You can't judge a book by its cover.  When I saw that the description was empty, I thought this box was going to be hard.  Again, as always, your definition of hard and mine may differ but this box has few moving parts and in my opinion, it's not hard.  In fact, this box is perfect for a friend who I'm guiding into penetration testing.  He just learned a new skill the other day and there's a component to this box that's right up his alley.  

    Moving on, we kick off with Nmap:

    Continuing on with the SP series, I'm working my way backwards through the list of boxes I've yet to root and we find Harrison which is described as:  "Can you break free from Harrison's prison?"

    From the description, I'm thinking some sort of shell jail but I'm not really sure what's in store for me.  I'll just do my thing, we'll see what obstacles appear and work around them.

    I think this is from the same author that has produced a couple (?) of the advanced web application machines.  The description for this box states:  "The library is a sophisticated web application which has few advanced vulnerabilities. You will have to think out of the box to be able to compromised successfully this machine. If you can't you can just enjoy countries history ;)"

    This one was tough.  The injection is tedious and tricky but if you take your generic queries into SQL and you look at the responses, it will become obvious as to what will and will not work.  I'm trying not to spoil too much and perhaps that hint is enough by itself.

    I think I've mentioned that I dislike the puzzle style boxes.  Seems like the last couple of Vulnhub downloads required me to solve problems that had little to do with real world scenarios.  I hate to quit midstream but my personal goal is to hone my craft, learn new techniques, and improve my documentation skills.  Hunting for the hidden page, behind the hidden page, behind the hidden page, using a wordlist I scraped from some video game fan page is not exactly what I had in mind. #truestory

    Searching through Vulnhub, I spotted the SP series and I remember it being fresh, challenging, and at least semi real world.  Jerome's description:  "Jerome has created some awesome recipes. Can you find them?"

    I'm glad I found my way back to this series because while Jerome was never hard, it was challenging and it kept me on my toes.  

    After playing with Ted, I was excited to move to the next box from the same author.  DomDom is described as:  "How well do you understand PHP programs? How familiar are you with Linux misconfigurations? This image will cover advanced Web attacks, out of the box thinking and the latest security vulnerabilities."

    Let me start off by saying that I think Ted was harder but it's really a matter of what you know versus what you don't know. This seemed pretty straightforward and it didn't take long to get on the box.  From there, root was quick.  I only went one route for root this time because it's Saturday morning and I have things to do. ;)  Given the nature of Ted, I think there's a more clever way to root but I take these boxes to be more about the entry than the privilege escalation.  Perhaps I'll take a second glance later.  I also thought about scripting up a portion of the process in Python.  For now....

    Page 11 of 45

    © 2020