Drunk Admin Web Hacking Challenge: 1 ~ VulnHub

About Release
| Download
| Description
| File information
| Virtual Machine
| Networking
| Screenshot(s)
| Walkthrough(s)

Drunk Admin Web Hacking Challenge: 1

About Release

Name: Drunk Admin Web Hacking Challenge: 1
Date release: 2 Apr 2012
Author: Bechtsoudis
Series: Drunk Admin Web Hacking Challenge
Web page: https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/

Download

Please remember that VulnHub is a free community resource so we are unable to check the machines that are provided to us. Before you download, please read our FAQs sections dealing with the dangers of running unknown VMs and our suggestions for “protecting yourself and your network. If you understand the risks, please download!

drunk_admin_hacking_challenge.zip (Size: 539 MB)
Download: http://bechtsoudis.com/data/challenges/drunk_admin_hacking_challenge.zip
Download (Mirror): https://download.vulnhub.com/drunkadminhackingchallenge/drunk_admin_hacking_challenge.zip

Description

Back to the Top

Configuration

The network is configured to obtain an IP address via DHCP by default. Although if you want to further configure the virtual machine you can login as user root and password toor. The apache web server is configured to run on port 8880.

Mission

The challenge includes an image hosting web service that has various design vulnerabilities. You must enumerate the various web service features and find an exploitable vulnerability in order to read system hidden files. The web application is 100% custom so do not try to search google for relative PoC exploit code.

FINAL GOAL: Reveal the hidden message for a date arrange that Bob sent to Alice.

Source: https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/