| Challenges | |
|---|---|
| SysAdmin Part 1 sandbox is Up | Secure Mail sandbox is Up |
| Looking for god in your life? sandbox is Up | XSS Challenge 1 sandbox is Up |
| Captcha I sandbox is Up | Propaganda mail sandbox is Up |
| Basics of Linux x64 shellcoding sandbox is Up | Level1 Pwnage Linux Level Up sandbox is Up |
| Level1 Pwnage Linux x86_64 sandbox is Up | Virtual World sandbox is Up |
| Hot Single Mom sandbox is Up | Bash Jail 1 sandbox is Up |
| Sometime there is no buffer overflow sandbox is Up | Delivery As A Service sandbox is Up |
| Can you get the service password sandbox is Up | Just another useless service sandbox is Up |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Hash me please | 2 | 3476 | Mr.Un1k0d3r |
| Ask your grandpa! | 2 | 1235 | Mr.Un1k0d3r's Dad |
| Hash me reloaded | 3 | 1869 | Mr.Un1k0d3r |
| I hate mathematics | 3 | 1989 | Mr.Un1k0d3r |
| Ask your grandpa again! | 4 | 430 | Mr.Un1k0d3r's Dad |
| Hash breaker | 4 | 1531 | Mr.Un1k0d3r |
| I saw a little elf | 4 | 557 | Mr.Un1k0d3r |
| Hash breaker reloaded | 5 | 883 | Mr.Un1k0d3r |
| Execute me if you can | 5 | 428 | Mr.Un1k0d3r |
| Read me if you can | 6 | 472 | Mr.Un1k0d3r |
| Ascii Art | 6 | 702 | Mr.Un1k0d3r |
| Execute me if you can again | 6 | 217 | Mr.Un1k0d3r |
| Hash breaker reloaded again | 6 | 293 | Mr.Un1k0d3r |
| Xor me if you can | 6 | 440 | Mr.Un1k0d3r |
| Find the right word | 7 | 370 | Mr.Un1k0d3r |
| Number game | 7 | 348 | Mr.Un1k0d3r remade by theindian |
| Classic Sudoku | 7 | 299 | Mr.Un1k0d3r remade by dread_knight |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Some martian message | 1 | 7471 | Mr.Un1k0d3r |
| You're Drunk! | 1 | 2476 | Mr.Un1k0d3r |
| File recovery | 1 | 3382 | Mr.Un1k0d3r |
| Fashion Victim | 2 | 616 | GoSec CTF 2014 |
| Martian message part 2 | 2 | 3072 | Mr.Un1k0d3r |
| Public key recovery | 2 | 1639 | Mr.Un1k0d3r |
| I Lost my password | 3 | 1217 | Mr.Un1k0d3r |
| Let's Play Scrabble! | 3 | 72 | Madness |
| Hangovers and more: Bacon | 3 | 585 | SynneR |
| Martian message part 3 | 3 | 1204 | Mr.Un1k0d3r |
| Can you understand this sentence? | 3 | 734 | Mr.Un1k0d3r |
| Encrypted Zip | 4 | 608 | Mr.Un1k0d3r |
| Crypto over the network | 4 | 145 | Mr.Un1k0d3r remade by theindian |
| Crypto Object | 4 | 207 | GoSec CTF 2014 |
| Crypto Leak | 4 | 56 | NSEC 2018 (Towel) |
| SSO Service | 4 | 23 | Mr.Un1k0d3r (Trustwave CTF 2020) |
| Is it a secure string? | 5 | 279 | Cedrick Chaput |
| Let's Play Scrabble! Part 2 | 5 | 29 | Madness |
| Jabber | 5 | 10 | Madness |
| Free Flag Encrypter | 5 | 19 | Towel |
| Guess the number | 6 | 26 | cyberguru |
