W3Challs is a site that propose various kind of computing challenges : Hacking, Cracking, Wargame, Forensic, Cryptography, Steganography and Programming.
We give you an opportunity to test your skills on our challenges, even to try to hack the site.
Nevertheless, bruteforcing (of challenges, authentication ...) and aspiration of all site pages are forbidden !
You will need to connect as member to access challenges.
W3Challs holds its name from a bad pun with the W3C (for World Wide Web Consortium).
This name is an abbreviation for World Wide Web Challenges.
Unlike W3C, this site doesn't pretend to define a standard ;-)
W3Challs exists since May 2009, nevertheless its first real release (1.0) dates from January 2010.
About English version :
The base of the site is French, but almost everything is translated in English, in order to make the site more accessible to non-french people.
We are not native English people, so we certainly do some mistakes, spelling and syntax errors.
We do our best to minimize these mistakes. So please, be indulgent, and don't hesitate to alert us when you encounter some of them.
II] Challenge basics
A challenge is a virtual game which test your skills in various areas, usually relative to computing.
Its aim is to learn and distract, and to make you practice your theoretical knowledge.
All challenges will not necessarily learn you something, but all levels are needed.
As well, resulting entertainement will not be the same depending on the individual.
Nevertheless, we try to propose challenges with a computing interest, even if this one is basic.
When you validate a challenge, a fixed number of points is added to your account, according to the validated challenge difficulty, positioning yourself as compared to other players in a ranking.
Ranking is just here for information, and may bring new challenges with other players.
You can interpret this information as you like. Nevertheless be aware that your position doesn't necessarily represent your real level, and that it's an illusion to believe you're better than another because of it.
Ideally, a challenge should be a personnal research.
Some hints are still given, to unblock if necessary.
Moreover, a forum is available for your possible issues. As well for IRC(ref).
As it was previously said, a challenge resolution should be the outcome of a research and/or a personnal thinking.
With such process, you will gain particularly :
Knowledge of solution methods for the statement problem.
Collateral knowledges , made during your research, and that aren't necessarily related to the challenge.
An improvement/clarification of your research and way of thinking methods
Ideas of future thinkings
Interests of a challenge are multiple, and have to be kept in memory.
Point system :
Points are distributed according to 3 large basic categories: Easy, Medium and Hard.
Easy: Basic challenges that doesn't require special reflection [1-9 points]
Medium: Challenges that require a minimum of thinking and/or research [10-19 points]
Harder: Challenges that require thinking, research or advanced knowledge [20-30 points]
Beware of cheating :
Any cheat or help to cheat is prohibited on W3Challs.
Any publication of methods or password concerning a W3Challs challenge is strictly prohibited.
If ever you have this idea, it is surely time to seek the definition of the "challenge" word.
Cheating is a shortcut that may teach you a resolution method, but you would pass out on all the interest of the challenge.
Any detected cheating will remove you from ranking, and exposes you to a ban of the site.
You have nothing to gain by cheating !
Thank you to respect the philosophy of this site on this particular point, even if you don't agree with it.
Hacking server :
Hacking is a popular category, and also the one that poses the most problems to establish.
Proposing security challenges jeopardizes our servers, so it's important for us to secure challenges from the server perspective. Some challenges create dangers that can hardly be restricted to the challenge itself.
In these cases we have to implement a control structure that will limit potential exploitation to the challenge itself.
So keep this in mind and focus as possible your investigations on the challenge area. (ex : do not begin by searching the /etc/passwd content)
Moreover, some problems involve a simulation necessity, which often repel because the perfect simulation doesn't exist.
That's why W3Challs tries to limit simulation as possible, and tries instead to control exploitations.
If you find a vulnerability that wasn't predicted by the author please contact the site administration(ref)
DoS : A challenge will NEVER involve Denial of Service.
You can warm up the server for some challenges, but be reasonable in the frequency of your queries, not to disrupt its performance.
III] Site navigation
This part is about how to find / use some ambiguous or unnoticed parts of the site.
/dev/null challenges :
This category group challenges whose score has been lowered to 0 points, so they are not in the complete list of challenges anymore.
These challenges had been "removed" for various explanations : guessing challenges, completely useless, category itself removed...
You can access it through complete challenge list, at the bottom.
Afterwards :
Afterwards is a special category of forums which are only accessible by challenges' validators.
It allows validators to discuss used methods to solve challenges.
News records :
A link to news records is available at the bottom of the home page.
Serveur de Hacking :
The hacking server (available at hacking.w3challs.com) is an independant entity from the site, so it doesn't work exactly the same way.
At the server root you'll find an index of challenges with their links.
The server may be unavailable sometimes, exceptionally.
If it happens, please report it to administration, then we can correct it.
Challenge proposal :
If you have a challenge idea that you think interesting and which principle isn't already on the site, and that is not plagiarized from another site, you can propose it.
The challenge proposal link is at the bottom of challenges page.
If possible, discuss about it in private on IRC with an administration member(ref).
We study all the proposals.
The W3Challs'staff thank you for having the courage to read this page, and wish you very good future challenges.
If something is still wrong or if you have any comments, contact us !
Hacking
Cracking
Wargame
Forensic
Programming
Cryptography
Steganography
/dev/null
Challenges
Afterwards
General
Miscellaneous
W3Challs holds its name from a bad pun with the W3C (for World Wide Web Consortium).
Some challenges create dangers that can hardly be restricted to the challenge itself.
Good luck in sorting them.
Nice site 
