IMPORTANT NOTE: do not use host-only mode, as issues have been discovered. Set the Billy Madison VM to "auto-detect" to get a regular DHCP address off your network.

Plot: Help Billy Madison stop Eric from taking over Madison Hotels!

Sneaky Eric Gordon has installed malware on Billy's computer right before the two of them are set to face off in an academic decathlon. Unless Billy can regain control of his machine and decrypt his 12th grade final project, he will not graduate from high school. Plus, it means Eric wins, and he takes over as head of Madison Hotels!

Objective: The primary objective of the VM is to figure out how Eric took over the machine and then undo his changes so you can recover Billy's 12th grade final project. You will probably need to root the box to complete this objective.

Download:

• BillyMadison1dot0.zip - https://dl.dropboxusercontent.com/u/5473387/BillyMadison1dot0.zip
• MD5 = afcb926608d6d7b2471e4de6c367afb4
• SHA1 = 4933ca408fcb2e88e6388fe4ea321f758b133d72

Other Information:

• Size: 1.68GB
• Hypervisor: Created with VMWare ESXi 6.0.0
• Difficulty: Beginner/Moderate

Special Thanks To:

• @rand0mbytez and @mrb3n813 for their tenacious help in beta testing, ironing out the bugs, suggesting better ways to do things, battling trolls and just generally being awesome.
• @g0tmi1k, @_RastaMouse and the VulnHub crew for hosting VMs, encouraging VM creators/testers and being a tremendous resource to the infosec community.
• @ReverseBrain for helping and testing with Vbox
• My wife. She rules.

Welcome to "IMF", my first Boot2Root virtual machine. IMF is a intelligence agency that you must hack to get all flags and ultimately root. The flags start off easy and get harder as you progress. Each flag contains a hint to the next flag. I hope you enjoy this VM and learn something.

Difficulty: Beginner/Moderate

Can contact me at: geckom at redteamr dot com or on Twitter: @g3ck0m

SkyDog Con CTF 2016 - Catch Me If You Can

Difficulty: Beginner/Intermediate

Instructions: The CTF is a virtual machine and works best in Virtual Box. Download the OVA file open up Virtual Box and then select File –> Import Appliance. Choose the OVA file from where you downloaded it. After importing the OVA file above make sure that USB 2.0 is disabled before booting up the VM. The networking is setup for a Host-Only Adapter by default but you can change this before booting up depending on your networking setup. The Virtual Machine Server is configured for DHCP. If you have any questions please send me a message on Twitter @jamesbower and I’ll be happy to help.

Flags

The eight flags are in the form of flag{MD5 Hash} such as flag{1a79a4d60de6718e8e5b326e338ae533

Flag #1 Don’t go Home Frank! There’s a Hex on Your House.

Flag #2 Obscurity or Security?

Flag #3 Be Careful Agent, Frank Has Been Known to Intercept Traffic Our Traffic.

Flag #4 A Good Agent is Hard to Find.

Flag #5 The Devil is in the Details - Or is it Dialogue? Either Way, if it’s Simple, Guessable, or Personal it Goes Against Best Practices

Flag #6 Where in the World is Frank?

Flag #7 Frank Was Caught on Camera Cashing Checks and Yelling - I’m The Fastest Man Alive!

Flag #8 Franks Lost His Mind or Maybe it’s His Memory. He’s Locked Himself Inside the Building. Find the Code to Unlock the Door Before He Gets Himself Killed!

This was used in HackDay Albania's 2016 CTF.

The level is beginner to intermediate .

It uses DHCP.

64Base Boot2Root

This is my very first public Boot2Root, It’s intended to be more of a fun game than a serious hacking challenge. Hopefully anyone interested enough to give it a try will enjoy the story with this one.

It is based on the StarWars storyline and is designed to Troll you in a fun way.

