mirror of https://github.com/dirtbags/moth.git
35 lines
1.1 KiB
Plaintext
35 lines
1.1 KiB
Plaintext
Ideas for puzzles
|
|
=================
|
|
* Bootable image with FreeDOS, Linux, Inferno? HURD?
|
|
* Bury puzzles in various weird locations within each OS
|
|
* Maybe put some in the boot loader, too
|
|
* Perhaps have some sort of network puzzle as well
|
|
* Network treasure hunt
|
|
* DHCP option
|
|
* Single TCP RST with token in payload
|
|
* Multiple TCP RST with different payloads
|
|
* http://10.0.0.2/token
|
|
* PXE boot some sort of points-gathering client
|
|
* Init asks for a team hash, and starts awarding points
|
|
* Broken startup scripts, when fixed award more points
|
|
* Lots of remote exploits
|
|
* "qemu -net socket" vpn thingy and then...
|
|
* sfxrar packed with upx. Change an instruction so it won't actually
|
|
execute.
|
|
* pwnables: have scp log passwords somewhere
|
|
|
|
Capture the Packet
|
|
------------------
|
|
|
|
* Jim Meilander could teach a class about Bro
|
|
* Use qemu -net socket,connect=10.0.0.2:5399 for capture the packet
|
|
|
|
|
|
From Jed Crandell
|
|
-----------------
|
|
|
|
* Have password easily read, must determine username with stack
|
|
examination (like in printf category)
|
|
* Use %600000u%n to write an arbitrary value to a location in
|
|
stack, then jump to that location somehow.
|