LAMPSecurity: CTF8
ctf8.zip contains the compressed virtual machine target (ctf8.vmdk) as well as the PDF walk through instructions.The latest release fixes some issues with the user cron jobs that check their mail....
View ArticleSecOS: 1
Not too tired after BSides London? Still want to solve challenges? Here is the VM I told about during my talk where you'll have to practice some of your skills to retrieve the precious flag located...
View ArticleBot Challenges: LoBOTomy
I always enjoy creating and releasing vulnerable virtual machines so readers can get a first hand feel of attacking these command and control panels without doing anything illegal. The objective of...
View ArticleCySCA: CySCA2014-in-a-Box
CySCA2014-in-a-Box is a Virtual Machine that contains most of the challenges faced by players during CySCA2014. It allows players to complete challenges in their own time, to learn and develop their...
View ArticleHell: 1
Welcome to the challenge. This VM is designed to try and entertain the more advanced information security enthusiast. This doesn't exclude beginners however and I'm sure that a few of you could meet...
View ArticleSkyTower: 1
Welcome to SkyTower:1This CTF was designed by Telspace Systems for the CTF at the ITWeb Security Summit and BSidesCPT (Cape Town). The aim is to test intermediate to advanced security enthusiasts in...
View Articlexerxes: 2.0.1
____ ___ ____ ___ __ ____ ___ ____ ____ ____ `MM( )P' 6MMMMb `MM 6MM `MM( )P' 6MMMMb 6MMMMb\ 6MMMMb `MM` ,P 6M' `Mb MM69 " `MM` ,P 6M' `Mb MM' ` MM' `Mb `MM,P MM MM MM' `MM,P MM MM YM. ,MM `MM....
View ArticlePentester Lab: Play Session Injection
DifficultyBeginnerDetailsThis exercise covers the exploitation of a session injection in the Play frameworkWhat you will learn?Session injectionPlay frameworkPlay's cookiesVulnHub
View ArticleFlick: 1
.o88o. oooo o8o oooo 888 `" `888 `"' `888 o888oo 888 oooo .ooooo. 888 oooo 888 888 `888 d88' `"Y8 888 .8P' 888 888 888 888 888888. 888 888 888 888 .o8 888 `88b. o888o o888o o888o `Y8bod8P' o888o o888o...
View ArticleTr0ll: 1
Tr0ll was inspired by the constant trolling of the machines within the OSCP labs. The goal is simple, gain root and get Proof.txt from the /root directory.Not for the easily frustrated! Fair warning,...
View ArticleMorning Catch: Phishing Industries
Morning Catch is a VMware virtual machine, similar to Metasploitable, to demonstrate and teach about targeted client-side attacks and post-exploitation.On this virtual machine, you will find: a website...
View ArticleOwlNest: 1.0.2
,' ``', ' (o)(o) ` > ; ', . ...-'"""""`'. .'`',`''''`________: ": (`'. '.; | ;/\;\; (`',.',.; | | (,'` .`.,' | | (,.',.',' | | (,.',.-`_____| | __\_ _\_ | | |_______________|Welcome to The Owl Nest...
View ArticlePersistence: 1
_______ _______ ______ _______ ___ _______ _______ _______ __ _ _______ _______ | || || _ | | || | | || || || | | || || | | _ || ___|| | || | _____|| | | _____||_ _|| ___|| |_| || || ___| | |_| ||...
View ArticlePentester Lab: CVE-2014-6271: ShellShock
Quickly created an exercise for cve-2014-6271:Source: https://twitter.com/PentesterLab/status/515079459284594688VulnHub
View ArticleKnock-Knock: 1.1
____ __. __ ____ __. __ ____ | |/ _| ____ ____ ____ | | __ | |/ _| ____ ____ ____ | | __ /_ | | < / \ / _ \_/ ___\| |/ / ______ | < / \ / _ \_/ ___\| |/ / | | | | \| | ( <_> ) \___| <...
View ArticleKvasir: I
Kvasir 1Filename: kvasir1.ovaMD5: e987e8bbe319db072246ab749912ea91SHA1: 029a59188cd3375fa50a5115db561f8a8ef69d4aAuthor: Rasta MouseTesters: Barrebas & OJNotes to the PlayerAs part of the challenge,...
View ArticleTr0ll: 2
The next machine in the Tr0ll series of VMs. This one is a step up in difficulty from the original Tr0ll but the time required to solve is approximately the same, and make no mistake, trolls are still...
View ArticleUnderdist: 3
Underc0de Weekend is a weekly challenge we (underc0de) are doing. The goal is to be the first to resolve it, to earn points and prizes (http://underc0de.org/underweekend.php).EnjoyVulnHub
View ArticlePegasus: 1
Pegasus .-. %%%%,/ :-. % `%%%, / `\ _, |' )`%%| '-' / Filename: pegasus.ova \_/\ %%%/`-.___.' MD5: 5046e330ff42e9adee0a42b63694cbfe __/ %%%"--"""-.%, SHA1: f18b7437ca3c96f76a2e1b06f569186b63567dd5...
View ArticleThe Purge: 1
Objective: gain shell access and root the box.Hardness: intermediate-> advanced.Note: The box doesn't respond to ping, so be sure to check the DHCP lease.VulnHub
View Article