Just be warned, it’s littered with more than a few “Red Herrings” ;D

Difficulty Rating

[BEGINNER - INTERMEDIATE]

Capture The Flags

There are 6 flags to collect. Each in the format of flag1{ZXhhbXBsZSBmbGFnCg==} Beat the Empire and steal the plans for the Death Star before its too late.

I Hope You Enjoy It.

Difficulty: Beginner/Intermediate

Instructions: The CTF is a virtual machine and has been tested in Virtual Box. It has all required drivers if you want it to run on VMware or KVM (virtio). The network interface of the virtual machine will take it`s IP settings from DHCP.

Flags: There are 7 flags that should be discovered in form of: Country_name Flag: [md5 hash]. In CTF platform of the CTF-USV competition there was a hint available for each flag, but accessing it would imply a penalty. If you need any of those hints to solve the challenge, send me a message on Twitter @gusu_oana and I will be glad to help.

About: CTF-USV 2016 was the first International Students Contest in Information Security organized in Romania by Suceava University. Security challenges creation, evaluation of results and building of CTF environment was provided by Safetech Tech Team: Oana Stoian (@gusu_oana), Teodor Lupan (@theologu) and Ionut Georgescu (@ionutge1)

SHA1: f401e4e9084f937a674356dd4fa2144e10b8471a

+---------------------------------------------------------+
|                     Name: Moria                         |
|                       IP: Through DHCP                  |
|               Difficulty: Not easy!                     |
|                     Goal: Get root                      |
+---------------------------------------------------------+
|                                                         |
| DESCRIPTION:                                            |
| Moria is NOT a beginner-oriented Boot2Root VM, it will  |
| require good enum skills and a lot of persistence.      |
|                                                         |
| VM has been tested on both VMware and VirtualBox, and   |
| gets its IP through DHCP, make sure you're on the same  |
| network.                                                |
|                                                         |
| Special thanks to @seriousblank for helping me create it|
| and @johnm and @cola for helping me test it.            |
|                                                         |
|     Link: dropbox.com/s/r3btdcmwjigk62d/Moria1.1.rar    |
|     Size: 1.56GB                                        |
|      MD5: 2789bca41a7b8f5cc48e92c635eb83cb              |
|     SHA1: e3bddd4133320ae42ff65aec41b9f6516d33bb89      |
|                                                         |
| CONTACT:                                                |
| You can find me on NetSecFocus slack, twitter at        |
| @abatchy17 or occasionally on #vulnhub for questions.   |
|                                                         |
| PS: No Lord of The Rings knowledge is required ;)       |
|                                                         |
| -Abatchy                                                |
+---------------------------------------------------------+

Machine Name: BTRSys1

IP : DHCP

Difficulty : Beginner / Intermediate

Format : Virtual Machine (VMware)

Description : This is a boot2root machine particularly educational for beginners. Follow us for next BTRSys systems. We hope you enjoy it!

Machine Name: BTRSys2

IP : DHCP

Difficulty : Beginner / Intermediate

Format : Virtual Machine (VMware)

Description : This is a boot2root machine particularly educational for beginners. Follow us for next BTRSys systems. We hope you enjoy it!

twitter: btrisk

Bulldog Industries recently had its website defaced and owned by the malicious German Shepherd Hack Team. Could this mean there are more vulnerabilities to exploit? Why don't you find out? :)

This is a standard Boot-to-Root. Your only goal is to get into the root directory and see the congratulatory message, how you do it is up to you!

Difficulty: Beginner/Intermediate, if you get stuck, try to figure out all the different ways you can interact with the system. That's my only hint ;)

Made by Nick Frichette (frichetten.com) Twitter: @frichette_n

I'd highly recommend running this on Virtualbox, I had some issues getting it to work in VMware. Additionally DHCP is enabled so you shouldn't have any troubles getting it onto your network. It defaults to bridged mode, but feel free to change that if you like.

Covfefe is my Debian 9 based B2R VM, originally created as a CTF for SecTalks_BNE. It has three flags.

It is intended for beginners and requires enumeration then [spoiler]!