| TotalSecure Message Encrypter | 6 | 95 | Towel |
| Welcome to the asylum | 6 | 59 | GoSec CTF 2014 |
| Pattern is the key | 6 | 47 | Mr.Un1k0d3r |
| Malcolm | 7 | 22 | Trustwave CTF 2020 |
| Jabber Part 2 | 7 | 8 | Madness |
| Homemade craptography #2 | 7 | 13 | HoLyVieR ft. large software company |
| Homemade Craptography | 8 | 10 | NSEC 2018 (HoLyVieR) |
| Mars Log | 8 | 12 | NSEC 2018 (Towel) |
| Crypto is not good as you think | 8 | 176 | Mr.Un1k0d3r |
| Find your path | 9 | 13 | cyberguru |
| Rusty RSA message signing service | 9 | 15 | b0n0n & An0n remade by dysleixa |
| Spies | 9 | 34 | CS Games 2016 (HoLyVieR) |
| Polly Wants a Cracker | 10 | 7 | Madness |
| TotalSecure Message Encrypter V2 | 10 | 20 | Towel |
| Unicorn As A Service | 11 | 9 | Towel |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Just another login form | 2 | 1538 | Mr.Un1k0d3r |
| DON'T login as admin | 2 | 44 | mbergeron |
| I forgot my password | 3 | 38 | mbergeron |
| Inspiration | 6 | 40 | NSEC 2019 (becojo) |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Bash Jail 1 | 1 | 2562 | Mr.Un1k0d3r |
| Bash Jail 2 | 2 | 1610 | Mr.Un1k0d3r |
| Bash Jail 3 | 3 | 913 | Mr.Un1k0d3r |
| Bash Jail 4 | 4 | 493 | Mr.Un1k0d3r |
| Bash Jail 5 | 6 | 218 | Mr.Un1k0d3r |
| Bash Jail 6 | 8 | 33 | Garigouster |
| Bash Jail 7 | 12 | 17 | Garigouster |
| C Jail 1 | 1 | 411 | Mr.Un1k0d3r |
| C Jail 2 | 2 | 267 | Mr.Un1k0d3r |
| C Jail 3 | 3 | 218 | Mr.Un1k0d3r |
| C Jail 4 | 5 | 25 | Garigouster |
| C Jail 5 | 7 | 15 | Garigouster |
| C Jail 6 | 14 | 10 | Garigouster |
| PHP Jail 1 | 1 | 601 | Mr.Un1k0d3r |
| PHP Jail 2 | 2 | 397 | Mr.Un1k0d3r |
| PHP Jail 3 | 3 | 280 | Mr.Un1k0d3r |
| PHP Jail 4 | 4 | 218 | Mr.Un1k0d3r |
| PHP Jail 5 | 6 | 184 | Mr.Un1k0d3r |
| PyJail 1 | 3 | 257 | Martin Dube |
| PyJail 2 | 5 | 140 | Martin Dube |
| PyJail 3 | 6 | 47 | Martin Dube |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Client side validation is bad! | 1 | 7371 | Mr.Un1k0d3r |
| Hashing is more secure | 1 | 6376 | Mr.Un1k0d3r |
| Then obfuscation is more secure | 1 | 4880 | Mr.Un1k0d3r |
| Why not? | 2 | 3747 | Mr.Un1k0d3r |
| Valid key required | 2 | 990 | Francois Lajeunesse |
| Most Secure Crypto Algo | 2 | 1774 | Mr.Un1k0d3r |
| Why not be more secure? | 5 | 611 | Mr.Un1k0d3r |
| WTF Lol! | 6 | 292 | HoLyVieR |
| Interstellar PhoneBook | 6 | 41 | NSEC 2018 (HoLyVieR) |
| Beauty and the beast | 7 | 43 | Mr.Un1k0d3r |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| APT 1337 | 4 | 51 | NSEC 2017 (Mr.Un1k0d3r) |
| Capture 1 Part 1 | 1 | 728 | Mr.Un1k0d3r |
