92 lines
2.5 KiB
Markdown
92 lines
2.5 KiB
Markdown
# netrunner - [WEB] Challenge Santhacklaus
|
|
|
|
netrunner is a beginner Web challenge proposed in three parts during the **Santhacklaus CTF**. This online event, _santhacklaus.xyz_, was a four students project from IMT Lille Douai (Telecom Lille). This Capture The Flag in jeopardy style lasted one week (14 to 21 December 2018) and gathered more than 400 participants.
|
|
|
|
## Getting Started
|
|
|
|
### Prerequisites
|
|
|
|
To use this project, you need to install [Docker](https://docs.docker.com/install/) and [Docker-Compose](https://docs.docker.com/compose/install/).
|
|
|
|
### Configuration
|
|
|
|
You probably need to change the listening port in `docker-compose.yml` file to avoid conflict with other softwares, like another Web server.
|
|
|
|
```
|
|
...
|
|
ports:
|
|
- "<chosen_port>:80"
|
|
...
|
|
```
|
|
|
|
### Running
|
|
|
|
Move into the root repository, then, build and start all the containers with this following command:
|
|
|
|
```bash
|
|
docker-compose up -d
|
|
```
|
|
|
|
Now, you can access to the first part of this challenge at localhost:<chosen_port> and others parts at localhost:2077.
|
|
|
|
That's all! 😉
|
|
|
|
## Online version
|
|
|
|
You can find a online version of this project on [CTF;space](https://challenges.deldel.fr) platform.
|
|
|
|
|
|
## During and after the CTF
|
|
|
|
### Part 1
|
|
|
|
#### Statement
|
|
|
|
> V, I got a mission for you!
|
|
|
|
> We discoved a Netrunner who hack neural implants to create false memories. We spotted the target's interface on the Net at this address: http://IP
|
|
|
|
> Find out who he is and a way to stop him.
|
|
|
|
### Part 2
|
|
|
|
#### Statement
|
|
|
|
> Nice V! I owe you one!
|
|
|
|
> But before we go to visit him, I would like to have a means of pressure. Here is his maintenance access: IP:PORT
|
|
|
|
> See what you can do and let me know.
|
|
|
|
#### Hint
|
|
|
|
> He seems to have a “ghost” in the shell
|
|
|
|
### Part 3
|
|
|
|
#### Statement
|
|
|
|
> You doing great!
|
|
|
|
> But this access is not enough. See if you can get privileged access, the same used by Zetatech technician for maintenance.
|
|
|
|
> It will allow us to unplug it in case of a glitch.
|
|
|
|
### Write-ups
|
|
|
|
* [Write-up](https://thibaudrobin.github.io/writeups/santhacklaus/netrunner/) written by Thibaud Robin _alias_ Th1b4ud
|
|
* Another [write-up](https://maki.bzh/walkthrough/santhacklaus2018/#netrunner-1-3) by Maki
|
|
* [Write-up](https://0xukn.fr/posts/writeupsanthacklaus2019netrunner/) written by 0xUKN
|
|
|
|
Thank you for taking the time to write your solution! :)
|
|
|
|
You can contact me if you want to add your write-up in the list.
|
|
|
|
## Authors
|
|
|
|
* **Aymeric Sorek** - _alias_ [deldel](https://www.deldel.fr)
|
|
|
|
## License
|
|
|
|
This project is licensed under the GNU General Public License - see the [LICENSE](LICENSE) file for details
|