↧
RSA: 1
↧
Raven: 1
Raven is a Beginner/Intermediate boot2root machine. There are four flags to find and two intended ways of getting root. Built with VMware and tested on Virtual Box. Set up to use NAT networking.
VulnHub
↧
↧
Matrix: 1
Description: Matrix is a medium level boot2root challenge. The OVA has been tested on both VMware and Virtual Box.
Difficulty: Intermediate
Flags: Your Goal is to get root and read /root/flag.txt
Networking: DHCP: Enabled IP Address: Automatically assigned
Hint: Follow your intuitions ... and enumerate!
For any questions, feel free to contact me on Twitter: @unknowndevice64
VulnHub
↧
CTF KFIOFan: 1
Description : Two french people want to start the very first fanclub of the youtuber Khaos Farbauti Ibn Oblivion. But they're not very security aware ! (IMPORTANT NOTE : The whole challenge is in french, including server conf. Which may add to the difficulty if you are non-native or using a non-azerty keyboard)
Difficulty : Beginner with some little non-usual twists
Flag : There are four flags to find, not all of them on the solution path
VulnHub
↧
SolidState: 1
↧
↧
Fowsniff: 1
I created this boot2root last year to be hosted on Peerlyst.com It's beginner level, but requires more than just an exploitdb search or metasploit to run.
It was created in (and is intended to be used with) VirtualBox, and takes some extra configuration to set up in VMWare.
VulnHub
↧
digitalworld.local: MERCY
Description: MERCY is a machine dedicated to Offensive Security for the PWK course, and to a great friend of mine who was there to share my sufferance with me. :-)
MERCY is a name-play, and has nothing to do with the contents of the vulnerable machine.
A walkthrough for this machine will be provided at a later date.
File information: I presume you guys generate the MD5 and SHA1 hashes?
VM: Format: .vmdk (VMWare) Operating System: Linux
Networking: DHCP is enabled IP is auto-assigned
Screenshots: "There are no screenshots for this machine. You must try harder. :-)"
However, if you would like hints for MERCY:
Mercy is: (#1): what you always plead for but cannot get. (#2): a dubious machine. (#3): https://www.youtube.com/watch?v=c-5UnMdKg70
VulnHub
↧
Moonraker: 1
You've received intelligence of a new Villain investing heavily into Space and Laser Technologies. Although the Villian is unknown we know the motives are ominous and apocalyptic.
Hack into the Moonraker system and discover who's behind these menacing plans once and for all. Find and destroy the Villain before it's too late!
-- Difficulty: Challenging
-- Flag is /root/flag.txt
-- Tested on VMware
-- DCHP enabled
-- No extra tools besides what's on Kali by default
-- Learning Objectives: Client-side Attacks, NoSQL, RESTful, NodeJS, Linux Enumeration and Google-fu.
Thanks to /u/limbernie on Reddit for testing!
Good luck and have fun!
VulnHub
↧
Pinky's Palace: v4
Pinky has setup a development environment to develop and test new software. He thinks his dev environment is pretty locked down security wise, what do you think?
Network (DHCP) Bridged
Difficulty for user: Hard/Expert
Difficulty for root: Hard/Expert
Tested in VirtualBox
VulnHub
↧
↧
FourAndSix: 2.01
↧
Typhoon: 1.02
Typhoon Vulnerable VM
Typhoon VM contains several vulnerabilities and configuration errors. Typhoon can be used to test vulnerabilities in network services, configuration errors, vulnerable web applications, password cracking attacks, privilege escalation attacks, post exploitation steps, information gathering and DNS attacks. Prisma trainings involve practical use of Typhoon.
MD5 (Typhoon-v1.02.ova) = 16e8fef8230343711f1a351a2b4fb695
OS: Linux
Author: PrismaCSI
Series: Typhoon
Format: VM(OVA)
DHCP service: Enabled
IP address: Automatically assign
VulnHub
↧
Raven: 2
Raven 2 is an intermediate level boot2root VM. There are four flags to capture. After multiple breaches, Raven Security has taken extra steps to harden their web server to prevent hackers from getting in. Can you still breach Raven?
VulnHub
↧
digitalworld.local: MERCY v1.0.1
MERCY is a machine dedicated to Offensive Security for the PWK course, and to a great friend of mine who was there to share my sufferance with me. :-)
MERCY is a name-play on some aspects of the PWK course. It is NOT a hint for the box.
A walkthrough for this machine will be provided at a later date. If you have rooted the machine, and would like to do a walkthrough, please feel free to do so!
VM: Format: .vmdk (VMWare) Operating System: Linux
Networking: DHCP is enabled. IP is auto-assigned.
Mercy is: (#1): what you always plead for but cannot get. (#2): a dubious machine. (#3): https://www.youtube.com/watch?v=c-5UnMdKg70
VulnHub
↧
↧
WebDeveloper: 1
A machine using the newest [SPOILER] Server, the newest [SPOILER] and containing some [SPOILER]....
VulnHub
↧
W34kn3ss: 1
The matrix is controlling this machine, neo is trying to escape from it and take back the control on it , your goal is to help neo to gain access as a “root” to this machine , through this machine you will need to perform a hard enumration on the target and understand what is the main idea of it , and exploit every possible “weakness” that you can found , also you will be facing some upnormal behaviours during exploiting this machine.
This machine was made for Jordan’s Top hacker 2018 CTF , we tried to make it simulate a real world attacks “as much as possible” in order to improve your penetration testing skills , also we but a little tricky techniques on it so you can learn more about some unique skills.
The machine was tested on vmware (player / workstation) and works without any problems , so we recommend to use VMware to run it , Also works fine using virtualbox.
Difficulty: Intermediate , you need to think out of the box and collect all the puzzle pieces in order to get the job done.
The machine is already got DHCP enabled , so you will not have any problems with networking.
Happy Hacking !
VulnHub
↧
Gittysburg: 1
Gittysburg is an intermediate level boot2root vulnerable VM. There are four flags to capture. Will you be able to git root?
VulnHub
↧
RootThis: 1
↧
↧
isz-no: christophe
The machines are in the intermediate difficulity range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
↧
isz-no: eric
The machines are in the intermediate difficulity range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
↧
isz-no: ike
The machines are in the intermediate difficulity range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
↧