ctfd_challenges.tar

export.yaml0000664000175200017520000001430314272771733012705 0ustar  victorvictor# This is an export file with all the challenge information using the portable-challenges-plugin
# https://github.com/nategraf/ctfd-portable-challenges-plugin
# If you have a CTFd instance with the plugin installed, you can create all the challenges by
# importing the tar with this file in the Admin interface or using the CLI tool.
---
name: Stop and Listen
value: 10
description: "Sometimes what we are looking for is right in front of us if we just\
  \ take a moment to stop and listen.\r\n\r\n[Connection instructions](https://gist.github.com/nategraf/74204dd8b55fb20d29c32ae2bb2ff679)"
category: Introduction
type: naumachia
flags:
- flag: flag{ekky_ekke_ekke_zoo_boing_patang}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: listen
---
name: Stuck in the Middle
value: 50
description: It's not always enough to just overhear a conversation, sometimes you
  have to interject and be the man in the middle.
category: Basic
type: naumachia
flags:
- flag: flag{i_got_the_feelin_something_aint_right}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: middle
---
name: Straw House
value: 50
description: "In a land far far away there was an old mother pig who had [three little\
  \ pigs](https://americanliterature.com/childrens-stories/the-three-little-pigs)\
  \ and not enough cpu cores in her server to host them. So when they were old enough,\
  \ she sent them out into the world to seek their fortunes.\r\n\r\nThe first little\
  \ pig was very lazy and secured his server by not telling anyone about it. Honestly\
  \ a wolf wouldn't need to huff and puff so much as sniff his way into the server."
category: Basic
type: naumachia
flags:
- flag: flag{straw_houses_can_barely_stand_the_breeze}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: straw
---
name: Stick House
value: 50
description: The second little piggy was a little more industrious, and decided to
  secure his server by making sure it only responded to him. I guess he never realized
  that wolves can lie.
category: Basic
type: naumachia
flags:
- flag: flag{trust_on_the_internet_is_a_way_to_get_eaten}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: sticks
---
name: Brick House
value: 100
description: This little piggy was a very hard worker and decided to roll his own
  two-factor authentication to keep the wolves out. It actually looks pretty strong
  but there is always another way in.
category: Intermediate
type: naumachia
flags:
- flag: flag{brick_walls_dont_help_if_you_hold_the_door_open}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: brick
---
name: Table Scraps
value: 100
description: This was supposed to be a web exploit challenge, but it looks like someone
  got there first. Maybe they left some scraps behind for you.
category: Intermediate
type: naumachia
flags:
- flag: flag{last_one_out_close_the_door}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: scraps
---
name: J. Schmidt
value: 100
description: Everytime I go out, people always shout John Jacob Jingleheimer Schmidt!
  I'd change my name, but I just got the best domain for my website.
category: Intermediate
type: naumachia
flags:
- flag: flag{his_domain_name_is_my_name_too}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: schmidt
---
name: Secret Recipe
value: 200
description: '`topchef` is compiling a recipe book. It''s public to everyone with
  anonymous access, but I bet he isn''t releasing all of his recipes'
category: Advanced
type: naumachia
flags:
- flag: flag{grandma_loves_you_xoxoxox}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: recipe
---
name: Open Letter
value: 200
description: Looks like you managed to get on the network with someone's private email
  server. Can you figure out who it is?
category: Advanced
type: naumachia
flags:
- flag: flag{you_are_the_fanciest_bear}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: letter
---
name: Wordpress
value: 200
description: "I setup my own Wordpress site!\r\n\r\nI love that there are so many\
  \ plugins. My favorite is Revolution Slider. Even though it's a little old it doesn't\
  \ show up on wpscan!\r\n\r\nPlease give it about 30 seconds after connecting for\
  \ everything to setup correctly."
category: Advanced
type: naumachia
flags:
- flag: flag{another_wordpress_sire_bites_the_dust}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: wordpress
---
name: Segal's Law
value: 300
description: "\"A man with a watch knows what time it is. A man with two watches is\
  \ never sure.\" - Segal's Law\r\n\r\nThe piggy who's server you broke into in Brick\
  \ House isn't too happy. Maybe you can make it up to him by contributing to his\
  \ open-source web app"
category: (⌐■_■)
type: naumachia
flags:
- flag: flag{we_have_to_go_back!}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: segal
---
name: Homework Help
value: 300
description: Could you help me with my homework? I think the professor's solution
  is broken.
category: (⌐■_■)
type: naumachia
flags:
- flag: flag{following_the_rabbit_hole_to_get_to_the_root}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: homework
---
name: Alt-F4 for Ops
value: 300
description: Did you know that Alt-F4 is the shortcut for ops in IRC?
category: (⌐■_■)
type: naumachia
flags:
- flag: flag{mutiny_on_the_hgh_ircs}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: altf4
---
name: Copper
value: 300
description: "Bob learned that telnet was actually not secure. Because Bob is a good\
  \ administrator he wanted to make his own, more secure, version of telnet. He heard\
  \ AES was secure so he decided to use that.\r\n\r\nHere is the script he runs every\
  \ day over telnet:\r\n\r\n```\r\nls -la\r\ndate > monitor.txt\r\necho \"=========================================\"\
  \ >> monitor.txt\r\necho \"ps -aux\" >> monitor.txt\r\nps -aux >> monitor.txt\r\n\
  echo \"=========================================\" >> monitor.txt\r\necho \"df -h\"\
  \ >> monitor.txt\r\ndf -h >> monitor.txt\r\ncp ./monitor.txt /logs\r\nexit\r\n```"
category: (⌐■_■)
type: naumachia
flags:
- flag: flag{not_all_aes_modes_are_created_equal}
  type: static
  data: ''
hints: []
hidden: false
naumachia_name: copper