djm89uk

Programming challenges.

Root-Me

Root-Me is a non-profit organization which goal is to promote the spread of knowledge related to hacking and information security. They host over 400 challenges across 11 sub-disciplines.

Statistics

  1. Score: 2800
  2. Challenges: 152
  3. Ranking 2467

Contents

Root-Me | Home

Root-Me App - Script (6/28)

  1. Bash - System 1 ๐Ÿ—ธ
  2. sudo - weak configuration ๐Ÿ—ธ
  3. Bash - System 2 ๐Ÿ—ธ
  4. LaTeX - Input
  5. Powershell - Command Injection
  6. Bash - unquoted expression injection
  7. Perl - Command injection ๐Ÿ—ธ
  8. Powershell - SecureString
  9. Bash - cron ๐Ÿ—ธ
  10. LaTeX - Command execution
  11. Python - input() ๐Ÿ—ธ
  12. Bash - quoted expression injection
  13. Bash - race condition
  14. Powershell - Basic jail
  15. Python - pickle
  16. Shared Objects hijacking
  17. SSH - Agent Hijacking
  18. Python - format string
  19. Python - PyJail
  20. PHP - Jail
  21. Python - PyJail
  22. Python - Jail - Exec
  23. Javascript - Jail
  24. Python - Jail - Garbage collector
  25. Bash - Restricted shells

Root-Me | Home

Root-Me App - System (7/83)

  1. ELF x86 - Stack buffer overflow basic 1 ๐Ÿ—ธ
  2. ELF x86 - Stack buffer overflow basic 2 ๐Ÿ—ธ
  3. PE32 - Stack buffer overflow basic ๐Ÿ—ธ
  4. ELF x86 - Format string bug basic 1 ๐Ÿ—ธ
  5. ELF x64 - Stack buffer overflow - basic ๐Ÿ—ธ
  6. ELF x86 - Format string bug basic 2 ๐Ÿ—ธ
  7. ELF x86 - Race condition ๐Ÿ—ธ
  8. ELF ARM - Stack buffer overflow - basic
  9. ELF MIPS - Stack buffer overflow - No NX
  10. ELF x64 - Double free
  11. ELF x86 - Stack buffer overflow basic 3
  12. ELF x86 - Use After Free - basic
  13. ELF ARM - Stack Spraying
  14. ELF x64 - Stack buffer overflow - PIE
  15. ELF x86 - BSS buffer overflow
  16. ELF x86 - Stack buffer overflow basic 4
  17. ELF x86 - Stack buffer overflow basic 6
  18. ELF x86 - Format String Bug Basic 3
  19. PE32 - Advanced stack buffer overflow
  20. ELF ARM - Basic ROP
  21. ELF MIPS - Basic ROP
  22. ELF x86 - Stack buffer overflow - C++ vtables
  23. PE32+ Format string bug
  24. ELF x64 - Logic bug
  25. ELF x86 - Bug Hunting - Several issues
  26. ELF x86 - Stack buffer and integer overflow
  27. ELF x86 - Stack buffer overflow - ret2dl_resolve
  28. ELF x86 - Stack buffer overflow basic 5
  29. ELF x64 - Stack buffer overflow - advanced
  30. ELF MIPS - Format String Glitch
  31. ELF x64 - Heap Filling
  32. ELF x86 - Information leakage with Stack Smashing Protector
  33. ELF x64 - File Structure Hacking
  34. ELF ARM - Race condition
  35. ELF x64 - Browser exploit - Intro
  36. ELF x64 - Heap Safe-Linking Bypass
  37. ELF x64 - ret2dl_init
  38. ELF x86 - Out of bounds attack - French Paradox
  39. ELF x86 - Remote BSS buffer overflow
  40. ELF x86 - Remote Format String bug
  41. PE32+ Basic ROP
  42. ELF x64 - Remote heap buffer overflow - fastbin
  43. ELF x86 - Blind remote format string bug
  44. LinKern ARM - vulnerable syscall
  45. LinKern x86 - Buffer overflow basic 1
  46. LinKern x86 - Null pointer dereference
  47. LinKern x64 - Race condition
  48. ELF ARM - Alphanumeric shellcode
  49. ELF MIPS - URLEncoded Format String bug
  50. ELF x86 - Hardened binary 1
  51. ELF x86 - Hardened binary 2
  52. ELF x86 - Hardened binary 3
  53. ELF x86 - Hardened binary 4
  54. LinKern MIPSel - Vulnerable ioctl
  55. LinKern x64 - reentrant code
  56. ELF ARM - Heap format string bug
  57. ELF x64 - Sigreturn Oriented Programming
  58. ELF ARM - Format String bug
  59. ELF ARM - Use After Free
  60. ELF x64 - FILE structure hijacking
  61. ELF x64 - Heap feng-shui
  62. ELF x64 - Off-by-one bug
  63. ELF x86 - Hardened binary 5
  64. LinKern ARM - Stack Overflow
  65. LinKern x86 - basic ROP
  66. ELF ARM - Heap Off-by-One
  67. ELF x64 - Remote Heap buffer overflow 1
  68. ELF x86 - Hardened binary 6
  69. ELF x86 - Hardened binary 7
  70. ELF x86 - Remote stack buffer overflow - Hardened
  71. LinKern x64 - RowHammer
  72. LinKern x64 - SLUB off-by-one
  73. ELF ARM - Heap buffer overflow - Wilderness
  74. ELF ARM - Heap Overflow
  75. ELF x64 - Seccomp Whitelist
  76. ELF x86 - Blind ROP
  77. Linkern x64 - Memory exploration
  78. WinKern x64 - Advanced stack buffer overflow - ROP
  79. WinKern x64 - Use After Free
  80. ELF x64 - Remote Heap buffer overflow 2
  81. ELF x64 - Advanced Heap Exploitation - Heap Leakless & Fortified
  82. ELF x64 - Blind ROP
  83. ELF x64 - Browser exploit - BitString