| Capture 1 Part 2 | 1 | 245 | Mr.Un1k0d3r |
| Capture 1 Part 3 | 1 | 267 | Mr.Un1k0d3r |
| Capture 1 Part 4 | 2 | 45 | Mr.Un1k0d3r |
| Capture 1 Part 5 | 3 | 71 | Mr.Un1k0d3r |
| Capture 1 Part 6 | 3 | 171 | Mr.Un1k0d3r |
| Capture 1 Part 7 | 3 | 39 | Mr.Un1k0d3r |
| Capture 2 Part 1 | 1 | 65 | Mr.Un1k0d3r |
| Capture 2 Part 2 | 1 | 123 | Mr.Un1k0d3r |
| Capture 2 Part 3 | 1 | 124 | Mr.Un1k0d3r |
| Capture 2 Part 4 | 3 | 121 | Mr.Un1k0d3r |
| Capture 2 Part 5 | 4 | 45 | Mr.Un1k0d3r |
| Capture 2 Part 6 | 7 | 21 | Mr.Un1k0d3r |
| Evil X | 8 | 7 | cyberguru |
| Just Another MBR Ransomware | 8 | 20 | Towel |
| RAO democracy | 4 | 59 | NSEC 2017 (Mr.Un1k0d3r) |
| This malware excels Part 1 | 2 | 38 | HF 2020 (nic-lovin) |
| This malware excels Part 2 | 1 | 38 | HF 2020 (nic-lovin) |
| This malware excels Part 3 | 2 | 25 | HF 2020 (nic-lovin) |
| This malware excels Part 4 | 5 | 17 | HF 2020 (nic-lovin) |
| WebShell of Hell | 5 | 21 | An0n |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Crapto Century | 3 | 49 | NSEC 2021 (davidlebr1) |
| Farmer Search (1/3) | 3 | 43 | NSEC 2021 (mbergeron) |
| Farmer Search (2/3) | 2 | 36 | NSEC 2021 (mbergeron) |
| Farmer Search (3/3) | 4 | 25 | NSEC 2021 (mbergeron) |
| Knight Portal (1/3) | 2 | 87 | NSEC 2021 (mbergeron) |
| Knight Portal (2/3) | 2 | 67 | NSEC 2021 (mbergeron) |
| Knight Portal (3/3) | 5 | 26 | NSEC 2021 (mbergeron) |
| Reading Through the Cloud | 4 | 36 | NSEC 2021 (davidlebr1) |
| Scammed again | 3 | 2 | mnadeau |
| The Cabal | 2 | 12 | mnadeau |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Email Template (1/3) | 2 | 27 | mbergeron |
| Email Template (2/3) | 5 | 11 | mbergeron |
| Email Template (3/3) | 4 | 6 | mbergeron |
| Stock Options Portal | 6 | 3 | SynneR |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Ask G.O.D (01/18) | 3 | 15 | mbergeron |
| Ask G.O.D (02/18) | 1 | 10 | mbergeron |
| Ask G.O.D (03/18) | 2 | 10 | mbergeron |
| Ask G.O.D (04/18) | 5 | 10 | mbergeron |
| Ask G.O.D (05/18) | 3 | 5 | mbergeron |
| Ask G.O.D (06/18) | 1 | 17 | mbergeron |
| Ask G.O.D (07/18) | 1 | 14 | mbergeron |
| Ask G.O.D (08/18) | 3 | 7 | mbergeron |
| Ask G.O.D (09/18) | 7 | 6 | mbergeron |
| Ask G.O.D (10/18) | 2 | 11 | mbergeron |
| Ask G.O.D (11/18) | 2 | 11 | mbergeron |
| Ask G.O.D (12/18) | 2 | 11 | mbergeron |
| Ask G.O.D (13/18) | 1 | 13 | mbergeron |
| Ask G.O.D (14/18) | 2 | 11 | mbergeron |
| Ask G.O.D (15/18) | 1 | 14 | mbergeron |
| Ask G.O.D (16/18) | 2 | 7 | mbergeron |
| Ask G.O.D (17/18) | 2 | 7 | mbergeron |
| Ask G.O.D (18/18) | 2 | 7 | mbergeron |
| Corporate Cafeteria Menu | 6 | 5 | SynneR |
