Vainqueurs, Remerciements et Rendez-vous à l'année prochaine!

[2018/11/23 12:02PM]

<center> <h4>Les organisateurs félicitent tout particulièrement les vainqueurs de l'épreuve mais remercient également l'ensemble des finalistes pour leur participation.</h4> <img src="/static/uploads/final/img01.jpg"> <br><br> <h4>Nous vous donnons rendez-vous pour l'édition 2019 qui réserve encore de belles surprises, de magnifiques lots et bien entendu des stages et embauches chez les partenaires Airbus et Thales.</h4> <br><br> <h4>La Région Bretagne, soutien indéfectible de cet évènement, se joint à ces remerciements.</h4> <img src="/static/uploads/final/img02.jpg"> <br><br> <img src="/static/uploads/final/img03.jpg" width="1000px"> </center> <br> <br> <style type="text/css"> .ensibs { background: #d6272885; border: 1px solid #fff; } .cryptis { background: #2ca02c85; border: 1px solid #fff; } .epita { background: #ff7f0e85; border: 1px solid #fff; } .supelec { background: #1f77b485; border: 1px solid #fff; } .imt { background: #bcbd2285; border: 1px solid #fff; } .mixte { background: #7f7f7f85; border: 1px solid #fff; } </style> <table> <tr> <td width="25%" class="ensibs"> <b>ENSIBS 1 - 1st (970pts)</b> <ul> <li><a href="/challenger/71" target="_blank">Areizen</a></li> <li><a href="/challenger/76" target="_blank">Creased</a></li> <li><a href="/challenger/109" target="_blank">ENOENT</a></li> </ul> </td> <td width="25%" class="ensibs"> <b>ENSIBS 2 - 2nd (795pts)</b> <ul> <li><a href="/challenger/101" target="_blank">Driikolu</a></li> <li><a href="/challenger/119" target="_blank">CYMS</a></li> <li><a href="/challenger/128" target="_blank">Slaynot</a></li> </ul> </td> <td width="25%" class="ensibs"> <b>ENSIBS 3 - 3rd (770pts)</b> <ul> <li><a href="/challenger/82" target="_blank">Shynoss</a></li> <li><a href="/challenger/186" target="_blank">Iptior</a></li> <li><a href="/challenger/193" target="_blank">_ACKNAK_</a></li> </ul> </td> <td width="25%" class="ensibs"> <b>ENSIBS 4 - 4th (690pts)</b> <ul> <li><a href="/challenger/80" target="_blank">Haax</a></li> <li><a href="/challenger/83" target="_blank">Gouz0u</a></li> <li><a href="/challenger/359" target="_blank">Tomtombinary</a></li> </ul> </td> </tr> <tr> <td class="mixte"> <b>Mixte 5 - 5th (635pts)</b> <ul> <li><a href="/challenger/8" target="_blank">tomh</a></li> <li><a href="/challenger/88" target="_blank">Zeecka</a></li> <li><a href="/challenger/451" target="_blank">EnergieADX5</a></li> </ul> </td> <td class="cryptis"> <b>Cryptis 1 - 6th (620pts)</b> <ul> <li><a href="/challenger/9" target="_blank">xMagass</a></li> <li><a href="/challenger/218" target="_blank">MattQTT</a></li> <li><a