This post spoils a CTF challenge … Don’t read if you want to try it !

SantHackLaus is a Jeopardy CTF challenge. It is organized by IMT Lille Douai. I had a great time solving these challenges :D

NetRunner is a Web challenge which uses a really well known vulnerability : Heartbleed.

[+] Recon

Challenge starts at 51.75.202.113:1073. We are facing a simple fully-static website :

website

Some much hearts and not enough hints : it might be an Heartbleed vulenrability.

[+] Exploitation

We will use the Hearthbleed module from Metasploit.

msf options

And we have the flag !

final flag

Flag is : IMTLD{I_Cl34n3d_Y0ur_D1rtY_H34rT_Sw33tY}.

[+] Bye

Feel free to tell me what you think about this post :)