| Orchestry (1/3) | 1 | 7 | dlebrun |
| Orchestry (2/3) | 4 | 4 | dlebrun |
| Orchestry (3/3) | 2 | 3 | dlebrun |
| The G.O.D Archive | 12 | 2 | alxbl |
| We Call it Spring (1/4) | 1 | 9 | dlebrun |
| We Call it Spring (2/4) | 1 | 9 | dlebrun |
| We Call it Spring (3/4) | 5 | 2 | dlebrun |
| We Call it Spring (4/4) | 2 | 2 | dlebrun |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Level1 Pwnage Linux Level Up | 1 | 735 | P-Y Feat Martin Dube |
| Level2 Pwnage Linux Level Up | 2 | 448 | P-Y Feat Martin Dube |
| Remote Auth | 2 | 120 | NSEC 2015 |
| Level3 Pwnage Linux Level Up | 3 | 321 | P-Y Feat Martin Dube |
| The Vault | 3 | 66 | Mr.Un1k0d3r |
| Level1 Pwnage Linux x86_64 | 3 | 214 | Mr.Un1k0d3r |
| Can you get the service password | 4 | 131 | Mr.Un1k0d3r remade by sagefault |
| Sometime there is no buffer overflow | 4 | 81 | Mr.Un1k0d3r remade by GuilT |
| Level2 Pwnage Linux x86_64 | 4 | 76 | Mr.Un1k0d3r |
| Friendly race | 5 | 28 | Garigouster |
| Level4 Pwnage Linux Level Up | 5 | 147 | Mr.Un1k0d3r |
| RPCFTW! | 6 | 38 | NSEC 2015 |
| Jack the heaper | 6 | 24 | uaf.io |
| Level4 Pwnage Linux x86_64 | 7 | 44 | Mr.Un1k0d3r |
| Level3 Pwnage Linux x86_64 | 7 | 71 | Mr.Un1k0d3r |
| Just another useless service | 8 | 40 | NSEC 2015 |
| Take over the Virtual World | 8 | 37 | NSEC 2015 |
| Base64 As A Service | 8 | 36 | Guilt |
| All You Need Is a Client | 8 | 14 | Mr.Un1k0d3r (Trustwave CTF 2020) |
| Base64 As A Service Reloaded | 9 | 29 | Guilt |
| Delivery As A Service | 10 | 19 | NSEC 2016 |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Time to learn x86 ASM & gdb | 2 | 2286 | Mr.Un1k0d3r |
| See No Evil - Part 1 | 2 | 196 | alxbl |
| Can you see through the star | 2 | 1347 | Mr.Un1k0d3r |
| Gift as a Service Part 2 | 2 | 52 | H0H0H0 Day (R0 team) |
| See No Evil - Part 2 | 3 | 142 | alxbl |
| See No Evil - Part 3 | 3 | 133 | alxbl |
| Intro To Sparc | 3 | 214 | Ian-Kyle Wagner |
| Kernel introduction | 3 | 286 | Mr.Un1k0d3r |
| Heap allocator | 3 | 300 | NSEC 2015 |
| Crack Me 1 | 3 | 808 | Mr.Un1k0d3r |
| Introduction to MIPS | 3 | 348 | Mr.Un1k0d3r |
| I never forget the Nintendo 64 | 3 | 692 | Mr.Un1k0d3r |
| Windows x86 reversing is cool | 3 | 762 | Mr.Un1k0d3r |
| Old School | 4 | 97 | Towel |
| Power to the people | 4 | 79 | NSEC 2015 |
| Let's take a detour | 4 | 104 | Floesen |
| Altera? | 4 | 77 | NSEC 2016 |
| ASM Lovers | 4 | 99 | NSEC 2016 |
| Wrong byte! | 4 | 292 | Mr.Un1k0d3r |
| See No Evil - Part 4 | 4 | 103 | alxbl |
| See No Evil - Part 5 | 4 | 98 | alxbl |
| I love tea! | 4 | 38 | nic-lovin |
| Space Invaders | 4 | 27 | Trustwave CTF 2020 |
