Challenge:
Isn’t 2fa fun? Especially when you forget to backup you code and can’t login anywhere anymore. Well, not even Santa is immune to mistakes like this. Fortunately his app creates a recovery token. The developers hoped that Santa would never need it, so they kinda slacked off when implementing the app. It’s up to us to find Santa’s recovery token.
Challenge:
Santa made available a service that accepts only the best of jokes. Try it out, binary is available and service is listening at elfs.owasp.si:40003.
Challenge:
It’s nearly Christmas and Santa’s very busy getting everything ready. He’s preparing his list of who’s been good. Write a letter to Santa, to let him know that you have been nice.
Challenge:
Santa’s elves have found the following image with a secret message. Can you find it?
Challenge:
Santa’s elves created a brand new API for naughty and nice list at http://elfs.owasp.si:8000/ with advanced protections. But did they get the protections right? Be nice.
Challenge:
Someone was monitoring weird transmissions on Santa’s network, fortunately their systems are outdated so you might have some luck decoding the message.