Back

Gemini Inc: 1

About Release

Back to the Top

Download

Back to the Top
Please remember that VulnHub is a free community resource so we are unable to check the machines that are provided to us. Before you download, please read our FAQs sections dealing with the dangers of running unknown VMs and our suggestions for “protecting yourself and your network. If you understand the risks, please download!

Description

Back to the Top

Name: Gemini Inc v1

Date release: 2018-01-09

Author: 9emin1

Series: Gemini Inc


Description:

I have decided to create vulnerable machines that replicate the vulnerabilities and difficulties I’ve personally encountered during my last year (2017) of penetration testing.

Some of the vulnerabilities require the “Think out of the box (fun)” mentality and some are just plain annoyance difficulties that require some form of automation to ease the testing.

GeminiInc v1 has been created that replicate an issue that I’ve encountered which was really interesting and fun to tackle, I hope it will be fun for you guys as well.

Adding a little made-up background story to make it more interesting...


Introduction:

Gemini Inc has contacted you to perform a penetration testing on one of their internal system. This system has a web application that is meant for employees to export their profile to a PDF. Identify any vulnerabilities possible with the goal of complete system compromise with root privilege. To demonstrate the level of access obtained, please provide the content of flag.txt located in the root directory as proof.

Tweet me your writeup @ https://twitter.com/sec_9emin1


File Information:

Filename: Gemini-Pentest-v1.zip

File size: 3283684247

SHA 1: 47ca8fb27b9a4b59aa6c85b8b1fe4df564c19a1e


Virtual Machine:

Format: Virtual Machine (VMWare)

Operating System: Debian


Networking:

DHCP Service : Enabled

IP Address: Automatically Assigned


More information can be obtained from my blog post on this vulnerable machine: https://scriptkidd1e.wordpress.com/

Intended solution will be provided some time after this has been published: https://scriptkidd1e.wordpress.com/geminiinc-v1-vm-walkthrough/

The VM has been tested on the following platform and is working:

It should work with any virtual machine player as well. It will be able to obtain an I.P Address with DHCP so no additional configuration is required. Simply import the downloaded VM and you are good to go.

File Information

Back to the Top

Virtual Machine

Back to the Top

Networking

Back to the Top

Screenshots

Back to the Top