| Introduction to ARM | 4 | 376 | Mr.Un1k0d3r |
| Windows API for the win | 4 | 357 | Mr.Un1k0d3r |
| WASM Part 1 | 5 | 79 | NSEC 2018 (Isra17) |
| The MI7 password prompt | 5 | 77 | NSEC 2018 (Mr.Un1k0d3r) |
| Phenix Golgoth | 5 | 60 | Hackfest 2016 |
| Can I speak with the kernel? | 5 | 93 | Zerosum0x0 |
| Reindeer Game | 5 | 16 | H0H0H0 Day 2020 (Towel) |
| Back to our roots | 5 | 126 | Mr.Un1k0d3r |
| Virtual World | 5 | 86 | NSEC 2015 |
| Smart enough? | 5 | 127 | NSEC 2015 |
| Pwndr3 Authenticator | 5 | 69 | Pwndr3 |
| RingZer0 Authenticator | 5 | 253 | Ekse |
| Need a client | 6 | 78 | Mr.Un1k0d3r |
| I Think I forgot to take out the garbage! | 6 | 29 | Mr.Un1k0d3r |
| Flag stealer | 6 | 85 | Ekse |
| Update Manager | 6 | 67 | Ekse |
| Buggy Bunny | 7 | 15 | Garigouster |
| Cappin' | 7 | 4 | Mr.Un1k0d3r (Trustwave CTF 2020) |
| The supreme bash | 7 | 28 | NSEC 2017 (Mr.Un1k0d3r) |
| Armed and ready | 7 | 26 | NSEC 2015 |
| SOS Lib | 7 | 38 | Mr.Un1k0d3r |
| You're not welcome | 8 | 56 | Towel |
| WASM Part 2 | 8 | 11 | NSEC 2018 (Isra17) |
| License to kill | 8 | 5 | Mr.Un1k0d3r |
| Rebate As A Service | 8 | 47 | NSEC 2016 |
| The Matrix | 9 | 14 | Towel |
| Keygen time again | 10 | 34 | GoSec CTF 2014 |
| Trolling the troll | 10 | 33 | Mr.Un1k0d3r |
| The unknown challenge | 11 | 17 | Mr.Un1k0d3r |
| WASM Part 3 | 12 | 5 | NSEC 2018 (Isra17) |
| You're not welcome again! | 12 | 20 | Towel |
| The oracle | 13 | 17 | Towel |
| Mars Reloaded | 18 | 12 | NSEC 2018 (Towel) |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Basics of Linux x64 shellcoding | 2 | 552 | Mr.Un1k0d3r |
| Linux x64 shellcoding level 2 | 4 | 280 | Mr.Un1k0d3r |
| Linux x64 shellcoding level 3 | 6 | 219 | Mr.Un1k0d3r |
| Linux x64 shellcoding level 4 | 8 | 176 | Mr.Un1k0d3r |
| Linux x64 shellcoding level 5 | 10 | 126 | Mr.Un1k0d3r |
| Linux x64 shellcoding level 6 | 12 | 110 | Mr.Un1k0d3r |
| Linux x64 shellcoding level 7 | 14 | 64 | Mr.Un1k0d3r |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| SigID Level 1 | 1 | 1064 | Guenael |
| You Turn Me On And Off | 3 | 21 | Trustwave CTF 2020 |
| Let's Get Scwhifty! | 5 | 18 | Trustwave CTF 2020 |
| SigID Level 2 | 6 | 13 | Guenael |
| Don't flip out, Thomas! | 7 | 17 | Trustwave CTF 2020 |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Victor you're hidding me something | 1 | 2855 | Cedrick Chaput |
| You're lost? Use the map | 1 | 1985 | Mr.Un1k0d3r |
| Look inside the house | 2 | 1249 | Mr.Un1k0d3r |
| A ghost sound | 2 | 969 | Cedrick Chaput |
| Victor reloaded | 2 | 1220 | Cedrick Chaput |