Root-Me | Home

Root-Me Cracking (10/46)

  1. ELF x86 - 0 protection ๐Ÿ—ธ
  2. ELF x86 - Basic ๐Ÿ—ธ
  3. PE x86 - 0 protection ๐Ÿ—ธ
  4. ELF C++ - 0 protection ๐Ÿ—ธ
  5. PE DotNet - 0 protection ๐Ÿ—ธ
  6. ELF MIPS - Basic Crackme ๐Ÿ—ธ
  7. ELF x64 - Golang basic ๐Ÿ—ธ
  8. ELF x86 - Fake Instructions ๐Ÿ—ธ
  9. ELF x86 - Ptrace ๐Ÿ—ธ
  10. WASM - Introduction
  11. ELF ARM - Basic Crackme
  12. ELF x64 - Basic KeygenMe
  13. PE DotNet - Basic Anti-Debug
  14. PE DotNet - Basic Crackme
  15. PYC - ByteCode
  16. ELF x86 - No software breakpoints
  17. Lua - Bytecode
  18. MachO x64 - keygenme or not
  19. ELF ARM - crackme 1337
  20. ELF x86 - CrackPass ๐Ÿ—ธ
  21. ELF x86 - ExploitMe
  22. ELF x86 - Random Crackme
  23. GB - Basic GameBoy crackme
  24. PDF - Javascript
  25. PE x86 - Xor Madness
  26. ELF ARM - Crypted
  27. ELF x64 - Crackme automating
  28. PE x86 - SEHVEH
  29. Powershell DeObfuscation
  30. APK - Anti-debug
  31. ELF x64 - Nanomites - Introduction
  32. ELF x86 - Anti-debug
  33. PE DotNet - KeygenMe
  34. PE x86 - AutoPE
  35. ELF x86 - KeygenMe
  36. WASM - Find the NPC
  37. Bash - VM
  38. ELF x64 - KeyGenMe
  39. ELF x64 - Anti-debug and equations
  40. ELF x64 - Nanomites
  41. ELF x86 - Packed
  42. PE x86 - RunPE
  43. ELF x86 - VM
  44. ELF x64 - Hidden Control Flow
  45. Ringgit
  46. White-Box Cryptography #2

Root-Me | Home

Root-Me Cryptanalysis (27/60)

