Not too tired after BSides London? Still want to solve challenges?
Here is the VM I told about during my talk where you'll have to practice some of your skills to retrieve the precious flag located here: /root/flag.txt. This VM is an entry-level boot2root and is web based.
This VM is the first of a series which I'm currently creating where there will be links between all of them.
Basically, each machine in the series will rely/depend on each other, so keep the flags for the next VMs.
This has been tested on VirtualBox and gets its IP from the DHCP server.
Moreover, if you find yourself bruteforcing, you're doing something wrong. It is not needed and it wasn't designed to be done this way. Instead, focus on exploiting web bugs!
If you have any questions, feel free to ask me on Twitter @PaulWebSec or throw me a mail: paulwebsec(at)gmail(dot)com