| The Sloth | 2 | 171 | Misker |
| Brainsick | 2 | 963 | Mr.Un1k0d3r |
| Missing Pieces | 2 | 842 | Cedrick Chaput |
| Hidden In Plain Sight | 2 | 707 | NSEC 2015 |
| Pixel Everywhere | 2 | 216 | Mr.Un1k0d3r |
| The vestige of dial-up Internet | 2 | 232 | Uid0 |
| I'm Goronyo Babad Nigerian prince | 2 | 600 | Mr.Un1k0d3r |
| 5 beautiful colors | 3 | 53 | PublicName |
| Crazy Cat Lady | 3 | 104 | Madness |
| Love Letter | 3 | 254 | Towel |
| Can you see through the matrix! | 3 | 156 | Mr.Un1k0d3r |
| Your old friend Orloge Simard | 3 | 615 | Cedrick Chaput |
| Can you see through the matrix reloaded! | 4 | 29 | Towel |
| Stay Classy! | 4 | 19 | Sideni |
| Not just 64 | 4 | 16 | Madness |
| Even the Odds | 4 | 18 | alxbl |
| Walk the line! | 5 | 165 | Cedrick Chaput |
| Stop the violence | 5 | 20 | jusb3 |
| Stop the violence 2 | 5 | 8 | jusb3 |
| Hidden out of sight | 5 | 13 | cyberguru |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| SysAdmin Part 1 | 1 | 2802 | Cedrick Chaput |
| SysAdmin Part 2 | 1 | 2042 | Cedrick Feat Mr.Un1k0d3r |
| SysAdmin Part 3 | 1 | 1322 | Mr.Un1k0d3r |
| SysAdmin Part 4 | 2 | 1206 | Cedrick Feat Mr.Un1k0d3r |
| SysAdmin Part 5 | 2 | 803 | Cedrick Feat Mr.Un1k0d3r |
| SysAdmin Part 6 | 3 | 752 | Cedrick Chaput |
| SysAdmin Part 7 | 4 | 614 | Cedrick Chaput |
| SysAdmin Part 8 | 4 | 662 | Cedrick Feat Mr.Un1k0d3r |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| NC8 MAINFRAME MANAGEMENT INTERFACE Part 1 | 7 | 64 | NSEC 2018 (isra17) |
| NC8 MAINFRAME MANAGEMENT INTERFACE Part 2 Flag 1 | 3 | 38 | NSEC 2018 (isra17) |
| NC8 MAINFRAME MANAGEMENT INTERFACE Part 2 Flag 2 | 7 | 35 | NSEC 2018 (isra17) |
| NC8 MAINFRAME MANAGEMENT INTERFACE Part 2 Flag 3 | 10 | 35 | NSEC 2018 (isra17) |
| NC8 MAINFRAME MANAGEMENT INTERFACE Part 3 | 5 | 25 | NSEC 2018 (isra17) |
| NC8 MAINFRAME MANAGEMENT INTERFACE Part 4 | 15 | 21 | NSEC 2018 (isra17) |
| Challenges descriptions | Points | Validation | Author |
|---|---|---|---|
| Words mean something? | 1 | 3413 | Mr.Un1k0d3r |
| Big Brother is watching | 1 | 4657 | Mr.Un1k0d3r |
| Hacking skill are optional | 1 | 321 | Breached Company |
| Looking for password file | 1 | 4806 | Mr.Un1k0d3r |
| Area 51 | 1 | 3051 | Mr.Un1k0d3r |
| Headache | 1 | 3934 | Mr.Un1k0d3r |
| Security thru obscurity! | 2 | 1138 | Mr.Un1k0d3r |
| PHP Fairy | 2 | 1145 | nic-Lovin |
| XSS Challenge 2 | 2 | 551 | Mr.Un1k0d3r |
| XSS Challenge 1 | 2 | 557 | Mr.Un1k0d3r |
| Admin Portal | 2 | 1231 | Mr.Un1k0d3r |
| Password reset | 2 | 1010 | Mr.Un1k0d3r |
| Malicious upload | 2 | 640 | Mr.Un1k0d3r |
| Captcha I | 2 | 580 | SynneR |