href="/challenger/423" target="_blank">LazySloth</a></li> </ul> </td> <td class="mixte"> <b>Mixte 2 - 7th (585pts)</b> <ul> <li><a href="/challenger/94" target="_blank">switch</a></li> <li><a href="/challenger/316" target="_blank">0xUKN</a></li> <li><a href="/challenger/385" target="_blank">GlaCiuS_</a></li> </ul> </td> <td class="epita"> <b>EPITA 1 - 8th (535pts)</b> <ul> <li><a href="/challenger/115" target="_blank">mudcam</a></li> <li><a href="/challenger/428" target="_blank">BEST CHANDIGARH N°1 FASTEST (ง •̀_•́)ง</a></li> <li><a href="/challenger/465" target="_blank">lu7</a></li> </ul> </td> </tr> <tr> <td class="supelec"> <b>CentraleSupélec - 9th (520pts)</b> <ul> <li><a href="/challenger/243" target="_blank">Guimoz</a></li> <li><a href="/challenger/355" target="_blank">Shaka</a></li> <li><a href="/challenger/357" target="_blank">rezatoune</a></li> </ul> </td> <td class="mixte"> <b>Mixte 4 - 10th (420pts)</b> <ul> <li><a href="/challenger/331" target="_blank">TraaaxX</a></li> <li><a href="/challenger/371" target="_blank">iheb</a></li> <li><a href="/challenger/487" target="_blank">maro</a></li> </ul> </td> <td class="mixte"> <b>Mixte 1 - 11th (360pts)</b> <ul> <li><a href="/challenger/22" target="_blank">vic511</a></li> <li><a href="/challenger/77" target="_blank">Tosh</a></li> <li><a href="/challenger/201" target="_blank">yohboy</a></li> </ul> </td> <td class="mixte"> <b>Mixte 3 - 12th (245pts)</b> <ul> <li><a href="/challenger/74" target="_blank">DanAurea</a></li> <li><a href="/challenger/103" target="_blank">ktelix</a></li> <li><a href="/challenger/452" target="_blank">GovanifY</a></li> </ul> </td> </tr> <tr> <td class="imt"> <b>IMT Lille Douai - 13th (210pts)</b> <ul> <li><a href="/challenger/19" target="_blank">MysteryDash</a></li> <li><a href="/challenger/27" target="_blank">Major_Tom</a></li> <li><a href="/challenger/31" target="_blank">Shutdown</a></li> </ul> </td> <td class="cryptis"> <b>Cryptis 2 - 14th (160 pts)</b> <ul> <li><a href="/challenger/21" target="_blank">Chackal</a></li> <li><a href="/challenger/47" target="_blank">midoo</a></li> <li><a href="/challenger/365" target="_blank">Brok</a></li> </ul> </td> <td class="epita"> <b>EPITA 2 - 15th (110pts)</b> <ul> <li><a href="/challenger/217" target="_blank">passil_t</a></li> <li><a href="/challenger/219" target="_blank">Florian</a></li> <li><a href="/challenger/352" target="_blank">Hary</a></li> </ul> </td> <td class="cryptis"> <b>Cryptis 3 - 16th (110pts)</b> <ul> <li><a href="/challenger/79" target="_blank">Batebates</a></li> <li><a href="/challenger/220" target="_blank">sheetland</a></li> <li><a href="/challenger/235" target="_blank">GOHZR</a></li> </ul> </td> </tr> </table>

