Simple Boot2root for beginner/immediate. This challenge is made for the Security Hackadeny (https://www.security-hackademie.de/). Made for virtualbox

middle-class lab

There are different tasks in the lab. It is very joyful.

Description: Zeus is an intermediate level boot2root VM. Your goal is to get root and read the flags. Tested on VMware.

Difficulty: Medium

Flags: user.txt and root.txt

Networking: Static IP ~ 192.168.131.170

Jerome has created some awesome recipes. Can you find them?

Flags - /root/flag.txt - /home/jerome/flag.txt

Tested with VirtualBox

DHCP enabled

Difficulty: Intermediate

Should not be as easy as to just run a MSF module to get root right away, if so please let me know.

Can you break free from Harrison's prison?

Flags - /root/flag.txt

Tested with VirtualBox

DHCP enabled

Difficulty: Intermediate

Should not be as easy as to just run a MSF module to get root right away, if so please let me know.

Sputnik is an easy level boot2root machine designed to be a challenge for security enthusiasts to learn and practice compromising machines and penetration testing.

The vulnerable machine was made as a boot2root CTF challenge for an InfoSec community wherein CTF challenges were made by hackstreetboys (a CTF team from Philippines).

A new machine works in VirtualBox. Two flags: user and root. Some easy overflow stuff.

This is the evil twin of JOY. Unlike JOY, this machine is designed to drive you crazy. Stephen Hawking once mentioned, "God plays dice and throws them into places where they cannot be seen."

The dice for the machine can all be found on the Internet. Like all other machines built by me, you should not torment yourself by brute force. But perhaps, JOY and TORMENT are two sides of the same coin of satisfaction? Can we really spark joy if we can't first be tormented to endure sufferance?

This machine guarantees to teach you some new ways of looking at enumeration and exploitation. Unlike all the other OSCP-like machines written by me, this machine will be mind-twisting and maybe mind-blowing. You may lose your mind while at it, but we will still nudge you to... try harder!

This is NOT an easy machine and you should not feel discouraged if you spend a few days headbanging on this machine. At least three competent pentesters I have asked to test this machine report days (thankfully not weeks) of head banging and nerve wrecking. Do this machine if you enjoy being humbled.

If you MUST have hints for this machine (even though they will probably not help you very much until you root the box!): Torment is (#1): what happens when you can't find your answer on Google, even though it's there, (#2): what happens when you plead for mercy, but do not succeed, (#3): https://www.youtube.com/watch?v=7ge1yWot4cE

Feel free to contact the author at https://donavan.sg/blog if you would like to drop a comment.

Does penetration testing spark joy? If it does, this machine is for you.

This machine is full of services, full of fun, but how many ways are there to align the stars? Perhaps, just like the child in all of us, we may find joy in a playground such as this.

This is somewhat OSCP-like for learning value, but is nowhere as easy to complete with an OSCP exam timeframe. But if you found this box because of preparation for the OSCP, you might as well try harder. :-)

If you MUST have hints for this machine (even though they will probably not help you very much until you root the box!): Joy is (#1): https://www.youtube.com/watch?v=9AvWs2X-bEA, (#2): something that should be replicated, (#3): what happens when you clean out seemingly "hidden" closets.

Note: There are at least two reliable ways of obtaining user privileges and rooting this machine. Have fun. :-)

Feel free to contact the author at https://donavan.sg/blog if you would like to drop a comment.

Description: unknowndevice64 v2.0 is a beginner level boot2root challenge. The OVA has been tested on both VMware (with some fix provided in this video https://www.youtube.com/watch?v=scRpxo8fra4) and Virtual Box.

Difficulty: Beginner

Flags: Your Goal is to get root and read flag.txt with at least two different ways.

Networking: - DHCP: Enabled - IP Address: Automatically assigned

Hint: Follow your intuitions ... and enumerate! and for any questions, feel free to contact me on Twitter: @unknowndevice64

Happy Hacking..!!!