Virtual Machines
single series all timeline


Hash: SHA512

Welcome to

  ___           _            ___          _
 |   \ ___ _ _ | |_____ _  _|   \ ___  __| |_____ _ _
 | |) / _ \ ' \| / / -_) || | |) / _ \/ _| / / -_) '_|
 |___/\___/_||_|_\_\___|\_, |___/\___/\__|_\_\___|_|
                             Made with <3 v.1.0 - 2017

This is my first boot2root - CTF VM. I hope you enjoy it. if you run into any issue you can find me on Twitter: @dhn_ or feel free to write me a mail to:

  • Email: [email protected]
  • GPG key: 0x2641123C
  • GPG fingerprint: 4E3444A11BB780F84B58E8ABA8DD99472641123C

Level: I think the level of this boot2root challange is hard or intermediate.

Try harder!: If you are confused or frustrated don't forget that enumeration is the key!

Thanks: Special thanks to @1nternaut for the awesome CTF VM name!

Feedback: This is my first boot2root - CTF VM, please give me feedback on how to improve!

Tested: This VM was tested with:

  • VMware Workstation 12 Pro
  • VMware Workstation 12 Player
  • VMware vSphere Hypervisor (ESXi) 6.5

Networking: DHCP service: Enabled

IP address: Automatically assign


77439cb457a03d554bec78303dc42e5d3074ff85  DonkeyDocker-disk1.vmdk
7013d6a7c151332c99c0e96d34b812e0e7ce3d57  DonkeyDocker.ovf

Looking forward to the write-ups!


Version: GnuPG v1


Welcome to another boot2root / CTF this one is called Analougepond. The VM is set to grab a DHCP lease on boot. I've tried to mix things up a little on this one, and have used the feedback from #vulnhub to make this VM a little more challenging (I hope).

Since you're not a Teuchter, I'll offer some hints to you:

Remember TCP is not the only protocol on the Internet My challenges are never finished with root. I make you work for the flags. The intended route is NOT to use forensics or 0-days, I will not complain either way.

To consider this VM complete, you need to have obtained:

  • Troll Flag: where you normally look for them
  • Flag 1: You have it when you book Jennifer tickets to Paris on Pan Am.
  • Flag 2: It will include a final challenge to confirm you hit the jackpot.
  • Have root everywhere (this will make sense once you're in the VM)
  • User passwords
  • 2 VNC passwords

Best of luck! If you get stuck, eat some EXTRABACON

NB: Please allow 5-10 minutes or so from powering on the VM for background tasks to run before proceeding to attack.


  • v0.1b - Initial Version
  • v01.c - Fixes for flags based on feedback from mrB3n
  • v0.1d - Fixes based on shortcut to intended route
  • v0.2a - Fixes and clean up of disks for smaller OVA export
  • v0.2b - Small edit to remove copy of flag in wrong folder

SHA1SUM: D75AA2405E2DFB30C1470358EFD0767A10CF1EB1 analoguepond-0.2b.ova

Many thanks to mrB3n, Rand0mByteZ and kevinnz for testing this CTF.

A special thank you to g0tmi1k for hosting all these challenges and offering advice. A tip of the hat to mrb3n for his recent assistence.


"Liberamos nuestro CTF creado por y para la old school."

We released our CTF created by and for the old school.

"Nivel : medio-bajo

Tipo de CTF : lineal, una prueba te va llevando a la siguiente.

Idioma : Español

Plataforma : Raspberry pi 3

Tools para grabar la imagen : win32image o ApplePi-baker"

Level: medium-low

Type of CTF: linear, one test takes you to the next.

Spanish Language

Platform: Raspberry pi 3

Tools to burn the image: win32image or ApplePi-baker

"Descarga la imagen lista para grabar en una sd y montarla en tu raspberry pi, conectala a la corriente y a jugar!"

Download the image ready to burn to a SD and mount it on your raspberry pi, plug it into the stream and play!

"link de descarga :!qANi1STA!tjxTAhaAA1WyoZwp-tp5OWVz8251hJw57Y0kp0skiyc"

Download link :!qANi1STA!tjxTAhaAA1WyoZwp-tp5OWVz8251hJw57Y0kp0skiyc

"Espero que os guste.


I hope you like it.