  1. Encoding - ASCII ๐Ÿ—ธ
  2. Encoding - UU ๐Ÿ—ธ
  3. Hash - DCC ๐Ÿ—ธ
  4. Hash - DCC2 ๐Ÿ—ธ
  5. Hash - LM ๐Ÿ—ธ
  6. Hash - Message Digest 5 ๐Ÿ—ธ
  7. Hash - NT ๐Ÿ—ธ
  8. Hash - SHA-2 ๐Ÿ—ธ
  9. Shift cipher ๐Ÿ—ธ
  10. CISCO - Salted Password ๐Ÿ—ธ
  11. Pixel Madness ๐Ÿ—ธ
  12. ELF64 - PID encryption ๐Ÿ—ธ
  13. File - PKZIP ๐Ÿ—ธ
  14. Monoalphabetic substitution - Caesar ๐Ÿ—ธ
  15. Known plaintext - XOR ๐Ÿ—ธ
  16. Code - Pseudo Random Number Generator ๐Ÿ—ธ
  17. File - Insecure storage 1 ๐Ÿ—ธ
  18. Polyalphabetic substitution - Vigenรจre ๐Ÿ—ธ
  19. System - Android lock pattern ๐Ÿ—ธ
  20. Transposition - Rail Fence ๐Ÿ—ธ
  21. AES - CBC - Bit-Flipping Attack
  22. AES - ECB ๐Ÿ—ธ
  23. LFSR - Known plaintext ๐Ÿ—ธ
  24. RSA - Factorisation ๐Ÿ—ธ
  25. RSA - Decipher Oracle
  26. Service - Timing attack ๐Ÿ—ธ
  27. Monoalphabetic substitution - Polybe ๐Ÿ—ธ
  28. Twisted secret
  29. Initialisation Vector ๐Ÿ—ธ
  30. GEDEFU
  31. OTP - Implementation error
  32. RSA - Corrupted key 1
  33. RSA - Continued fractions
  34. RSA - Common modulus ๐Ÿ—ธ
  35. Service - Hash length extension attack
  36. AES - 4 Rounds
  37. ECDSA - Introduction
  38. RSA - Padding
  39. RSA - Signature
  40. AES128 - CTR
  41. Discrete logarithm problem
  42. RSA - Corrupted key 2
  43. RSA - Corrupted key 3
  44. RSA - Multiple recipients
  45. AES - Fault attack #1
  46. Enigma Machine
  47. ECDHE
  48. RSA - Lee cooper
  49. Service - CBC Padding
  50. Polyalphabetic substitution - One Time Pad
  51. White-Box Cryptography
  52. AES - Weaker variant
  53. Hash - SHA-3
  54. AES - Fault attack #2
  55. AES-PMAC
  56. ECDSA - Implementation error

Root-Me | Home

Root-Me Forensic (9/28)

  1. Command & Control - level 2 ๐Ÿ—ธ
  2. Logs analysis - web attack ๐Ÿ—ธ
  3. Command & Control - level 5 ๐Ÿ—ธ
  4. Find the cat ๐Ÿ—ธ
  5. Ugly Duckling ๐Ÿ—ธ
  6. Active Directory - GPO ๐Ÿ—ธ
  7. Command & Control - level 3 ๐Ÿ—ธ
  8. DNS exfiltration
  9. Command & Control - level 4 ๐Ÿ—ธ
  10. Job interview
  11. Homemade keylogger
  12. macOS - Keychain
  13. Malicious Word macro
  14. Ransomware Android
  15. Insomniโ€™Droid
  16. iOS - Introduction
  17. Multi-devices
  18. Root My Droid
  19. Rootkit - Cold case
  20. Command & Control - level 6 ๐Ÿ—ธ
  21. Find me
  22. Second job interview
  23. Find me again
  24. Find me back
  25. Find me on Android
  26. Zeus Bot
  27. Try again
  28. The Lost Case - Mobile Investigation

Root-Me | Home

Root-Me Network (18/26)

  1. FTP - authentication ๐Ÿ—ธ
  2. TELNET - authentication ๐Ÿ—ธ
  3. ETHERNET - frame ๐Ÿ—ธ
  4. Twitter authentication ๐Ÿ—ธ
  5. Bluetooth - Unknown file ๐Ÿ—ธ
  6. CISCO - password ๐Ÿ—ธ
  7. DNS - zone transfert ๐Ÿ—ธ
  8. IP - Time To Live ๐Ÿ—ธ
  9. LDAP - null bind ๐Ÿ—ธ
  10. POP - APOP ๐Ÿ—ธ
  11. RF - AM Transmission ๐Ÿ—ธ
  12. RF - FM Transmission ๐Ÿ—ธ
  13. SIP - authentication ๐Ÿ—ธ
  14. ETHERNET - Patched transmission ๐Ÿ—ธ
  15. Global System Traffic for Mobile communication ๐Ÿ—ธ
  16. HTTP - DNS Rebinding
  17. RF - Key Fixed Code ๐Ÿ—ธ
  18. SSL - HTTP exchange ๐Ÿ—ธ
  19. Netfilter - common mistakes
  20. SNMP - Authentification ๐Ÿ—ธ
  21. Wired Equivalent Privacy
  22. ICMP payload
  23. RIPv1 - no authentication
  24. XMPP - authentication
  25. RF - Satellite transmission

