debian-ssh | ||
php | ||
resources | ||
webroot | ||
.gitignore | ||
docker-compose.yml | ||
LICENSE | ||
README.md |
netrunner - [WEB] Challenge Santhacklaus
netrunner is a beginner Web challenge proposed in three parts during the Santhacklaus CTF. This online event, santhacklaus.xyz, was a four students project from IMT Lille Douai (Telecom Lille). This Capture The Flag in jeopardy style lasted one week (14 to 21 December 2018) and gathered more than 400 participants.
Getting Started
Prerequisites
To use this project, you need to install Docker and Docker-Compose.
Configuration
You probably need to change the listening port in docker-compose.yml
file to avoid conflict with other softwares, like another Web server.
...
ports:
- "<chosen_port>:80"
...
Running
Move into the root repository, then, build and start all the containers with this following command:
docker-compose up -d
Now, you can access to the first part of this challenge at localhost:<chosen_port> and others parts at localhost:2077.
That's all! 😉
Online version
You can find a online version of this project on CTF;space platform.
During and after the CTF
Part 1
Statement
V, I got a mission for you!
We discoved a Netrunner who hack neural implants to create false memories. We spotted the target's interface on the Net at this address: http://IP
Find out who he is and a way to stop him.
Part 2
Statement
Nice V! I owe you one!
But before we go to visit him, I would like to have a means of pressure. Here is his maintenance access: IP:PORT
See what you can do and let me know.
Hint
He seems to have a “ghost” in the shell
Part 3
Statement
You doing great!
But this access is not enough. See if you can get privileged access, the same used by Zetatech technician for maintenance.
It will allow us to unplug it in case of a glitch.
Write-ups
Thank you for taking the time to write your solution! :)
You can contact me if you want to add your write-up in the list.
Authors
- Aymeric Sorek - alias deldel
License
This project is licensed under the GNU General Public License - see the LICENSE file for details