Skip available games
Welcome to Clearswift's The Enemy Within Challenge.
With an explosion of data breaches in recent years, the protection of sensitive data has become a hot topic and top priority for organisations. Whilst malicious external threats remain, organisations now must address the threats that reside much closer to home, whether through policy gaps, broken processes, employee error or indeed employee ill intent.
The aim of this challenge is to identify the means by which an insider may accidentally or maliciously leak organisational secrets via seemingly innocent files.
The challenge takes the form of a quiz. With each question you will be provided with a file, it is your job to locate the sensitive data that has been hidden within it.
Please read the instructions before beginning the quiz and good luck!
Disclaimer: All data used within this game is fictitious.
This game will test your secure coding knowledge. You are given 3 different samples of code and have to identify the vulnerabilities, along with how they are mitigated.
Game summary - this is an explanation of what the game entails.
Think you’re a good shot?
Connect to our server and see if you can help sort out our zombie problem! To connect you will need to enter "nc zombies.baectf.com 8888" as the command line in telnet. If you are unfamiliar with Telnet for Windows or MacOSX see http://www.wikihow.com/Use-Telnet-on-Mac-OS-X and https://technet.microsoft.com/en-us/library/cc771275(v=ws.10).aspx. Asa you play the (timed) game you will also need to answer the questions so open the Test at the same time.
Welcome to the Vulnerable Code challenge.
This challenge relies on your being confident reading C source code. You will probably want to be able to compile and run the code to test your theories and answer all of the questions correctly .
We recommend that you use an x86 Linux VM with 32-bit support. Tested on Kali/Debian 64-bit with 32-bit libraries and gcc running under VMware workstation.
The challenge is timed, but the timer does not start until you begin the quiz. You can download the challenge zip file and compile and run a test C program before starting the quiz. The test.c file also contains more detailed hints and tips.
You will be given the password to unlock the main C source files once you begin the timed quiz.
- Teacher: Peter