Annoucement: Finals

[2018/10/31 02:12PM]

<h3><center>Finalist Teams:</center></h3> <style type="text/css"> .ensibs { background: #d6272885; border: 1px solid #fff; } .cryptis { background: #2ca02c85; border: 1px solid #fff; } .epita { background: #ff7f0e85; border: 1px solid #fff; } .supelec { background: #1f77b485; border: 1px solid #fff; } .imt { background: #bcbd2285; border: 1px solid #fff; } .mixte { background: #7f7f7f85; border: 1px solid #fff; } </style> <table> <tr> <td width="25%" class="ensibs"> <b>ENSIBS 1</b> <ul> <li><a href="/challenger/71" target="_blank">Areizen</a></li> <li><a href="/challenger/76" target="_blank">Creased</a></li> <li><a href="/challenger/109" target="_blank">ENOENT</a></li> </ul> </td> <td width="25%" class="ensibs"> <b>ENSIBS 2</b> <ul> <li><a href="/challenger/101" target="_blank">Driikolu</a></li> <li><a href="/challenger/119" target="_blank">CYMS</a></li> <li><a href="/challenger/128" target="_blank">Slaynot</a></li> </ul> </td> <td width="25%" class="ensibs"> <b>ENSIBS 3</b> <ul> <li><a href="/challenger/82" target="_blank">Shynoss</a></li> <li><a href="/challenger/186" target="_blank">Iptior</a></li> <li><a href="/challenger/193" target="_blank">_ACKNAK_</a></li> </ul> </td> <td width="25%" class="ensibs"> <b>ENSIBS 4</b> <ul> <li><a href="/challenger/80" target="_blank">Haax</a></li> <li><a href="/challenger/83" target="_blank">Gouz0u</a></li> <li><a href="/challenger/359" target="_blank">Tomtombinary</a></li> </ul> </td> </tr> <tr> <td class="cryptis"> <b>Cryptis 1</b> <ul> <li><a href="/challenger/9" target="_blank">xMagass</a></li> <li><a href="/challenger/218" target="_blank">MattQTT</a></li> <li><a href="/challenger/423" target="_blank">LazySloth</a></li> </ul> </td> <td class="cryptis"> <b>Cryptis 2</b> <ul> <li><a href="/challenger/21" target="_blank">Chackal</a></li> <li><a href="/challenger/47" target="_blank">midoo</a></li> <li><a href="/challenger/365" target="_blank">Brok</a></li> </ul> </td> <td class="cryptis"> <b>Cryptis 3</b> <ul> <li><a href="/challenger/79" target="_blank">Batebates</a></li> <li><a href="/challenger/220" target="_blank">sheetland</a></li> <li><a href="/challenger/235" target="_blank">GOHZR</a></li> </ul> </td> <td class="epita"> <b>EPITA 1</b> <ul> <li><a href="/challenger/115" target="_blank">mudcam</a></li> <li><a href="/challenger/428" target="_blank">BEST CHANDIGARH N°1 FASTEST (ง •̀_•́)ง</a></li> <li><a href="/challenger/465" target="_blank">lu7</a></li> </ul> </td> </tr> <tr> <td class="epita"> <b>EPITA 2</b> <ul> <li><a href="/challenger/217" target="_blank">passil_t</a></li> <li><a href="/challenger/219" target="_blank">Florian</a></li> <li><a href="/challenger/352" target="_blank">Hary</a></li> </ul> </td> <td class="supelec"> <b>CentraleSupélec</b> <ul> <li><a href="/challenger/243" target="_blank">Guimoz</a></li> <li><a href="/challenger/355" target="_blank">Shaka</a></li> <li><a href="/challenger/357" target="_blank">rezatoune</a></li> </ul> </td> <td class="imt"> <b>IMT Lille Douai</b> <ul> <li><a href="/challenger/19" target="_blank">MysteryDash</a></li> <li><a href="/challenger/27" target="_blank">Major_Tom</a></li> <li><a href="/challenger/31" target="_blank">Shutdown</a></li> </ul> </td> <td class="mixte"> <b>Mixte 1</b> <ul> <li><a href="/challenger/22" target="_blank">vic511</a></li> <li><a href="/challenger/77" target="_blank">Tosh</a></li> <li><a href="/challenger/201" target="_blank">yohboy</a></li> </ul> </td> </tr> <tr> <td class="mixte"> <b>Mixte 2</b> <ul> <li><a href="/challenger/94" target="_blank">switch</a></li> <li><a href="/challenger/316" target="_blank">0xUKN</a></li> <li><a href="/challenger/385" target="_blank">GlaCiuS_</a></li> </ul> </td> <td class="mixte"> <b>Mixte 3</b> <ul> <li><a href="/challenger/74" target="_blank">DanAurea</a></li> <li><a href="/challenger/103" target="_blank">ktelix</a></li> <li><a href="/challenger/452" target="_blank">GovanifY</a></li> </ul> </td> <td class="mixte"> <b>Mixte 4</b> <ul> <li><a href="/challenger/331" target="_blank">TraaaxX</a></li> <li><a href="/challenger/371" target="_blank">iheb</a></li> <li><a href="/challenger/487" target="_blank">maro</a></li> </ul> </td> <td class="mixte"> <b>Mixte 5</b> <ul> <li><a href="/challenger/8" target="_blank">tomh</a></li> <li><a href="/challenger/88" target="_blank">Zeecka</a></li> <li><a href="/challenger/451" target="_blank">EnergieADX5</a></li> </ul> </td> </tr> </table>

Announcement: End of Pre-selection 2018

[2018/10/21 09:02PM]

<center> <hr> # **The Pre-selection for the European Cyber Week Capture The Flag 2018 is now over!** <hr> **We'd like to thank all the challengers who participated in this pre-selection!** *The team making phase for the final of November 21, 2018 will begin in the course of the week.* *Organizers will contact by e-mail all challengers, starting from the best ranked, until 16 teams of 3 challengers are made (by schools teams first, then mixed teams).* **See you in final!** </center>

Announcement: L0stInreverse!

[2018/10/19 08:06PM]

__L0stInreverse__ challenge accepts multiple solutions (a lot actually). The one accepted as the valid Flag has a sha384 hash starting with _c62_.

Announcement: Second challenge update!

