Skip to content

sroettger/35c3ctf_chals

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
filemanager
filemanager
 
 
krautflare
krautflare
 
 
kubernetes
kubernetes
 
 
logrotate
logrotate
 
 
namespaces
namespaces
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

35c3ctf_chals

This repo contains both my challenges from the 35C3 CTF as well as my infrastructure scripts to deploy on kubernetes.

Challenges

  • filemanager: a web challenge in which you had to abuse Chrome's XSS Auditor as an xs-search side channel
  • krautflare: a Chrome exploitation challenge (v8) based on this bug
  • logrotate: a linux file race in a real tool using an insecure config
  • namespaces: a sandbox challenges based on Linux user namespaces

Infrastructure

You can find scripts to create a kubernetes cluster on GCE and deploy/update challenges with an optional proof-of-work in the kubernetes folder. See the README for details on how to use it.

Besides that, there's an XSS Bot based on chrome headless (puppeteer) in kubernetes/xss-bot. You can check out the filemanager challenge for an example on how to use it.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

14 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors 3

  •  
  •  
  •  

Languages