Narak is the Hindu equivalent of Hell. You are in the pit with the Lord of Hell himself. Can you use your hacking skills to get out of the Narak? Burning walls and demons are around every corner even your trusty tools will betray you on this quest. Trust no one. Just remember the ultimate mantra to escape Narak “Enumeration”. After getting the root you will indeed agree “Hell ain’t a bad place to be”.

Objective: Find 2 flags (user.txt and root.txt)

Mordor-CTF

• Author: strider
• Testers: Kyubai
• Difficulty: Intermediate

Mordor CTF is a CTF-Machine with a nice story.

This VM has a small touch of lord of the rings. And tells a story during part 2 of the movies.

In this VM are 9 flags to get.

This I my first VM i've created, I hope you enjoy it.

The goal is to reach the root and readout the file /root/flag.txt

If you found other ways, to reach the goal, let me know :)

What include this VM?

• Information Gathering
• Enumerarion
• Cracking
• Webexploitation
• Reverse Engineering
• Binary Exploitation
• General Linux skills
• and more...

OS:

• Debian 10 Buster
• IPv4 / DHCP Autoassign

For any hints contact me here [strider007 at protonmail dot com]

If you found Bugs or you have problems with the VM, you can contact me also here [strider007 at protonmail dot com]

Disclaimer

This VM is completely licensed under Creative Commons v3. except the elements by LOTR.

I do not own the characters and the elements of LOTR. They was used for the fanfiction story during the CTF. I do not earn money with this machine and all the other elements of this machine.

If you use parts of this machine please ensure that you remove all LOTR elements.

+---------------------------------------------------------+
|                     Name: Moria                         |
|                       IP: Through DHCP                  |
|               Difficulty: Not easy!                     |
|                     Goal: Get root                      |
+---------------------------------------------------------+
|                                                         |
| DESCRIPTION:                                            |
| Moria is NOT a beginner-oriented Boot2Root VM, it will  |
| require good enum skills and a lot of persistence.      |
|                                                         |
| VM has been tested on both VMware and VirtualBox, and   |
| gets its IP through DHCP, make sure you're on the same  |
| network.                                                |
|                                                         |
| Special thanks to @seriousblank for helping me create it|
| and @johnm and @cola for helping me test it.            |
|                                                         |
|     Link: dropbox.com/s/r3btdcmwjigk62d/Moria1.1.rar    |
|     Size: 1.56GB                                        |
|      MD5: 2789bca41a7b8f5cc48e92c635eb83cb              |
|     SHA1: e3bddd4133320ae42ff65aec41b9f6516d33bb89      |
|                                                         |
| CONTACT:                                                |
| You can find me on NetSecFocus slack, twitter at        |
| @abatchy17 or occasionally on #vulnhub for questions.   |
|                                                         |
| PS: No Lord of The Rings knowledge is required ;)       |
|                                                         |
| -Abatchy                                                |
+---------------------------------------------------------+

I created this machine to help others learn some basic CTF hacking strategies and some tools. I aimed this machine to be very similar in difficulty to those I was breaking on the OSCP.

This is a boot-to-root machine will not require any guest interaction.

There are two designed methods for privilege escalation.

• 23/09/2015 == v1.0.1
• 22/09/2015 == v1.0

If you are having issues with VirtualBox, try the following:

• Downloaded LordOfTheRoot_1.0.1.ova (confirmed file hash)
• Downloaded and installed VMWare ovftool.
• Converted the OVA to OVF using ovftool.

• Modified the OVF using text editor, and did the following:

  replaced all references to "ElementName" with "Caption" replaced the single reference to "vmware.sata.ahci" with "AHCI"

• Saved the OVF. +Deleted the .mf (Manifest) file. If you don't you get an error when importing, saying the SHA doesn't match for the OVF (I also tried modifying the hash, but no luck).

• Try import the OVF file, and it should work fine.

Source: https://twitter.com/dooktwit/status/646840273482330112