To commemorate their second birthday, VulnHub is holding another competition with the promise of prizes for those who are chosen as winners! The challenge is Sokar; a nefarious boot2root created by rasta_mouse which features a nice balance of frustration and satisfaction. For more details about the competition, head over to VulnHub’s blog post. I spent a couple of hours each evening after work to poke away at Sokar until I finally solved it. This post contains my walkthrough.
While killing time waiting for the next CTF, a handful of us from Team VulnHub decided to have a go at OverTheWire’s Behemoth challenges. I hadn’t played Behemoth before and found it pretty fun. The game is described as:
This wargame deals with a lot of regular vulnerabilities found commonly ‘out in the wild’. While the game makes no attempts at emulating a real environment it will teach you how to exploit several of the most common coding mistakes including buffer overflows, race conditions and privilege escalation.
If you’re interested, you can find more information at http://overthewire.org/wargames/behemoth/
Happy 2015! With the holidays and merry making out of the way, it was time to resume hacking boot2roots and CTFs. To start off the new year is Pegasus, by TheKnapsy. I actually started this challenge a week before Christmas, but after getting a foothold on the target, I put it on hold to prepare for the holidays and unplug for a few days. Today I finally got around to loading it up again and finishing it off. I recommend having a go at it, so grab it from VulnHub.
A couple of years ago I successfully completed the Offensive Security Pentesting with Backtrack (PWB) course, and a year after that, the Cracking the Perimeter (CTP) course. Having a huge lab made up of different machines in different subnets to break into is just a great challenge. When I completed the courses, I was a little sadenned that I’d no longer get a chance to poke at the labs. So you can imagine my excitement when I was asked if I’d like to beta test Offensive Security’s latest offering; The Playground.
For the last few weeks I had immersed myself in several CTFs with team VulnHub. It was a nice change to return to boot2roots after tackling small and difficult challenges. This time round, it’s Knock-Knock by zer0w1re. Much like other boot2roots, the goal is to get root, and find the flag. As always, head over to VulnHub to download it and have a go.
It seems like more and more boot2roots are being submitted to VulnHub as of late. OwlNest by Swappage is one of the more recent ones that packs a good challenge. Grab it over at VulnHub if you’re interested in giving it a go. This was debuted at ESC 2014 CTF where no one was able to solve it. It took me several days to finish off this beast after getting stuck in a tarpit, but this was a whole lot of fun.
Another month, another hacking challenge! This time it’s Xerxes 2 by barrebas. This boot2root promised some challenges and it definitely delivered. Xerxes 1 was a lot of fun, and when Xerxes 2 was announced, I was looking forward to getting my hands dirty. As with other boot2roots, you can download a copy of Xerxes 2 at VulnHub
One of the latest and more challenging boot2roots released on VulnHub as of late is Hell. This boot2root by Peleus has appeared to cause quite a bit of hair pulling and teeth gnashing whenever it’s mentioned on IRC. I initially started off with his beta version but had to put it away when I got too busy with work. When I was finally ready to try again, the official version had been released, so I downloaded it and started over.
A few weeks ago, VulnHub hosted the Hades competition; a capture the flag challenge created by Lok_Sigma. Hades is touted as a difficult boot2root, requiring some experience in exploit writing and reverse engineering. The competition ran for a good 4 weeks, and with submissions now closed, I’ve decided to go ahead post my solution.