• Solves: 18
  • Sign up now, for the dance class you always wanted to visit! Totally secure, totally awesome! But be quick, the first few spots are already taken!

    nc 35.207.132.47 81

    Source

    Difficulty estimate: Medium

  • Solves: 70
  • Did you know server-side Wee will supports a variety of crypto operations in the future? How else could Wee ever catch up to other short-named languages like Go or all the Cs? Anyway it's still in testing. If you already want to take it for a spin, try /wee/encryptiontest.

    http://35.207.132.47/

    Difficulty Estimate: Medium


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, [this] https://paperbots.io/project.html?id=kpyyrl) and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 28
  • The NSA gave us these packets, they said it should be just enough to break this crypto.

    surveillance.pcap server.py

    Difficulty estimate: Medium-Hard


  • Solves: 45
  • A little bit of stego. Not every header field looks like the other.

    FS

    Difficulty estimate: Easy-Medium

  • Solves: 17
  • Something's horribly broken. :(

    FS

    Difficulty estimate: Medium

  • Solves: 209
  • Little or big, we do not care!

    FS

    Difficulty estimate: Easy


  • Solves: 42
  • We're not the first but definitely the latest to offer dev-null-as-a-service. Pretty sure we're also the first to offer Wee-piped-to-dev-null-as-a-service[WPtDNaaS]. (We don't pipe anything, but the users don't care). This service is more useful than most blockchains (old joke, we know). Anyway this novel endpoint takes input at /wee/dev/null and returns nothing.

    http://35.207.132.47/

    Difficulty Estimate: Hard


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 63
  • With assert_string(str: string), we assert that our VM properly handles conversions. So far we never triggered the assertion and are certain it's impossible.

    http://35.207.132.47/

    Difficulty estimate: Medium


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 62
  • At assert_equals(num: number), we've added an assert to make sure our VM properly handles equality. With only a few basic types, it's impossible to mess this one up, so the assertion has never been triggered. In case you do by accident, please report the output.

    http://35.207.132.47/

    Difficulty estimate: Medium


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 28
  • An engineer added a special kind of token to our server: the LAYERS token is unique and there is no way to ever extract it. This means, if anybody every searches for it on the internet or submits it here, we know we have, like, a mole, or something. Dunno. Well we believe it cannot be extracted - so don't even bother.

    http://35.207.132.47/

    Difficulty estimate: Hard


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 71
  • The function assert_number(num: number) is merely a debug function for our Wee VM (WeeEm?). It proves additions always work. Just imagine the things that could go wrong if it wouldn't!

    http://35.207.132.47/

    Difficulty estimate: Easy - Medium


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 50
  • This flag is protected by a password stored in a highly sohpisticated chain of hashes. Can you capture it nevertheless? We are certain the password consists of lowercase alphanumerical characters only.

    nc 35.207.132.47 1337

    Source

    Difficulty estimate: Easy

  • Solves: 78
  • Somebody forgot a useless assert function in the interpreter somewhere. In our agile development lifecycle somebody added the function early on to prove it's possible. Wev've only heared stories but apparently you can trigger it from Wee and it behaves differently for some "leet" input(?) What a joker. We will address this issue over the next few sprints. Hopefully it doesn't do any harm in the meantime.

    http://35.207.132.47/

    Difficulty estimate: Easy


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 54
  • We _need_ to make sure strings in Wee are also strings in our runtime. Apparently attackers got around this and actively exploit us! We do not know how. Calling out to haxxor1, brocrowd, kobold.io,...: if anybody can show us how they did it, please, please please submit us the token the VM will produce. We added the function assert_string(str: string) for your convenience. You might get rich - or not. It depends a bit on how we feel like and if you reach our technical support or just 1st level. Anyway: this is a call to arms and a desperate request, that, we think, is usually called Bugs-Bunny-Program... or something? Happy hacking.

    http://35.207.132.47/

    Difficulty estimate: Easy


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.


  • Solves: 15
  • Can you enter? Again?

    Contract Source

    Difficulty estimate: Medium

  • Solves: 5
  • Welcome to the future!

