Vulnhub

infovore 1

This is an easy to intermediate box that shows you how you can exploit innocent looking php functions and lazy sys admins.

There are 4 flags in total to be found, and you will have to think outside the box and try alternative ways to achieve your goal of capturing all flags.

VM has been tested on VirtualBox 6.1.10 and VMWare (Fusion)

Enjoy! @theart42 and @4nqr34z

2Much

2Much was made for pen-testing practice. When I worked on it, it hit me; Wouldn't be great to have an extra vulnerability on the host itself? As an extra bonus? It is at medium level difficulty. Enumeration is the key.

Built and tested on VMWare ESXi and Fusion.

DHCP-client

Tempus Fugit

Tempus Fugit is a Latin phrase that roughly translated as “time flies”.

It is an intermediate real life box.

Created mostly by me with some assistance by @DCAU7, the idea behind Tempus Fugit was to create something “out of the ordinary” and without giving anything away, something “dynamic” and a lot like time... changing.

The vm contains both user and root flags. If you don’t see them, you are not looking in the right place...

Need any hints? Feel free to contact us on Twitter: @4nqr34z @DCAU7

DHCP-Client.

Tested both on Virtualbox and vmware

Health warning: May drive people insane

Tempus Fugit 2

This is an intermediate, real life box.

In Tempus Fugit 2, the idea is still, like in the first vm; to create something “out of the ordinary”. The vm contains both user and root flags. If you don’t see them, you are not looking in the right place... Need any hints? Feel free to contact me on Twitter: @4nqr34z

DHCP-Client. Tested both on Virtualbox and vmware

Health warning: Have driven people to the brink of insanity

Tempus Fugit 3

This is an intermediate, real life box.

Tempus Fugit is a Latin phrase that roughly translated as “time flies”.

This is an hard, real life box, created by @4nqr34z and @theart42 to be used as a CTF challenge on Bsides Newcastle 23. november 2019 and released on Vulnhub the same day.

In Tempus Fugit 3, the idea is still, like in the first two challenges; to create something “out of the ordinary”.

The vm contains 5 flags. If you don’t see them, you are not looking in the right place...

Need any hints? Feel free to contact us on Twitter: @theart42 and @4nqr34z

DHCP-Client. Tested both on Virtualbox and vmware

Health warning: For external use only

Tempus Fugit 4

Tempus Fugit is a Latin phrase that roughly translated as “time flies”.

This is an hard, real life box.

As in the former Tempus Fugits, the idea is still to create something “out of the ordinary”.

Need any hints? Feel free to contact us on Twitter: @theart42 and @4nqr34z

DHCP-Client.

Tested and works both on Virtualbox and vmware

Story

After being hacked multiple times, the company decides to do things differently this time. They left Linux and choose another operating system that claimed to be more secure. Realising they could have resources inside the company that are > > willing to help the relative small IT department (originally only web-designers) and the fact (according to Hugh Janus) there are safety in numbers, they start a internal crowdsourcing project. Allowing internal employees to request access to the > new server.

DHCP-Client. Tested both on Virtualbox and vmware

Health warning: For external use only

Tempus Fugit 5

Tempus Fugit is a Latin phrase that roughly translated as “time flies”.

This is an hard, probably insane, real life box, created by @4nqr34z and @theart42.

As in the former Tempus Fugits, #5 the idea is still to create something “out of the ordinary”.

Need any hints? Feel free to contact us on Twitter: @theart42 and @4nqr34z

DHCP-Client.

Tested and works both on Virtualbox and vmware

Health warning: May cause loss of hair, severe self doubt and enlarged imposter syndrome

Story

Recovered from the security disaster that was Tempus Fugit 4, our friends at Mofo company returned to the warm bosom of Linux. They have developed a sensational Internet application and have protected it with all sorts of fancy tooling. > Deploying new technology and cool security features, they are confident that they can now withstand the worst of the worst. But, being hacked so many times, may the real danger be lurking from within?? Hack TF5 and find out for yourself!, @theart42 and @4nqr34z

Try Hack Me

Tempus Fugit Durius

Tempus Fugit is a Latin phrase that roughly translated as “time flies”.

Durius is also latin and means "harder".

This is a remake of Tempus Fugit 1. A bit harder and different from the first one.

It is an intermediate/hard, real life box.

Carpe Diem 1

Story

One of your clients has been hacked by the Carpe Diem cyber gang and all their important files have been encrypted. They have hired you to help them recover an important file that they need to restore their backups. They have contacted the carpe diem cybergang and paid a ransom but have not heard anything back.

The countdown timer is ticking since they visited and they are now running out of time to recover their data before the keys are deleted on the server. Can you retrieve the keys and help your client restore their data before time runs out?

Happy Hacking!

@theart42 and @4nqr34z

Erit Securus I

Learn to exploit the BoltCMS software by researching exploit-db.

Happy Hacking!

@theart42 and @4nqr34z

Ra 1

Story

You have gained access to the internal network of WindCorp, the multibillion dollar company, running an extensive social media campaign >claiming to be unhackable (ha! so much for that claim!). Next step would be to take their crown jewels and get full access to their internal network. You have spotted a new windows machine that >may lead you to your end goal. Can you conquer this end boss and own their internal network?

Happy Hacking!

@theart42 and @4nqr34z

Set

Story

Once again you find yourself on the internal network of the Windcorp Corporation. This tasted so good last time you were there, you came back for more.

However, they managed to secure the Domain Controller this time, so you need to find another server and on your first scan discovered "Set".

Set is used as a platform for developers and has had some problems in the recent past. They had to reset a lot of users and restore backups (maybe you were not the only hacker on their network?). So they decided to make sure all users used proper passwords and closed of some of the loose policies. Can you still find a way in? Are some user more privileged than others? Or some more sloppy? And maybe you need to think outside the box a little bit to circumvent their new security controls…

Happy Hacking!

@theart42 and @4nqr34z

Ra 2

Just when they thought their hashes where safe... Ra 2 - The sequel

Story

WindCorp recently had a security-breach. Since then they have hardened their infrastructure, learning from their mistakes. But maybe not enough? You have managed to enter their local network...

Happy Hacking!

@theart42 and @4nqr34z