Core dump overflow

Core dump in progress...

Donkey Docker

| Comments

Today’s target is called DonkeyDocker, so we should expect a Docker component! The level is intermediate to hard.

Hackfest 2016 Orcus

| Comments

Today’s VM is the third machine in the Hackfest series:

This is a vulnerable machine i created for the Hackfest 2016 CTF http://hackfest.ca/

Difficulty : Hard

Tips:

If youre stuck enumerate more! Seriously take each service running on the system and enumerate them more!

Goals: This machine is intended to take a lot of enumeration and understanding of Linux system.

There are 4 flags on this machine 1. Get a shell 2. Get root access 3. There is a post exploitation flag on the box 4. There is something on this box that is different from the others from this series (Quaoar and Sedna) find why its different

GoldenEye 007

| Comments

Today’s VM is inspired by a James Bond movie:

I recently got done creating an OSCP type vulnerable machine that’s themed after the great James Bond film (and even better n64 game) GoldenEye. The goal is to get root and capture the secret GoldenEye codes – flag.txt.

I’d rate it as Intermediate, it has a good variety of techniques needed to get root – no exploit development/buffer overflows. After completing the OSCP I think this would be a great one to practice on, plus there’s a hint of CTF flavor.

Hackfest 2016: Sedna

| Comments

This is another machine in the Hackfest 2016 series.

There are 4 flags on this machine One for a shell One for root access Two for doing post exploitation on Sedna

Alrighty, let’s hack the planet!

Take the SpyderSec Challenge

| Comments

The challenge:

You are looking for two flags. Using discovered pointers in various elements of the running web application you can deduce the first flag (a downloadable file) which is required to find the second flag (a text file). Look, read and maybe even listen. You will need to use basic web application recon skills as well as some forensics to find both flags.