Root-Me | Home

Root-Me Programming (8/18)

  1. IRC - Go back to college ๐Ÿ—ธ
  2. IRC - Encoded string ๐Ÿ—ธ
  3. IRC - The Romanโ€™s wheel ๐Ÿ—ธ
  4. IRC - Uncompress me ๐Ÿ—ธ
  5. CAPTCHA me if you can ๐Ÿ—ธ
  6. Ethereum - Tutoreum
  7. Arithmetic progression ๐Ÿ—ธ
  8. ELF x64 - Shellcoding - Sheep warmup
  9. Ethereum - Takeover
  10. Various encodings ๐Ÿ—ธ
  11. ARM - Shellcoding - Egg hunter
  12. Ethereum - NotSoPriv8
  13. ELF x64 - Shellcoding - Polymorphism
  14. Quick Response Code ๐Ÿ—ธ
  15. WinKern x64 - shellcoding : token stealing
  16. Ethereum - BadStack
  17. ELF x64 - Sandbox shellcoding
  18. ELF x86 - Shellcoding - Alphanumeric

Root-Me | Home

Root-Me Realist (1/44)

  1. It happens, sometimes ๐Ÿ—ธ
  2. P0wn3d
  3. The h@ckers l4b
  4. Neonazi inside
  5. Well-known
  6. Bash/Awk - netstat parsing
  7. Breaking Root-Me like itโ€™s 2020
  8. PyRat Auction
  9. Root them
  10. IPBX - call me maybe
  11. Marabout
  12. Root-We
  13. Starbug Bounty
  14. Ultra Upload
  15. A bittersweet shellfony
  16. Bash - System Disaster
  17. Imagick
  18. MALab
  19. SSHocker
  20. Web TV
  21. SamBox v2
  22. SamCMS
  23. BBQ Factory - First Flirt
  24. Django unchained
  25. Getting root Over it!
  26. Texode
  27. BBQ Factory - Back To The Grill
  28. In Your Kubernetass
  29. DjangocatZ
  30. SamBox v1
  31. SAP Pentest 007
  32. Crypto Secure
  33. Bozobe Hospital
  34. Red Pills
  35. SamBox v3
  36. ARM FTP Box
  37. SAP Pentest 000
  38. Texode Back
  39. Bluebox 2 - Pentest
  40. Nodeful
  41. Bluebox - Pentest
  42. Highway to shell
  43. SamBox v4

Root-Me | Home

Root-Me Steganography (17/23)

  1. Gunnm ๐Ÿ—ธ
  2. Squared ๐Ÿ—ธ
  3. Dot and next line ๐Ÿ—ธ
  4. Steganomobile ๐Ÿ—ธ
  5. Twitter Secret Messages ๐Ÿ—ธ
  6. Some noise ๐Ÿ—ธ
  7. George and Alfred ๐Ÿ—ธ
  8. Poem from Space ๐Ÿ—ธ
  9. Yellow dots ๐Ÿ—ธ
  10. Audio stegano ๐Ÿ—ธ
  11. Mimic - Dummy sight
  12. We need to go deeper ๐Ÿ—ธ
  13. APNG - Just A PNG ๐Ÿ—ธ
  14. Base Jumper ๐Ÿ—ธ
  15. ELF x64 - Duality
  16. Hide and seek
  17. PDF Object ๐Ÿ—ธ
  18. Angecryption
  19. Kitty spy ๐Ÿ—ธ
  20. LSB - Uncle Scrooge ๐Ÿ—ธ ๐Ÿ—ธ
  21. Pixel Indicator Technique
  22. Pixel Value Differencing
  23. Crypt-art ๐Ÿ—ธ

Root-Me | Home

Root-Me Web - Client (9/33)

  1. HTML - disabled buttons ๐Ÿ—ธ
  2. Javascript - Authentication ๐Ÿ—ธ
  3. Javascript - Source ๐Ÿ—ธ
  4. Javascript - Authentication 2 ๐Ÿ—ธ
  5. Javascript - Obfuscation 1 ๐Ÿ—ธ
  6. Javascript - Obfuscation 2 ๐Ÿ—ธ
  7. Javascript - Native code ๐Ÿ—ธ
  8. Javascript - Webpack ๐Ÿ—ธ
  9. Javascript - Obfuscation 3 ๐Ÿ—ธ
  10. Web Socket - 0 protection
  11. XSS - Stored 1
  12. CSP Bypass - Inline code
  13. CSRF - 0 protection
  14. XSS DOM Based - Introduction
  15. Flash - Authentication
  16. XSS DOM Based - AngularJS
  17. XSS DOM Based - Eval
  18. CSP Bypass - Dangling markup
  19. CSP Bypass - JSONP
  20. CSRF - token bypass
  21. XSS - Reflected
  22. CSP Bypass - Dangling markup 2
  23. Javascript - Obfuscation 4
  24. XSS - Stored 2
  25. XSS DOM Based - Filters Bypass
  26. HTTP Response Splitting
  27. Javascript - Obfuscation 5
  28. XSS - Stored - filter bypass
  29. XSS - DOM Based

