Holynix: v1

  • Name: Holynix: v1
  • Date release: 27 Nov 2010

Please remember that VulnHub is a free community resource so we are unable to check the machines that are provided to us. Before you download, please read our FAQs sections dealing with the dangers of running unknown VMs and our suggestions for "protecting yourself and your network. If you understand the risks, please download!


(Size: 239 MB)


(Size: 239 MB)

Holynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing. If you're having trouble, or there are any problems, it can be discussed here.

Source: http://pynstrom.com/holynix.php


Holynix 1.0 beta Release Notes

Similar to the de-ice and pWnOS pentest cds, Holynix is an ubuntu server vmware image that was deliberately built to have security holes for the purposes of penetration testing. More of an obstacle course than a real world example. The object of the challenge is to gain root level privileges and access to personal client information.


Homepage: http://pynstrom.com/

Project Page: http://pynstrom.com/holynix.php

Forums: http://pynstrom.com/forum/


Bugs or can be reported using sourceforge's bug tracker located at http://sourceforge.net/projects/holynix/support or reported to me directly at pynstrom AT pynstrom DOT com

Source: holynix-v1.tar.bz2/README.txt

README.txt wasn't updated with the release of the final version

-- Forum

Difference between beta and final

  • Set HD to non-persistant so any mistakes will be fixed at reboot.
  • Removed some trash I accidentally left laying around.

Source: http://pynstrom.com/forum/viewtopic.php?f=2&t=5

Getting Started w/ Holynix v1

Source: http://pynstrom.com/forum/viewtopic.php?f=6&t=6

-- Checksums

Beta MD5: D19306C6C2305005C72A7811D2B72B51

Beta SHA1: 0C5B7D37FECD39C52BC2C8C2EE66A617BB576A90

Final MD5: EBB8EF2544559D72A052687497F78341

Final SHA1: 967F3DB6D97CCC615EB5758AC75387D46C3D1199

  • Filename: holynix-v1.tar.bz2
  • File size: 239 MB
  • MD5: EBB8EF2544559D72A052687497F78341
  • SHA1: 967F3DB6D97CCC615EB5758AC75387D46C3D1199

  • Filename: holynix-v1_beta.tar.bz2
  • File size: 239 MB
  • MD5: D19306C6C2305005C72A7811D2B72B51
  • SHA1: 0C5B7D37FECD39C52BC2C8C2EE66A617BB576A90

  • Format: Virtual Machine (Virtualbox - VDI)
  • Operating System: Linux

  • DHCP service: Enabled
  • IP address: Automatically assign

  • Apache
  • MySQL
  • PHP

  • Remote Vulnerability
  • Web Application

  • File Inclusion
  • Insecure File Handling
  • Password In Plain Text
  • Privilege Escalation
  • SQL Injection
  • Unrestricted Upload of File with Dangerous Type