# Roll your own Security ## Challenges covered in this chapter | Challenge | Difficulty | | ------------------------------------------------------- | ---------- | | Find the hidden easter egg. | ⭐⭐⭐⭐ | | Access a developer's forgotten backup file. | ⭐⭐⭐⭐ | | Access a misplaced SIEM signature file. | ⭐⭐⭐⭐ | | Wherever you go, there you are. | ⭐⭐⭐⭐ | | Submit 10 or more customer feedbacks within 10 seconds. | ⭐⭐⭐⭐⭐ | ### Find the hidden easter egg > An Easter egg is an intentional inside joke, hidden message, or feature in an interactive work such as a computer program, video game or DVD menu screen. The name is used to evoke the idea of a traditional Easter egg hunt. #### Hints * If you solved one of the other four file access challenges, you already know where the easter egg is located * Simply reuse the trick that already worked for the files above *When you open the easter egg file, you might be a little disappointed, as the developers taunt you about not having found **the real** easter egg! Of course finding **that** is* [*a follow-up challenge*](https://pwning-wargames.gitbook.io/readme/part-ii/security-through-obscurity#apply-some-advanced-cryptanalysis-to-find-the-real-easter-egg) *to this one.* ### Access a developer's forgotten backup file During an emergency incident and the hotfix that followed, a developer accidentally pasted an application configuration file into the wrong place. Downloading this file will not only solve the *Access a developer's forgotten backup file* challenge but might also prove crucial in several other challenges later on. #### Hints * Analyze and tamper with links in the application that deliver a file directly. * The file is not directly accessible because a security mechanism prevents access to it. * You need to trick the security mechanism into thinking that the file has a valid file type. * For this challenge there is only *one approach* to pull this trick. ### Access a misplaced SIEM signature file. > Security information and event management (SIEM) technology supports threat detection and security incident response through the real-time collection and historical analysis of security events from a wide variety of event and contextual data sources. It also supports compliance reporting and incident investigation through analysis of historical data from these sources. The core capabilities of SIEM technology are a broad scope of event collection and the ability to correlate and analyze events across disparate sources. The misplaced signature file is actually a rule file for [Sigma](https://github.com/Neo23x0/sigma), a generic signature format for SIEM systems: > Sigma is a generic and open signature format that allows you to describe relevant log events in a straight forward manner. The rule format is very flexible, easy to write and applicable to any type of log file. The main purpose of this project is to provide a structured form in which researchers or analysts can describe their once developed detection methods and make them shareable with others. > > Sigma is for log files what Snort is for network traffic and YARA is for files. #### Hints * If you solved one of the other four file access challenges, you already know where the SIEM signature file is located * Simply reuse the trick that already worked for the files above ### Wherever you go, there you are This challenge is undoubtedly the one with the most ominous description. It is actually a quote from the computer game [Diablo](http://us.blizzard.com/en-us/games/legacy/), which is shown on screen when the player activates a [Holy Shrine](http://diablo.gamepedia.com/Shrines_\(Diablo_I\)). The shrine casts the spell [Phasing](http://diablo.gamepedia.com/Phasing_\(Diablo_I\)) on the player, which results in *teleportation* to a random location. By now you probably made the connection: This challenge is about *redirecting* to a different location. #### Hints * You can find several places where redirects happen in the **E. Corp Shop** * The application will only allow you to redirect to *whitelisted* URLs * Tampering with the redirect mechanism might give you some valuable information about how it works under to hood > White list validation involves defining exactly what *is* authorized, and by definition, everything else is not authorized. ### Submit 10 or more customer feedbacks within 10 seconds 🔧 **TODO** #### Hints 🔧 **TODO**