    Contract

    Difficulty estimate: Medium


  • Solves: 253
  • It's 1996 all over again!

    nc 35.207.132.47 22227

    Difficulty estimate: very easy

  • Solves: 9
  • Would you mind briefly testing our new integer array implementation?

    nc 35.207.132.47 22228

    Difficulty estimate: easy - medium

  • Solves: 8
  • We improved our security with more mitigations.

    nc 35.207.132.47 22229

    Difficulty estimate: hard

  • Solves: 214
  • We are looking for the poet of the year:

    nc 35.207.132.47 22223

    Difficulty estimate: very easy

  • Solves: 69
  • Eat, sleep, swap, replace

    nc 35.207.132.47 22224

    Difficulty estimate: easy

  • Solves: 29
  • Eat, sleep, swap, replace This time with more mitigations!

    nc 35.207.132.47 22225

    Difficulty estimate: medium

  • Solves: 32
  • Sum it up!

    nc 35.207.132.47 22226

    Difficulty estimate: easy


  • Solves: 57
  • Hacking blind: http://35.207.132.47:82

    Flag is at /flag

    Difficulty estimate: Medium

  • Solves: 64
  • Your task is pretty simple: Upload two PDF files. The first should contain the string "NO FLAG!" and the other one "GIVE FLAG!", but both should have the same MD5 hash!

    http://35.207.132.47:83

  • Solves: 61
  • To enable secure microservices (or whatever, we don't know yet) over Wee in the future, we created a specific DB_SECRET, only known to us. This token is super important and extremely secret, hence the name. The only way an attacker could get hold of it is to serve good booze to the admins. Pretty sure it's otherwise well protected on our secure server.

    http://35.207.132.47/

    Difficulty Estimate: Medium


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 411
  • Fun with flags: http://35.207.132.47:84

    Flag is at /flag

    Difficulty estimate: Easy

  • Solves: 69
  • We came up with some ingenious solutions to the problem of password reuse. For users, we don't use password auth but send around mails instead. This works well for humans but not for robots. To make test automation possible, we didn't want to send those mails all the time, so instead we introduced the localhost header. If we send a request to our server from the same host, our state-of-the-art python server sets the localhost header to a secret only known to the server. This is bullet-proof, luckily.

    http://35.207.132.47/

    Difficulty Estimate: Medium


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, [this] https://paperbots.io/project.html?id=kpyyrl) and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 180
  • Phew, we totally did not set up our mail server yet. This is bad news since nobody can get into their accounts at the moment... It'll be in our next sprint. Until then, since you cannot login: enjoy our totally finished software without account.

    http://35.207.132.47/

    Difficulty Estimate: Easy


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Solves: 214
  • Our web admin name's "Mc Donald" and he likes apples and always forgets to throw away his apple cores..

    http://35.207.132.47:85

  • Solves: 1
  • NOT_IMPLEMENTED was not implemented nor intended. Capture it and profit.

    http://35.207.132.47

    Difficulty estimate: Hard++


    Good coders should learn one new language every year.

    InfoSec folks are even used to learn one new language for every new problem they face (YMMV).

    If you have not picked up a new challenge in 2018, you're in for a treat.

    We took the new and upcoming Wee programming language from paperbots.io. Big shout-out to Mario Zechner (@badlogicgames) at this point.

    Some cool Projects can be created in Wee, like: this, this and that.

    Since we already know Java, though, we ported the server (Server.java and Paperbots.java) to Python (WIP) and constantly add awesome functionality. Get the new open-sourced server at /pyserver/server.py.

    Anything unrelated to the new server is left unchanged from commit dd059961cbc2b551f81afce6a6177fcf61133292 at badlogics paperbot github (mirrored up to this commit here).

    We even added new features to this better server, like server-side Wee evaluation!

    To make server-side Wee the language of the future, we already implemented awesome runtime functions. To make sure our VM is 100% safe and secure, there are also assertion functions in server-side Wee that you don't have to be concerned about.

  • Hints:
    • Once you dug through every layer, you have reached the core. From there you may chose any direction and move anywhere.

  • Solves: 130
  • We love notes. They make our lifes more structured and easier to manage! In 2018 everything has to be digital, and that's why we built our very own note-taking system using micro services: Not(e) accessible! For security reasons, we generate a random note ID and password for each note.

    Recently, we received a report through our responsible disclosure program which claimed that our access control is bypassable...

    http://35.207.132.47:90

    Difficulti estimate: Easy-Medium

  • Solves: 105
  • "I have been told that the best crackers in the world can do this under 60 minutes but unfortunately I need someone who can do this under 60 seconds." - Gabriel

    http://35.207.132.47:86

Infrastructure sponsored by Google Cloud