Today’s target is called DonkeyDocker, so we should expect a Docker component! The level is intermediate to hard.
Today’s VM is the third machine in the Hackfest series:
This is a vulnerable machine i created for the Hackfest 2016 CTF http://hackfest.ca/
Difficulty : Hard
If youre stuck enumerate more! Seriously take each service running on the system and enumerate them more!
Goals: This machine is intended to take a lot of enumeration and understanding of Linux system.
There are 4 flags on this machine 1. Get a shell 2. Get root access 3. There is a post exploitation flag on the box 4. There is something on this box that is different from the others from this series (Quaoar and Sedna) find why its different
Today’s VM is inspired by a James Bond movie:
I recently got done creating an OSCP type vulnerable machine that’s themed after the great James Bond film (and even better n64 game) GoldenEye. The goal is to get root and capture the secret GoldenEye codes – flag.txt.
I’d rate it as Intermediate, it has a good variety of techniques needed to get root – no exploit development/buffer overflows. After completing the OSCP I think this would be a great one to practice on, plus there’s a hint of CTF flavor.
I wanted to finish 2018 on a strong note, so right before Christmas I’ve completed the exam for the Offensive Security Wireless Professional (OSWP) certification. This is my review for the Offensive Security Wireless Attacks (WiFu) course. But as a short summay, the course and exam were great, very practical and applicable, and I thoroughly enjoyed them!
With today’s post I am experimenting with a new way of writing my hacking blog posts based on the 5 phases of red teams assessments.
This is another machine in the Hackfest 2016 series.
There are 4 flags on this machine One for a shell One for root access Two for doing post exploitation on Sedna
Alrighty, let’s hack the planet!
You are looking for two flags. Using discovered pointers in various elements of the running web application you can deduce the first flag (a downloadable file) which is required to find the second flag (a text file). Look, read and maybe even listen. You will need to use basic web application recon skills as well as some forensics to find both flags.
This machine is based on Star Wars. The goal is “to Beat the Empire and steal the plans for the Death Star before its too late.”. For this to happen, 6 flags encoded in base64 need to be collected.
For this box, you have to find 8 flags, each containing an MD5 hash.