DC: 9

DCAU 29 Dec 2019

Description

DC-9 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.

The ultimate goal of this challenge is to get root and to read the one and only flag.

Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools.

For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won't give you the answer, instead, I'll give you an idea about how to move forward.

Technical Information

DC-9 is a VirtualBox VM built on Debian 64 bit, but there shouldn't be any issues running it on most PCs.

DC-9 has been tested successfully on VMWare Player, but if there are any issues running this VM in VMware, have a read through of this.

It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP.

Installation is simple - download it, unzip it, and then import it into VirtualBox or VMWare and away you go.

Important

While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause.

In saying that, there shouldn't be any problems, but I feel the need to throw this out there just in case.

Credits

A big thanks goes out to the members of @m0tl3ycr3w.

Contact

I'm also very interested in hearing how people go about solving these challenges, so if you're up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you've DM'd me if you'd prefer).

I can be contacted via Twitter - @DCAU7

Hackable - Secret Hacker | Vulnerable Web Application Server

Web List

  • DVWA
  • BodgeIt Store
  • bWAPP
  • Commix
  • CryptOMG
  • Mutillidae 2
  • sqli-labs
  • Magical
  • WebGoat
  • WordPress 5.0
  • Git
  • Phpmyadmin

Git Tools

  • fsociety
  • the hydra
  • xbruteforcer
  • WAScan
  • wpscan
  • sqlmap

Blog Post : https://secrethackersite.blogspot.com/2019/10/hackable-secret-hacker-vulnerable-web.html

Difficulty: Intermediate

Flag: 2 Flag first user And the second root

Learning: Web Application | Enumeration | Privilege Escalation

Web-site: www.hacknos.com

Contact-us : @rahul_gehlaut

Description: This VM tells us that there are a couple of lovers namely Alice and Bob, where the couple was originally very romantic, but since Alice worked at a private company, "Ceban Corp", something has changed from Alice's attitude towards Bob like something is "hidden", And Bob asks for your help to get what Alice is hiding and get full access to the company!

Difficulty Level: Beginner

Notes: there are 2 flag files

Learning: Web Application | Simple Privilege Escalation

  • Flags: 3 (local.txt, user.txt & root.txt)
  • Difficulty Level: Initial Shell (Easy) - Privileges Escalation (Intermediate)
  • Website: https://ebryx.com
  • Hint: Maybe, you hasted and left some open holes unchecked?

Literally Vulnerable is supposed to give beginners a taste of real-world scenarios and OSCP machines at the same time! It was inspired highly by the @DC series.

You're supposed to know the big three (EEEs) Enumeration, Exploitation & Escalation of pentesting to pwn the machine. The machine is supposed to be beginner-friendly and the difficulty level is Easy-Intermediate depending on your knowledge. You need to have enough information about Linux file types & permissions for privileges escalation.

Technical Information:

  • Just download, extract and load the .vmx file in VMware Workstation (tested on VMware Workstation 15.x.x)
  • The adapter is currently NAT, networking is configured for DHCP and IP will get assigned automatically

Contact:

  • You can either contact me on twitter @syed__umar or linkedin (/in/syedumararfeen/) for hints!

There are three flags in the machine: local.txt, user.txt & root.txt. You're supposed to grab all three in order to completely pwn the machine. Hope you like the machine, best of luck! :)

I'll try my best to continue with the series!

Description: Have fun!

Difficulty: Beginner

Contact: @whitecr0wz

Description

MyExpense is a deliberately vulnerable web application that allows you to train in detecting and exploiting different web vulnerabilities. Unlike a more traditional "challenge" application (which allows you to train on a single specific vulnerability), MyExpense contains a set of vulnerabilities you need to exploit to achieve the whole scenario.

Scenario

You are "Samuel Lamotte" and you have just been fired by your company "Furtura Business Informatique". Unfortunately because of your hasty departure, you did not have time to validate your expense report for your last business trip, which still amounts to 750 € corresponding to a return flight to your last customer.

Fearing that your former employer may not want to reimburse you for this expense report, you decide to hack into the internal application called "MyExpense " to manage employee expense reports.

So you are in your car, in the company carpark and connected to the internal Wi-Fi (the key has still not been changed after your departure). The application is protected by username/password authentication and you hope that the administrator has not yet modified or deleted your access.

Your credentials were: samuel/fzghn4lw

Once the challenge is done, the flag will be displayed on the application while being connected with your (samuel) account.

Miscellaneous

If you need to restore the database : go to http://IP/config/setup.php

Description: Here is another one, enjoy.

Difficulty: Beginner

Contact: @whitecr0wz

Difficulty : Easy to Intermediate

Flag : 2 Flag first user And second root

Learning : Web Application | Enumeration | Password Cracking

Difficulty : Intermediate

Flag : Need to get root to read flag (root.txt)

Learning : Exploit | Web Application | Digital Forensics | Enumeration | Privilege Escalation

DHCP enabled


Welcome to Fsoft Hacking Labs !


If during boot, you notice Apache error. Please wait one minute then reboot. Labs are designed to destroy themselves when you exploit them incorrectly - Please create a snapshot of yourself.


Good luck to you as well !

Akasafe Team - FSOFT