

But before we go to visit him, I would like to have a means of pressure. Here is his maintenance access: IP:PORT

See what you can do and let me know.

Hint

He seems to have a “ghost” in the shell

Part 3

Statement

You doing great!

But this access is not enough. See if you can get privileged access, the same used by Zetatech technician for maintenance.

It will allow us to unplug it in case of a glitch.

Write-ups

Write-up written by Thibaud Robin alias Th1b4ud
Another write-up by Maki
Write-up written by 0xUKN

Thank you for taking the time to write your solution! :)

You can contact me if you want to add your write-up in the list.

Author

Aymeric Sorek - alias deldel

License

This project is licensed under the GNU General Public License - see the LICENSE file for details