Root-Me | Home

Root-Me Web - Server (40/74)

  1. HTML - Source code ๐Ÿ—ธ
  2. HTTP - IP restriction bypass ๐Ÿ—ธ
  3. HTTP - Open redirect ๐Ÿ—ธ
  4. HTTP - User-agent ๐Ÿ—ธ
  5. Weak password ๐Ÿ—ธ
  6. PHP - Command injection ๐Ÿ—ธ
  7. Backup file ๐Ÿ—ธ
  8. HTTP - Directory indexing ๐Ÿ—ธ
  9. HTTP - Headers ๐Ÿ—ธ
  10. HTTP - POST ๐Ÿ—ธ
  11. HTTP - Improper redirect ๐Ÿ—ธ
  12. HTTP - Verb tampering ๐Ÿ—ธ
  13. Install files ๐Ÿ—ธ
  14. CRLF ๐Ÿ—ธ
  15. File upload - Double extensions ๐Ÿ—ธ
  16. File upload - MIME type ๐Ÿ—ธ
  17. HTTP - Cookies ๐Ÿ—ธ
  18. Insecure Code Management ๐Ÿ—ธ
  19. JSON Web Token (JWT) - Introduction ๐Ÿ—ธ
  20. Directory traversal ๐Ÿ—ธ
  21. File upload - Null byte ๐Ÿ—ธ
  22. JSON Web Token (JWT) - Weak secret ๐Ÿ—ธ
  23. JWT - Revoked token ๐Ÿ—ธ
  24. PHP - assert() ๐Ÿ—ธ
  25. PHP - Filters ๐Ÿ—ธ
  26. PHP - register globals ๐Ÿ—ธ
  27. PHP - Remote Xdebug
  28. Python - Server-side Template Injection Introduction
  29. File upload - ZIP
  30. Command injection - Filter bypass
  31. Java - Server-side Template Injection ๐Ÿ—ธ
  32. JSON Web Token (JWT) - Public key
  33. Local File Inclusion ๐Ÿ—ธ
  34. Local File Inclusion - Double encoding ๐Ÿ—ธ
  35. Node - Eval
  36. PHP - Loose Comparison
  37. PHP - preg_replace() ๐Ÿ—ธ
  38. PHP - type juggling ๐Ÿ—ธ
  39. Remote File Inclusion ๐Ÿ—ธ
  40. SQL injection - Authentication ๐Ÿ—ธ
  41. SQL injection - Authentication - GBK
  42. SQL injection - String ๐Ÿ—ธ
  43. XSLT - Code execution
  44. LDAP injection - Authentication ๐Ÿ—ธ
  45. Node - Serialize
  46. NodeJS - Prototype Pollution Bypass
  47. NoSQL injection - Authentication
  48. PHP - Path Truncation
  49. PHP - Serialization
  50. SQL injection - Numeric ๐Ÿ—ธ
  51. SQL Injection - Routed ๐Ÿ—ธ
  52. SQL Truncation
  53. XML External Entity
  54. XPath injection - Authentication
  55. Yaml - Deserialization
  56. GraphQL
  57. Java - Spring Boot
  58. Local File Inclusion - Wrappers
  59. PHP - Eval
  60. PHP - Unserialize overflow
  61. SQL injection - Error ๐Ÿ—ธ
  62. SQL injection - Insert
  63. SQL injection - File reading ๐Ÿ—ธ
  64. XPath injection - String
  65. NoSQL injection - Blind
  66. SQL injection - Time based ๐Ÿ—ธ
  67. NodeJS - vm escape
  68. Server Side Request Forgery
  69. SQL injection - Blind
  70. LDAP injection - Blind
  71. PHP - Unserialize Pop Chain
  72. Python - Blind SSTI Filters Bypass
  73. XPath injection - Blind
  74. SQL injection - Filter bypass

Root-Me | Home

This page was last updated April 22.

djm89uk homepage