Continuing through the list of must do boot2root machines, I came upon Kevgir.  I love this box for so many reasons.  It's not particularly hard but it's easy to follow one of the many rabbit holes.  I followed exactly one rabbit hole but not for too long -- I started chasing Jenkins.  I just finished a recently published book and the author talked about Jenkins being a go to avenue.  I don't have a lot of experience with Jenkins but I took his word for it and I pushed on Jenkins for about 15 minutes, stepped back, and said -- let's stick with what we know.

I found a list of recommended Vulnhub servers that someone suggested for good practice.  When I started looking at the age of these boot2root boxes, I could already tell my first 'go to' exploit would be DirtyCow, at least for some of them. 

I saw a comment on this exploit somewhere and they talked about its instability.  It is very unstable unless you know how to stabilize it -- which is easy.  

When you first launch the exploit, it hangs while finishing.  If you do nothing and wait for it to finish, not long after it finishes, it's going to crash the server.  If you've read some of my other posts where I use this exploit, I have the fix lined up.  Here's what you need to do --

As administrators, developers, and various other technology roles, we make mistakes and I wanted to find a server that I could use as an example of how mistakes are made in the real world. LazySysAdmin is just that box.

Don't get me wrong, I love the esoteric CTF type boxes with port knocking, hidden exif data messages, etc., but as far as I can tell, those don't exist in the real world. This box is real world -- where simple mistakes that someone can make in everyday administration can turn into full-on compromise.