Roll your own Security
Challenges covered in this chapter
Challenge
Difficulty
Find the hidden easter egg.
⭐⭐⭐⭐
Access a developer's forgotten backup file.
⭐⭐⭐⭐
Access a misplaced SIEM signature file.
⭐⭐⭐⭐
Wherever you go, there you are.
⭐⭐⭐⭐
Submit 10 or more customer feedbacks within 10 seconds.
⭐⭐⭐⭐⭐
Find the hidden easter egg
An Easter egg is an intentional inside joke, hidden message, or feature in an interactive work such as a computer program, video game or DVD menu screen. The name is used to evoke the idea of a traditional Easter egg hunt.
Hints
If you solved one of the other four file access challenges, you
already know where the easter egg is located
Simply reuse the trick that already worked for the files above
When you open the easter egg file, you might be a little disappointed, as the developers taunt you about not having found the real easter egg! Of course finding that is a follow-up challenge to this one.
Access a developer's forgotten backup file
During an emergency incident and the hotfix that followed, a developer accidentally pasted an application configuration file into the wrong place. Downloading this file will not only solve the Access a developer's forgotten backup file challenge but might also prove crucial in several other challenges later on.
Hints
Analyze and tamper with links in the application that deliver a file
directly.
The file is not directly accessible because a security mechanism
prevents access to it.
You need to trick the security mechanism into thinking that the file
has a valid file type.
For this challenge there is only one approach to pull this trick.
Access a misplaced SIEM signature file.
Security information and event management (SIEM) technology supports threat detection and security incident response through the real-time collection and historical analysis of security events from a wide variety of event and contextual data sources. It also supports compliance reporting and incident investigation through analysis of historical data from these sources. The core capabilities of SIEM technology are a broad scope of event collection and the ability to correlate and analyze events across disparate sources.
The misplaced signature file is actually a rule file for Sigma, a generic signature format for SIEM systems:
Sigma is a generic and open signature format that allows you to describe relevant log events in a straight forward manner. The rule format is very flexible, easy to write and applicable to any type of log file. The main purpose of this project is to provide a structured form in which researchers or analysts can describe their once developed detection methods and make them shareable with others.
Sigma is for log files what Snort is for network traffic and YARA is for files.
Hints
If you solved one of the other four file access challenges, you
already know where the SIEM signature file is located
Simply reuse the trick that already worked for the files above
Wherever you go, there you are
This challenge is undoubtedly the one with the most ominous description. It is actually a quote from the computer game Diablo, which is shown on screen when the player activates a Holy Shrine. The shrine casts the spell Phasing on the player, which results in teleportation to a random location.
By now you probably made the connection: This challenge is about redirecting to a different location.
Hints
You can find several places where redirects happen in the E. Corp Shop
The application will only allow you to redirect to whitelisted URLs
Tampering with the redirect mechanism might give you some valuable
information about how it works under to hood
White list validation involves defining exactly what is authorized, and by definition, everything else is not authorized.
Submit 10 or more customer feedbacks within 10 seconds
🔧 TODO
Hints
🔧 TODO
Last updated