Context The goal is to read the ddfc. By clicking the link, we end up on this page: The page contains a link to this URL: https://ddfc.challenges.404ctf.fr/ddfc?expiry=-5625891076&signa...

Here is the context: The challenge asks us to count rhinoceros. Let’s connect via netcat to understand what it is about. Here is what we get when we connect: We have to count the number of r...

Context Let’s connect to the challenge to know more. It seems like there will be different rules. No need to implement anything for this one. I implemented a function to send datas and rece...

Context This challenge is made of 3 parts. Here is the first one: Le texte nous indique que l’authentification est géré en front-end (côté client). En regardant le code source de la page, on ...

Context By clicking the link, we end on the journal’s website: Let’s try to postulate: It’s a register page. We register with a random username, “bipboup”. We are redirected to a login pa...

Context Here is the website main page: There are 4 endpoints: /login -> we can connect as whoever we want as long as it’s not admin /logout -> to disconnect /home -> just the ...

Context I did not solved this challenge during the CTF, but I solved it after. We are given the source code of the website It’s a pretty simple website, we can register, login, logout, and see...

Context I did not solved this challenge during the CTF, but I solved it after. Here is the main page: We are presented the php code of the page: <?php error_reporting(0); include('flag...

Context La société MegaSecure vient d’éditer une mise à jour de sécurité pour leurs serveurs. Après analyse de la mise à jour, vous vous apercevez que l’éditeur utilise maintenant ce code pour l’e...

Context We have a text that is encoded with rot13. We can use CyberChef to decode it: We’ve got the flag: FCSC{ed24c7fd86c2f0515366} This challenge was very easy, but it was a good warm-up f...