Advanced-Hard Boot2Root machine intended to be used in a Workshop/CTF beside Shellmates Club.

The machine has 6 flags that will guide the challenger through it.

It covers web security, binary exploitation, and various misconfigurations.

  • LinkedIn:
  • e-mail: gh_zouahi at esi dot dz

This lab is going to introduce a little anarchy. It will upset the established order, and everything becomes will become chaos. Get your face painted and wear that Purple suit because it’s time to channel your inner Joker. This is a boot2root lab. Getting the root flag is ultimate goal.


The machine was part of my workshop for Hacker Fest 2019 at Prague.

Difficulty level of this VM is very “very easy”. There are two paths for exploit it.

  • There are no intentional rabbit holes.
  • Through a vulnerable "[retracted]". Exploit is part of MSF.
  • Through vulnerable "[retracted]".
    • Can be found by "[retracted]".
    • There is a "[retracted]" injection (exploit is part of MSF).
    • Recovered credentials (username + hash) can be cracked by John and rockyou.txt wordlist.
    • Low priv shell can be gained through MSF exploit or trying the credentials against "[retracted]".
    • Priv. esc. is simply done by "[retracted]".

A harder VM designed to train for both pentesting newer IT infrastructure methodologies as well as network pivot practice.

You'll need to be familiar with pivoting techniques, web app vulnerabilities, Metasploit and Meterpreter, as well as enumeration methodologies and a good bit of patience.

As a note, there are two additional bonus flags that will appear in the /root directory based on pre-defined actions taken during the course of rooting the VM.

This is our tribute to the Indian Space Research Organisation (ISRO). We as Indians are proud of ISRO and its achievements. Solve this CTF challenge and feel the work of ISRO.

This machine contains 4 different flags to test your skills.

  1. Aryabhata
  2. Bhaskara
  3. Mangalyaan
  4. Chandrayaan 2


Aimed at Beginner Security Professionals who want to get their feet wet into doing some CTF's. It should take around 30 minutes to root.

Bottleneck is an intermediate boot2root machine.

After some cyber attacks the admin hardened the system, show him that it's not so secure.

If you need a hint feel free to contact me on Twitter: @bytevsbyt3

serial: 2

sk4 27 Sep 2019

This box has an intermediate difficulty for the user, I suggest you to enumerate it and use some tools for get the first flag. Note that if you don't see the flag maybe you should find it in other place ;).

The hard part is the privilege escalation for the root user, try hard and get the root flag (if you can;))!

If you need an hint, feel free to contact me on Twitter: @sk4pwn


The purpose of this machine is to grant OSCP students further develop, strengthen, and practice their methodology for the exam.