Category: Medium

Bulldog 2 Boot to Root VM Walkthrough

Introduction Today I’ll be demonstrating the process to fully compromise the Bulldog 2 VM created by @frichette_n This was a fun box, and was probably the first challenge VM I’ve attacked which had a realistic volume of data within (15,000 users…!). Overall I learned a lot from this VM and I hope you all learn something from

‘Node’ Boot to Root VM Walkthrough

Introduction Today we’re going to be looking at the Node VM created by @iamrastating and hosted with love by vulnhub.com. This was my first (I think?) NodeJS application assessment and I was VERY EXCITED. Let’s get to it!

Temple of Doom: 1 Boot to Root VM Walkthrough

Introduction Today we’re going to thoroughly pwn the Temple of Doom: 1 VM from Vulnhub, created by 0katz. This box was fun and had some swish ASCII art to boot, I learned a tonne from it and I hope that you learn something from this write up! Let’s get to it.

Pinky’s Palace: V1 Boot to Root VM Walkthrough

Introduction Today I’ll be detailing how to compromise Pink_Panther’s most excellent Pinky’s Palace V1 VM from start to finish. This VM was really interesting, including a few fun things that I’d not previously messed with (Squid proxy for example!) <Mario>Letsa Go!</Mario>

Vulnhub: Mr. Robot Boot2Root VM

Introduction Today I’ll be documenting my method for compromising the Mr. Robot VM created by @Sho_Luv and hosted by Vulnhub. This is a mini CTF with 3 “flags” to capture, Vulnhub touts this as being “beginner / intermediate”. Let’s get to it! NMap NMap reports that the following TCP ports are listening on the box –

Vulnhub: USV 2017 Boot2Root VM

Introduction Today we’re going to be taking a look at the “USV: 2017” VM from Vulnhub! This was a super fun CTF, comprised of 5 flags in the format of country:MD5 hash. This CTF had a bit of everything and required some nice creative problem solving to complete! NMap [crayon-5ce9d75d28b11401087242/]   W0Ot, we got our

Vulnhub: Kioptrix #5 Boot2Root VM

  Introduction Today I’ll be demonstrating how to compromise the fifth and final box in the Kioptrix series. This box was amazing – really fun twist with the IDS / httpd config blocking access to port 8080, also my first boot2root based on a FreeBSD system rather than a Linux system (which came with it’s own

Vulnhub: H.A.S.T.E Boot2Root VM

Introduction Today I’ll be explaining the route I took to compromise the HASTE VM created by f1re_w1re and hosted by the ever excellent Vulnhub The attack surface on this box is minimal, and the exploit (while simple) had a twist which made me scratch my head and Google for help. Let’s enumerate! Recon As usual, we start