LAMPSecurity: CTF4

  • Name: LAMPSecurity: CTF4
  • Date release: 10 Mar 2009

(Size: 491 MB)

Updated to set default runlevel to 3 (no X windows) and fixed DHCP.

This is the fourth capture the flag exercise. It includes the target virtual virutal machine image as well as a PDF of instructions. The username and password for the targer are deliberately not provided! The idea of the exercise is to compromise the target WITHOUT knowing the username and password. Note that there are other capture the flag exercises. If you like this one, download and try out the others. If you have any questions e-mail me at justin AT madirish DOT net.

The LAMPSecurity project is an effort to produce training and benchmarking tools that can be used to educate information security professionals and test products. Please note there are other capture the flag exercises (not just the latest one). Check the SourceForge site to find other exercises available (

These exercises can be used for training purposes by following this documentation. Alternatively you may wish to test new tools, using the CTF virtual machines as targets. This is especially helpful in evaluating the effectiveness of vulnerability discovery or penetration testing tools.

  • Filename:
  • File size: 491 MB
  • MD5: 8DBE28D5F886BBDE6103317C4B1C195F
  • SHA1: 3680FB770282ECDD90168C484E61B635079E6C48

  • Format: Virtual Machine (VMware)
  • Operating System: Linux

  • DHCP service: Enabled
  • IP address: Automatically assign