santhacklaus
/
netrunner
1
0
Fork 0
Code
netrunner is a Web challenge in a Cyberpunk ambiance, proposed in three parts during the Santhacklaus CTF https://challenges.deldel.fr/challenges#netrunner%20[1/3]
11 Commits 1 Branch 0 Tags 1.9 MiB
CSS 43.2%
HTML 21.5%
PHP 7.8%
SQL 7.7%
Dockerfile 7.3%
Other 12.5%
Go to file
Aymeric 63e0e28e1f typo fix readme 2019-08-02 15:34:43 +02:00
debian-ssh Prod version CTF 2019-01-29 22:21:05 +01:00
php Clean version, LICENSE and README added 2019-08-02 12:37:32 +02:00
resources Functionnal web server on docker-compose 2018-11-07 09:51:45 +01:00
webroot Prod version CTF 2019-01-29 22:21:05 +01:00
.gitignore non-persistent db data 2019-08-02 13:13:14 +02:00
LICENSE Clean version, LICENSE and README added 2019-08-02 12:37:32 +02:00
README.md typo fix readme 2019-08-02 15:34:43 +02:00
docker-compose.yml non-persistent db data 2019-08-02 13:13:14 +02:00

README.md

netrunner - [WEB] Challenge Santhacklaus

netrunner is a Web challenge proposed in three parts during the Santhacklaus CTF. This online event, santhacklaus.xyz, was a four students project from IMT Lille Douai (Telecom Lille). This Capture The Flag in jeopardy style lasted one week (14 to 21 December 2018) and gathered more than 400 participants.

Getting Started

Prerequisites

To use this project, you need to install Docker and Docker-Compose.

Configuration

You probably need to change the listening port in docker-compose.yml file to avoid conflict with other softwares, like another Web server.

...
ports:
    - "<chosen_port>:80"
...

Running

Move into the root repository, then, build and start all the containers with this following command:

docker-compose up -d

Now, you can access to the first part of this challenge at localhost:<chosen_port> and others parts at localhost:2077.

That's all! 😉

Online version

You can find a online version of this project on CTF;space platform.

During and after the CTF

Part 1

Statement

V, I got a mission for you!

We discoved a Netrunner who hack neural implants to create false memories. We spotted the target's interface on the Net at this address: http://IP

Find out who he is and a way to stop him.

Part 2

Statement

Nice V! I owe you one!

But before we go to visit him, I would like to have a means of pressure. Here is his maintenance access: IP:PORT

See what you can do and let me know.

Hint

He seems to have a “ghost” in the shell

Part 3

Statement

You doing great!

But this access is not enough. See if you can get privileged access, the same used by Zetatech technician for maintenance.

It will allow us to unplug it in case of a glitch.

Write-ups

Thank you for taking the time to write your solution! :)

You can contact me if you want to add your write-up in the list.

Author

  • Aymeric Sorek - alias deldel

License

This project is licensed under the GNU General Public License - see the LICENSE file for details