Third in a multi-part series, Breach 3.0 is a slightly longer boot2root/CTF challenge which attempts to showcase a few real-world scenarios/vulnerabilities, with plenty of twists and trolls along the way.

Difficulty: Intermediate, requires some creative thinking and persistence more so than advanced exploitation.

The VM is configured to grab a lease via DHCP.

A few things:

1) This is the culmination of the series, keep your notes close from the previous 2 challenges, they may come in handy. 2) Remember that recon is an iterative process. Make sure you leave no stone unturned. 3) The VM uses KVM and QEMU for virtualization. It is not necessary to root every host to progress. 4) There are 3 flags throughout, once you reach a flag you have achieved that intended level of access and can move on. These 3 flags are your objectives and it will be clear once you have found each and when it is time to move on.

Shout-out to knightmare for many rounds of testing and assistance with the final configuration as well as g0blin, Rand0mByteZ, mr_h4sh and vdbaan for testing and providing valuable feedback. As always, thanks to g0tmi1k for hosting and maintaining Vulnhub.

If you run into any issues you can find me on Twitter: https://twitter.com/mrb3n813 or on IRC in #vulnhub.

Looking forward to the write-ups!

Enjoy and happy hunting!

SHA1: EBB2123E65106F161479F3067C68CFA143CA98D3

Breach: 2.1

mrb3n 15 Aug 2016

Second in a multi-part series, Breach 2.0 is a boot2root/CTF challenge which attempts to showcase a real-world scenario, with plenty of twists and trolls along the way.

The VM is configured with a static IP (192.168.110.151) so you'll need to configure your host only adaptor to this subnet. Sorry! Last one with a static IP ;)

A hint: Imagine this as a production environment during a busy work day.

Shout-out to knightmare for many rounds of testing and assistance with the final configuration as well as rastamouse, twosevenzero and g0blin for testing and providing valuable feedback. As always, thanks to g0tmi1k for hosting and maintaining #vulnhub.

VirtualBox users: if the screen goes black on boot once past the grub screen make sure to go to settings ---> general, and make sure it says Type: Linux Version: Debian 64bit

If you run into any issues, you can find me on Twitter: https://twitter.com/mrb3n813 or on IRC in #vulnhub.

Looking forward to the write-ups, especially any unintended paths to local/root.

Happy hunting!

SHA1:D8F33A9234E107CA745A8BEC853448408AD4773F

Note: v2.1 fixes a few issues.

Breach: 1

mrb3n 30 Jun 2016

First in a multi-part series, Breach 1.0 is meant to be beginner to intermediate boot2root/CTF challenge. Solving will take a combination of solid information gathering and persistence. Leave no stone unturned.

The VM is configured with a static IP address (192.168.110.140) so you will need to configure your host-only adaptor to this subnet.

Many thanks to knightmare and rastamouse for testing and providing feedback.

Shout-out to g0tmi1k for maintaining #vulnhub and hosting my first challenge.

If you run into any issues, you can find me on Twitter: https://twitter.com/mrb3n813 or on IRC in #vulnhub.

Looking forward to the write-ups, especially any unintended paths to local/root.

Note, you may need to use 7zip to extract the ZIP.