Please remember that VulnHub is a free community resource so we are unable to check the machines that are provided to us. Before you download, please read our FAQs sections dealing with the dangers of running unknown VMs and our suggestions for “protecting yourself and your network. If you understand the risks, please download!
ZORZ is another VM that will challenge your webapp skills. There are 3 separate challenges (web pages) on this machine. It should be pretty straight forward. I have explained as much as I can in the readme file:
Welcome to the ZorZ VM Challenge
This machine will probably test your web app skills once again.
There are 3 different pages that should be focused on (you will see!)
If you solve one or all three pages, please send me an email and
quick write up on how you solved each challenge. Your goal is to successfully
upload a webshell or malicious file to the server. If you can execute
system commands on this box, thats good enough!!! I hope you have fun!
You may have issues when importing to VMware. If this is the case. extract the HDD from the OVA file (using something like 7zip), and attach to a new VM.
Please see the following guide: https://jkad.github.io/blog/2015/04/12/how-to-import-the-top-hat-sec-vms-into-vmware/.
Back to the Top
- Filename: Zorz.ova
- File size: 645 MB
- MD5: 05262CC7348EA21D78AFE97B3894BE96
- SHA1: B19F01A69380AB141705921880BBA23DBF26D25F
Back to the Top
- Format: Disk Image (.ISO)
- Operating System: Linux
- DHCP service: Enabled
- IP address: Automatically assign