stack on Hackropole

boring

Mon, 13 Apr 2026 00:00:00 +0000

JSON format is pretty boring, don’t you think? A binary representation is immediately more fun!

Note: This challenge is the first part of the Not So Boring challenge.

History

Mon, 13 Apr 2026 00:00:00 +0000

Here is an implementation of logging (history) of entered commands. Do not worry, the commands are not interpreted. Read the file flag.txt located on the server.

Not So Boring

Mon, 13 Apr 2026 00:00:00 +0000

I was informed that the first version of my program contained vulnerabilities… However, fixing them would be quite tedious and I don’t really have the time.

But I still developed my own sandbox so that it can no longer be compromised – a much more fun idea! Even LLMs haven’t found any vulnerabilities in its code.

Find a way to escape the sandbox and obtain the flag by executing /getflag.

Puissance 4

Mon, 13 Apr 2026 00:00:00 +0000

If you succeeded with the “baby version, now try this one, which is just a tiny bit more complex. Your goal is still to read the flag.txt file located on the server.

Puissance 4 (baby)

Mon, 13 Apr 2026 00:00:00 +0000

Will you be able to win at Connect Four against a dumb AI? And if so, you can then try to read the flag.txt file located on the server.

todo

Mon, 13 Apr 2026 00:00:00 +0000

I created a program to keep track of tasks I shouldn’t forget, but I still feel like my memory is playing tricks on me…

Swift Encryptor

Mon, 28 Apr 2025 00:00:00 +0000

!!! New !!! Ultra-modern encryption service:

Military grade post-quantum cryptographic algorithms!
Ultra-fast multi-threading!
Protection against memory corruption!

XORTP

Mon, 28 Apr 2025 00:00:00 +0000

You can encrypt any file on the system with an unbreakable mechanism worthy of the greatest!

yabof

Mon, 28 Apr 2025 00:00:00 +0000

Yet Another Buffer Overflow!

yapuka

Mon, 28 Apr 2025 00:00:00 +0000

You have everything, let’s go!

Blind Attack

Mon, 15 Apr 2024 00:00:00 +0000

You are playing your first Attack/Defense CTF, and… everyone is panicking! The game is barely 45 minutes old, and your team is under attack from all sides, with all services down except one: you don’t know whether to patch, attack, or just go back to being a normal human being and give up. Your mind is going crazy, you’re feeling fuzzy, you don’t know what your name is anymore.

You drink another cup of coffee (okay, given the stress, not the best idea), but you decide to open your team network flow analysis tool. This tool (Shovel) enables you to view all TCP/UDP flows passing through the machine you’re defending. You are in charge of the service called blind, and without even looking at the code of this service, you decide to simply reproduce the attacks that other teams are using to steal your flags.

Call Me Blah

Mon, 15 Apr 2024 00:00:00 +0000

We’re putting you in the typical situation of post-exploitation. Can you get a shell?

Note a Bug (d0g bUt h4ppY)

Mon, 15 Apr 2024 00:00:00 +0000

You continue to play your first Attack/Defense CTF: it’s a little less panicky than an hour ago, but your self-esteem is still taking a beating. So much so, in fact, that you’re beginning to wonder whether all the time you’ve invested in training on Hackropole has been worthwhile…

It’s not all doom and gloom: you’re beginning to master network analysis, hardening techniques and you’re even submitting false flags in other teams’ services to fool the enemy! You’ve even learned to steal exploits from other teams very quickly, without even bothering to look at the services’ code!

Note a Bug (Nordic Mollusks)

Mon, 15 Apr 2024 00:00:00 +0000

Note a Bug (Red Beer)

Mon, 15 Apr 2024 00:00:00 +0000

HTTP 2

Mon, 25 Dec 2023 00:00:00 +0000

Oh no no, this is not HTTP/2 at all! This HTTP version 2. Well, you know.

May the Forth

Mon, 25 Dec 2023 00:00:00 +0000

A zForth user refuses to update his installation, because he says ‘it is useless’. Can you convince him to do it anyway by finding the flag in the interpreter environment (variable FLAG)?