[2018/10/15 06:52PM]

### New challenge * __SysIA__: An easy good old PHP challenge ;) ### New hints/mini-challenges * __Intrusion (hint)__: A hint and a challenge? What more can you ask for? * __DroneWars (hint)__ _x2_: More hints in easy challenges of course! _By the way: No speed award for these ones ;)_ ### A last hint for today * __CryptoBootLoader__: _A friend informs you that extracted files can be used to boot a system without asking for a password in the boot sequence. The encryption keys are probably contained in these files. In particular the **MLO** file is a standard file that calls the image **u-boot.img** which seems non-standard. Presumably the u-boot image relies on information removed from an **env** file to decipher the **zimage** (kernel image), the **dtb** (hardware-related parameters that are passed to the kernel) as well as the **ramdisk** (file system) to complete the boot sequence._

Announcement: New challenges hints

[2018/10/11 07:33PM]

During the week we received several requests for information and precision on certain challenges. For the sake of fairness to all participants here is a summary of these hints: * __DroneWars (3/3)__: Keep in mind the challenge statement; Similar to the first step, the Flag must be recomposed from a stream ... a much less standard stream than the first one ;) * __Intrusion__: The Flags are arranged to validate the progress of the intrusion scenario: a _successful **bypass**_ (1), _the **access** to some kind of **remote execution**_ (2) and finally a _successful **privilege escalation**_ (4). As mentioned in the statement, the third flag is placed on a mandatory passage to reach the Flag 4 and complete the challenge. * __MyWishedYourGoal__: The first three Flags for this challenge are not hashes; We are looking here for characteristic values **such as** a **particular** registry key that the binary would check during its execution... _(edited 2018/10/12, 8:04PM)_

Annoucement: Registration and validation

[2018/10/09 12:27PM]

General guidelines for registering and getting your account validated for the challenge: * Use your student email address (we need to check you are currently a student) * Submit real first_name etc. (if you dont want to play the game we will not validate you) * Validation is manual and may take a little time. You can contact us by e-mail if you have questions or if you encounter problems

Announcement: DroneWars precisions

[2018/10/08 07:25PM]

The challenge DroneWars is initially the assembly of two challenges: * A first with two flags based on the capture.wav file (so DroneWars 1/3 and 2/3) * A second one based only on the file in the zip archive (DroneWars 3/3) The _"first challenge"_ is progressive, the second step depends on the first while the _"second challenge"_ is achievable independently. **TLDR**: DroneWars (1/3) and DroneWars (2/3) are linked, DroneWars (3/3) is independent.

Announcement: Challenge quickfix

[2018/10/07 11:22PM]

### Erratum * __Chatbot__: Libraries provided as an help for the challenge were incorrect, thanks to @Major_Tom for reporting :)

Announcement: First challenge update!

[2018/10/07 10:43AM]

### General * All flags are formatted as _ECW{&lt;hash&gt;}_ excepted: 1. __EscapeGame__: Format is a combination of numbers (_1-2-3-4-5-6-7-8-9-..._ **without** the _ECW{_ prefix and _}_ suffix) 2. __MywishesYourGoal__: Format is _ECW{&lt;keyword&gt;}_ * Flags are case insensitive (<i>ecw{abcd...} </i> is the same as <i>ECW{AbCd...}</i>) * Submitting a wrong flag twice (or more) won't make it valid! * No brute-forcing for flags ; Flags are usually very noticeable once you find them * __No automated tool will help you__ (DirBuster, Nikto, sqlmap etc.) ### Challenges tips * __AdmYSsion__: This challenge resolution may require you to code a small tool * __Troll.JSP__: The first flag is obviously not the real flag ;) * __Intrusion__: This is not a standard web challenge at all, _think outside of the box_ * __MyWishesYourGoal__: Archive password is _infected_, just like the usage for transmitting a malware ;) * __MyWishesYourGoal__: Just like a real malware some steps will require a short brute-force to find the flag (on the binary, not the website!) * __Chatbot__: Linux binary running with some memory protections ;) * __Chatbot__: Hints provided are libc.so.6 and libpthread.so.0 (easier to exploit now) * __DroneWars__: If you have flag1 you have all you need for flag2, all you need to guess is what this data means... * __DroneWars__: Second capture is long to understand but not very complex to decode ; Flag is once again very visual ;) ### Other * _More challenges **may** be added later..._