The machines are in the intermediate difficulity range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
VulnHub
↧
isz-no: jenkins
VulnHub
↧
isz-no: leopold
The machines are in the intermediate difficulity range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
↧
↧
Replay: 1
Replay is a sequel to Bob my first CTF. What sort of terrible redneck netsec engineering has Bob done now?
Your Goal is to get root and read /flag.txt
Note: There are three difficulties Hard: No Changelog.txt, no hex editor Mid: Read Changelog.txt, no hex editor Easy: Anything goes
VulnHub
↧
Matrix: 2
Matrix v2.0 is a medium level boot2root challenge. The OVA has been tested on both VMware and Virtual Box.
Difficulty: Intermediate
Flags: Your Goal is to get root and read /root/flag.txt
Networking:
- DHCP: Enabled
- IP Address: Automatically assigned
Hint: Follow your intuitions ... and enumerate!
VulnHub
↧
digitalworld.local: DEVELOPMENT
This machine reminds us of a DEVELOPMENT environment: misconfigurations rule the roost. This is designed for OSCP practice, and the original version of the machine was used for a CTF. It is now revived, and made slightly more nefarious than the original.
VulnHub
↧
↧
digitalworld.local: BRAVERY
This machine hopes to inspire BRAVERY in you; this machine may surprise you from the outside. This is designed for OSCP practice, and the original version of the machine was used for a CTF. It is now revived, and made more nefarious than the original.
VulnHub
↧
NorzhCTF: 2019 (Basilic)
Name: Basilic Author: DrStache
The Basilic VM was created as part of NorzhCTF 2019.
A Python developer has put a website online. Your goal is to compromise the different users of the server and gain root privileges.
There are 4 flags to retrieve, they are in md5 format.
- Flag 1: "Persistence is the path to success." - Charlie Chaplin
- Flag 2: "You can always escape from a prison. But freedom?" - Jean-Christophe Grangé
- Flag 3: "The future is a door, the past is the key." - Victor Hugo
- Flag 4: "There is no less blame for concealing a truth than for falsifying a lie." - Etienne Pasquier
Difficulty: Intermediate / Hard
Categories: Web, Jail, Crypto, PrivEsc
For any questions, feel free to contact me on Twitter: @DrStache_
VulnHub
↧
Kuya: 1
A Boot2Root machine with hints of CTF
In total there are 3 flags and you will be required to use some CTF skills to solve it.
VulnHub
↧
MEA-CTF: 1
DHCP service: Enabled
IP address: Automatically assign
Ultimate goal : find the /root/root.txt
Difficulty for user: Medium
Difficulty for root: Easy/Medium
VulnHub
↧
↧
The Beast: 2
The Beast 2 is an intermediate level boot2root VM. Capture the flag event, can you follow the hints?. Can you still breach The Beast?
VulnHub
↧
myHouse7: 1
Description
myHouse7 is a vulnerable virtual machine with multiple docker images setup to be a capture-the-flag (CTF) challenge. The goal of this vulnerable virtual machine is to present a lab where you can learn and practice to pivot through the subnets to be able to compromise all of the hosts/containers except 1.
CTF Flag Information
This CTF challenge consists of a total of 20 flags. The virtual machine that is provided contains 2 flags and each docker image/container when running contains 3 additional flags with exception to 1 host. The 1 host that is the exception has no flags. (A mistake that I made was to name 2 flags the same.)
The structure of each flag is as follows: {{tryharder:xxx}}. The xxx in the example could be a single digit or up to 4 digits.
Network Diagram
Below is a network diagram of the setup which may or may not be accurate. The virtual machine represents the firewall in the network diagram below. A total of 7 docker images/containers launch each time the virtual machine loads.
Download Information
You are able to download this file from my Google Drive at this link. The file is 2.7GB compressed with 7-zip. The file is a compressed OVF exported virtual machine from VMWorkstation 14. After importing the virtual machine, the first time that it loads will take upwards of 15 minutes due to building the environment and decompressing the docker images. After the first time you load the virtual machine it will be quicker due to only having to load the docker images into containers.
VulnHub
↧
Casino Royale: 1
Will you gain your status as a 00 agent?
- Difficulty: Intermediate
- Flag is /root/flag/flag.sh
- DHCP enabled, tested on VMware
VulnHub
↧
digitalworld.local: MERCY v2
MERCY is a machine dedicated to Offensive Security for the PWK course, and to a great friend of mine who was there to share my sufferance with me. :-)
MERCY is a name-play on some aspects of the PWK course. It is NOT a hint for the box.
A walkthrough for this machine will be provided at a later date. If you have rooted the machine, and would like to do a walkthrough, please feel free to do so!
VM: Format: .vmdk (VMWare) Operating System: Linux
Networking: DHCP is enabled. IP is auto-assigned.
Mercy is: (#1): what you always plead for but cannot get. (#2): a dubious machine. (#3): https://www.youtube.com/watch?v=c-5UnMdKg70
VulnHub
↧
↧
WebDeveloper: 1
A machine using the newest REMOVED Server, the newest REMOVED and containing some REMOVED....
VulnHub
↧
Chatty: 1 & 2
Name: chatty1
Root password: <REMOVED>
Name chatty2
Root password: 2UtGrQuutf3aShrM
Information
- After you deploy these hosts, you need to goes inside of chatty2 and edit
/etc/asterisk/sip_register.confssh root@<chatty2>nano /etc/asterisk/sip_register.conf
- Change the IP address (
192.168.15.26) to the IP of<chatty1>.- Line: 1 ~
register=...SNIP...@<chatty1>:5060/...SNIP... - Line: 7 ~
host=<chatty1> - Save
- Line: 1 ~
- Execute the command:
asterisk -rx "sip reload" - To check if is everything ok, execute the command
asterisk -rx "sip show registry" - You need to see status "Registered"
VulnHub
↧
Stack Overflows for Beginners: 1
A series of challenges to test basic stack overflow skills, originally developed for the Sheffield University Ethical Hacking Society.
Starting as level0 exploit a binary owned by the next user to get the flag.
There are 5 flags to collect:
- /home/level1/level1.txt
- /home/level2/level2.txt
- /home/level3/level3.txt
- /home/level4/level4.txt
- /root/root.txt
Each flag is the corresponding users password, so once you exploit the binary owned by level1 and get the level1 flag, you can su to level1 and take on the next challenge
To start boot the machine and login as:
- username:
level0 - password:
level0
You'll find the first binary to exploit is: /home/level0/level1
You may want to increase the resources allocated to the machine
VulnHub
↧
SP: christophe
- Flags:
- /root/flag.txt
- /home/christophe/flag.txt
- Tested with VirtualBox
- DHCP
- Difficulty: Beginner/Intermediate
The machines are in the intermediate difficulty range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
↧
↧
SP: eric
- Flags
- /root/flag.txt
- /home/eric/flag.txt
- Tested with VirtualBox
- DHCP
- Difficulty: Beginner/Intermediate
The machines are in the intermediate difficulty range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
↧
SP: ike (v1.0.1)
- Flags
- /root/flag.txt
- /home/ike/flag.txt
- Tested with VirtualBox
- DHCP
- Difficulty: Intermediate
The machines are in the intermediate difficulty range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
↧
SP: jenkins
- Flags
- /root/flag.txt
- /home/jenkins/flag.txt
- Tested with VirtualBox
- DHCP
- Difficulty: Intermediate
The machines are in the intermediate difficulty range. None of them should be as easy as to just run a msf module to get root right away, if so please let me know. They all have two flags, one for local and one for root access.
VulnHub
↧