Note: A more complex variant of this challenge is available here: May The Fifth.

Ptérodactyle

Mon, 25 Dec 2023 00:00:00 +0000

You must display the content of the file flag.txt.

pwnduino

Mon, 25 Dec 2023 00:00:00 +0000

An AVR board is used in a SCADA access control system. It contains a dedicated firmware that implements computations on a secret stored in the internal memory of the microcontroler: this secret must not leave it. In order to execute these computations, it is necessary to prove an authentication password. The console will be disconnected after 10 seconds of inactivity.

During an audit mission, you are asked to evaluate the security of this system, and to validate that the sensitive secret does not leak. You have been able to access a development server containing a debug binary and its source code. Using this information, you are confident that it is possible to recover the production firmware secret!

uid

Fri, 22 Dec 2023 00:00:00 +0000

You are asked to use the provided binary to read the flag.txt file located on the remote server.

deflation

Fri, 01 Dec 2023 00:00:00 +0000

You need to read the file flag.txt on the remote server.

Dépassement de tampon

Mon, 25 Dec 2023 00:00:00 +0000

Exploit the given binary to read the file flag on the remote server.

httpd

Mon, 25 Dec 2023 00:00:00 +0000

Audit and exploit this sandboxed web server.

microroptor

Fri, 01 Dec 2023 00:00:00 +0000

Exploit the provided binary to read the flag file on the remote server.

XORaaS

Fri, 01 Dec 2023 00:00:00 +0000

You need to read the file flag.txt on the remote server.

Blind Date

Fri, 15 Dec 2023 00:00:00 +0000

A company wants to create an online service that protects their customers’ information. Can you show them that it is not secure by reading the flag.txt file on their server? The managers of this company did not want to give you the source code of their solution, nor the compiled binary, but they only offer you a remote access to their service.

bofbof

Fri, 01 Dec 2023 00:00:00 +0000

Get a shell on the remote machine to read flag.txt.

Itsy Mipsy Router

Fri, 01 Dec 2023 00:00:00 +0000

You need to audit a router at the interface between the Internet and a company’s internal network. The client asks you whether it is possible to read the files stored on the filer machine that acts as a HTTP file server. A minimal Dockerfile is provided to help you in the analysis.

Reporter

Fri, 22 Dec 2023 00:00:00 +0000

This is your first day in your new company, where they use an homemade browser. Can you get a shell on the machine of the person who checks the links we send him?

Hello Rootkitty

Tue, 12 Dec 2023 00:00:00 +0000

A machine has been infected with the rootkit Hello Rootkitty, which prevents certain files from being read. Your mission is to help the victim recover the content of the affected files. Once you are connected to SSH (credentials: ctf:ctf), run ./wrapper to start the challenge.

A more complex variant of this challenge is available here: Hello Rootkitty (Harder).

Hello Rootkitty (Harder)

Tue, 12 Dec 2023 00:00:00 +0000

A simpler variant of this challenge is available here: Hello Rootkitty.

Bonus: Can you get a root shell?

Poney

Fri, 01 Dec 2023 00:00:00 +0000

You need to read the file flag.txt on the remote system.

Tik Tak Tok

Fri, 01 Dec 2023 00:00:00 +0000

You need to read the content of the file flag on the remote service.

Note: This challenge has been made for the finale of FCSC 2020.

Armory

Tue, 05 Dec 2023 00:00:00 +0000

Pwn the binary provided to extract the flag from the remote service.

Harmless

Fri, 08 Dec 2023 00:00:00 +0000

Pwn the binary provided to read the flag on the remote service.

Note: This challenge has been made for the finale of FCSC 2019.

Hola Armigo

Tue, 12 Dec 2023 00:00:00 +0000

Pwn the binary provided to read the flag on the remote service.

Secure Vault

Tue, 05 Dec 2023 00:00:00 +0000

The company Secure Vault contacted us after someone stole some information on one of their servers. Can you prove to them that you can indeed read the flag file?

Note: No binary is provided for this challenge.