First, let me start off by saying that this only takes you through the first flag because the next flag takes you off the CTF box and onto the Internet.  Call me a prude but I'm not attacking a public facing IP address.  I wish they would have done this with Docker or some other container technology because it could have been self contained. 

That being said, the first part was a lot of fun.  I'll take you through to the pivot and then you can decide whether or not to move forward.

The description states:  "Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.  Covenant is an ASP.NET Core, cross-platform application that includes a web-based interface that allows for multi-user collaboration."

I'd previously written about Covenant and while I thought it was interesting, I didn't have a use for it then.  But as my engagements get larger, the ability to logically aggregate endpoints is a necessity and a second look at Covenant got me to really digging around in it.

A couple of points before I jump into it.  First, this is not an A to Z primer.  Second, and more importantly, it is a little buggy from time to time.  The more you play with it, the more you're going to learn the ins and outs.  I've been using it day in and day out for about 45 days.  I understand well enough to know when I should try something again (and perhaps again). 

The description states:  "This box should be easy. This machine was created for the InfoSec Prep Discord Server as a give way for a 30d voucher to the OSCP Lab, Lab materials, and an exam attempt."

Been a while since I've written I've been focusing heavily on a class but I needed a little distraction, saw the new Vulnhub look and feel, then saw this box.  I thought maybe it would be a little more OSCP-like but I think the point was to make it accessible to a wider variety of player. 

We kick off with Nmap: