README.md

42-SnowCrash

This project is an introduction to information security. The goal is to find and exploit vulnerabilities throughout the different levels.

We're given a vulnerable ISO on which we need to find 14 flags. The process is simple: we connect as levelXX and we need to find a way to connect as flagXX and execute getflag or execute is as flagXX directly to move onto the next level.

Breakdown

Level	Ressources	Exploit
00	Caesar cipher	Reverse Simple Cipher
01	Unix user format	John the Ripper
02	scp | Wireshark | PCAP format | ASCII Table	Packet Sniffing
03	ltrace | system | $PATH	Privileges escalation
04	URL escaping	Shell injection
05	cron | UNIX mail system	Privileges escalation
06	Regular Expressions | PHP curly syntax	Arbitrary code execution
07	Environment variables	Shell injection
08	Symbolic links	Privileges escalation
09	scp	Reverse Simple Cipher
10	netcat	Time to check to time of use
11	netcat	Shell injection
12	egrep	Arbitrary code execution
13	Shared object libraries | Position independant code | Setuid bit | LD_PRELOAD	Privileges escalation
14	gdb | ptrace | x86 Assembly instruction list	Arbitrary code execution