Xmas Root Me CTF 2024 Generous Santa (Day 1) - Web This is a web challenge. We are given a Docker environment to test locally, and then have our own instance online to retrieve the flag. We can upload photos of potential gifts and then select what we’d like Santa to bring us. Inspection of the source code of the website shows: The code does not check we upload a photo.

HackCorps Warm Up Description Serge the accountant inadvertently opened an infected file on his workstation. After investigation by the SOC team, the file was found to contain malware designed to extract confidential information. The SOC team asked you to help them investigate the incident. The SOC has found a folder (C:\exfiltr) but cannot recover its contents. we get a file exfiltr.7z Solution We unzip the file. There are 3 directories named 0, 1 and 2.

Those 3 challenges were in the AI category. This is a new category in CTFs: Ph0wn created an AI challenge in 2023, and we were happy to see this category at NOPS 2024, and probably in future CTFs. Description In all 3 challenges, the goal is to manage to get the AI to tell you the flag. But, of course, the AI will do all it can not to ;)