Git Product home page Git Product logo

ctf_challenges's Introduction

ctf_challenges

A repo containing a variety of home made ctf's and programming puzzles and the solutions.

Feel free to submit a pull request if you found a completely different or better solution.

Disclaimer: All challenges are self-made. Some challenges require using backdoors, but rely on you playing "by the rules", as the solution is oftentimes included or easily accessible. All components are either in this repo, or on my website dfsu.systems (or a subdomain thereof), if it explicitly says so there. DO NOT attempt to hack or find abckdoors of anything outside the aforementioned scope of the challenge. Every challenege explicitly says what you may or may not touch.

Challenges

name type lang(s) tags
sql_injection [out of service] resource/challenge mysql, (python) SQL, sql injection
calculator CTF python RCE, repl, eval
copy_paste challenge python recursion, clone
tamper_proof CTF python hash, self check

Structure

(examples with python, might use other langs in the future)
Take a look at the challenge's README.md for speical cases.

Coding challenges

Typically such a challenge would contain

  • README.md containing the task, tips, links, references, etc
  • solution.py or SOLUTION.md or solution_[x].py where multiple exist or solution/*: Look at only if stuck or you beat the challenge
  • optionally HINT.md or HINT_[x].md where multiple exist: Look at those only if stuck

CTF's/exploit finders

  • README.md containing the task, tips, links, references, etc
  • [project].py or src/* or [project]/* or similar -> Access: Readonly or sometimes None, see README.md
  • flag or flag.txt or flag.zip or similar -> Access: None
  • solution.py or SOLUTION.md or solution_x.py where multiple exist or solution/*: Look at only if stuck or you beat the challenge
  • optionally HINT.md or HINT_[x].md where multiple exist: Look at those only if stuck

CTF File Access

  • Solutions and hints may obviously only be checked after the challenge, or if completely stuck
  • None: You may not open the file, look at it's metadata or in any way interact with it except through the exploit.
    (Imagine this file is on the server and contains a password or key, like a .env file)
  • Readonly: You may open the file to read its contents, but not edit it.
    Exception: adding a shebang, fixing imports, etc, as long as it does not change behavior. To prettify or debug code, copy the file!
    (Imagine you found this project in a github repo and know a server deployed it)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.