| Unreadable captcha | 2 | 409 | SynneR |
| Password reset reloaded | 3 | 376 | Mr.Un1k0d3r |
| PHP feature or 0day? | 3 | 466 | Mr.Un1k0d3r |
| Serial killer! | 3 | 481 | Mr.Un1k0d3r |
| JWT pitfall 1 | 3 | 66 | Mr.Un1k0d3r |
| REST in peace | 3 | 222 | GoSec CTF 2014 |
| Captcha IV | 3 | 43 | FadedForEver |
| NeuroSoft: Observation Unit Center | 3 | 65 | NSEC 2019 (ldionmarcil) |
| Beyond Reality Part 1 | 3 | 57 | NSEC 2019 (ldionmarcil) |
| XSS Challenge 3 | 3 | 215 | Mr.Un1k0d3r |
| XSS Challenge 4 | 3 | 222 | Mr.Un1k0d3r |
| Facebook will never forget this one | 3 | 237 | Mr.Un1k0d3r |
| UploadStar | 3 | 50 | nopernik |
| Gift as a Service Part 1 | 3 | 64 | H0H0H0 Day (R0 team) |
| Looking for the flag? | 3 | 773 | Mr.Un1k0d3r |
| Captcha III | 4 | 64 | mbergeron |
| Propaganda mail | 4 | 264 | NSEC 2015 |
| Captcha II | 4 | 154 | SynneR |
| Read the unreadable | 5 | 123 | Mr.Un1k0d3r |
| Freedom Firewall | 5 | 128 | NSEC 2015 |
| Timesheet As a Service | 5 | 37 | Mr.Un1k0d3r |
| Password Reset As a Service | 5 | 62 | Mr.Un1k0d3r |
| UploadStar Reloaded | 5 | 30 | nopernik |
| Super Lottery | 5 | 89 | davidlebr1 |
| Beyond Reality Part 2 | 5 | 36 | NSEC 2019 (ldionmarcil) |
| The archive | 5 | 25 | NSEC 2019 (HoLyVieR) |
| Lost API | 5 | 39 | NSEC 2019 (HoLyVieR) |
| PHP feature or 0day reloaded? | 6 | 75 | Mr.Un1k0d3r |
| I hate this one | 6 | 231 | Mr.Un1k0d3r |
| XSS Challenge 5 | 6 | 136 | Mr.Un1k0d3r |
| Serial killer part 2 | 6 | 51 | HoLyVieR |
| Orao's factory | 6 | 123 | NSEC 2015 |
| Ping It! | 7 | 34 | mnadeau |
| Super Lottery Reloaded | 7 | 35 | davidlebr1 Feat mbergeron |
| XPATH of hell! | 7 | 141 | Francois L. Feat Mr.Un1k0d3r |
| Secure Mail | 8 | 84 | GoSec CTF 2014 |
| Looking for god in your life? | 8 | 66 | NSEC 2015 |
| Lotto 8/33 | 11 | 10 | fishinspace |
| Number of points | Number of validation | Number of points | Number of validation |
|---|---|---|---|
| 18 points | 12 | 15 points | 21 |
| 14 points | 74 | 13 points | 51 |
| 12 points | 164 | 11 points | 51 |
| 10 points | 340 | 9 points | 205 |
| 8 points | 1088 | 7 points | 2671 |
| 6 points | 5416 | 5 points | 5516 |
| 4 points | 12174 | 3 points | 24181 |
| 2 points | 67028 | 1 points | 84958 |
If you are using Burpsuite as your proxy, you may experiment some issue regarding interception. If you got the following error unrecognized_name here is the solution.
Go to the main tab on your Burp then click on options you should now see the SSL tab. In the SSL Negociation section, check "Disable Java SNI extension (requires restart)"
Restart your Burp instance and you are good to go.
