Introduction When checking my twitter-feed there was a tweet from @Bill_Matthews with a reference to this site. Because I like a challenge, I had to participate. Like always I write up my findings to not only learn from the experience, but also in the hope it can help others. Location http://www.hackertest.net/ Description HackerTest.net is your own […]

PwnLab: init

Location https://download.vulnhub.com/pwnlab/pwnlab_init.ova Description Welcome to “PwnLab: init”, my first Boot2Root virtual machine. Meant to be easy, I hope you enjoy it and maybe learn something. The purpose of this CTF is to get root and read the flag. Difficulty: Low Flag: /root/flag.txt Enumeration nmap -T4 -sV -p- It looks like 2 well-known ports and […]

TopHatSec: FartKnocker

Location https://www.vulnhub.com/entry/tophatsec-fartknocker,115/ Description New VM challenge that should be fun for people trying to get into packet analysis! Enumeration nmap -T4 -A -p- PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.7 ((Ubuntu)) |_http-server-header: Apache/2.4.7 (Ubuntu) |_http-title: Site doesn’t have a title (text/html). When I visit the website, there is a reference to […]

Mr. Robot

Location https://www.vulnhub.com Description Based on the show, Mr. Robot. This VM has three keys hidden in different locations. Your goal is to find all three. Each key is progressively difficult to find. The VM isn’t too difficult. There isn’t any advanced exploitation or reverse engineering. The level is considered beginner-intermediate. Enumeration Mr. Robot is one […]

Sidney: 0.2

Location https://www.vulnhub.com Description Welcome to my third boot2root / CTF this one is called Sidney. The VM is set to grab a DHCP lease on boot. As before, gaining root is not the end of this VM. You will need to snag the flag, and being me, it’s never where they normally live… B-) If […]

Tommy Boy: 1

Location vulnhub.com Description HOLY SCHNIKES! Tommy Boy needs your help! The Callahan Auto company has finally entered the world of modern technology and stood up a Web server for their customers to use for ordering brake pads. Unfortunately, the site just went down and the only person with admin credentials is Tom Callahan Sr. – […]