_______  _______  ______    _______  ___   _______  _______  _______  __    _  _______  _______ 
|       ||       ||    _ |  |       ||   | |       ||       ||       ||  |  | ||       ||       |
|    _  ||    ___||   | ||  |  _____||   | |  _____||_     _||    ___||   |_| ||       ||    ___|
|   |_| ||   |___ |   |_||_ | |_____ |   | | |_____   |   |  |   |___ |       ||       ||   |___ 
|    ___||    ___||    __  ||_____  ||   | |_____  |  |   |  |    ___||  _    ||      _||    ___|
|   |    |   |___ |   |  | | _____| ||   |  _____| |  |   |  |   |___ | | |   ||     |_ |   |___ 
|___|    |_______||___|  |_||_______||___| |_______|  |___|  |_______||_|  |__||_______||_______|

         "the fact of continuing in an opinion or course of action in spite of 
      difficulty or opposition"

                                                   by sagi- & superkojiman

DISCLAIMER

By using this virtual machine, you agree that in no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of or in connection with the use of this software.

TL;DR - You are about to load up a virtual machine with vulnerabilities created by hackers. If something bad happens, it's not our fault.

ABOUT

Persistence aims to provide you with challenging obstacles that block your path to victory. It is perhaps best described by quotes made by some famous people:

"A little more persistence, a little more effort, and what seemed hopeless failure may turn to glorious success." - Calvin Coolidge

"Energy and persistence conquer all things." - Benjamin Franklin

"Persistence and resilience only come from having been given the chance to work though difficult problems." - Gever Tulley

GOAL

Get a root shell and read the contents of /root/flag.txt to complete the challenge!

SETUP

The virtual machine will get an IP address via DHCP, and it has been tested on the following hypervisors:

VMware Fusion 6 VMware Player 6 VMware Workstation 10 VirtualBox 4.3

SHOUT OUTS

Thanks @VulnHub for kindly hosting this challenge, and thanks to @recrudesce for testing it and providing valuable feedback!

The next machine in the Tr0ll series of VMs. This one is a step up in difficulty from the original Tr0ll but the time required to solve is approximately the same, and make no mistake, trolls are still present! :)

Difficulty is beginner++ to intermediate.

The VM should pull a valid IP from DHCP. This VM has been verified to work on VMware workstation 5, VMware player 5, VMware Fusion, and Virtual box. Virtual box users may need to enable the additional network card for it to pull a valid IP address.

Special thanks to @Eagle11, @superkojiman and @leonjza for suffering through the testing and the members of #overflowsec on freenode for giving me ideas.

If you have issues with the machine, feel free to contact me at @Maleus21 or maleus overflowsecurity.com.

-Maleus

www.overflowsecurity.com

----------------
bee-box - README
----------------

bee-box is a custom Linux VM pre-installed with bWAPP.

With bee-box you have the opportunity to explore all bWAPP vulnerabilities!
bee-box gives you several ways to hack and deface the bWAPP website.
It's even possible to hack the bee-box to get root access...

This project is part of the ITSEC GAMES project. ITSEC GAMES are a fun approach to IT security education. 
IT security, ethical hacking, training and fun... all mixed together.
You can find more about the ITSEC GAMES and bWAPP projects on our blog.

We offer a 2-day comprehensive web security course 'Attacking & Defending Web Apps with bWAPP'.
This course can be scheduled on demand, at your location!
More info: http://goo.gl/ASuPa1 (pdf)

Enjoy!

Cheers

Malik Mesellem
Twitter: @MME_IT

-----------------------
bee-box - Release notes
-----------------------

v1.6
****

Release date: 2/11/2014

bWAPP version: 2.2

New features:

- Vulnerable Drupal installation (Drupageddon)

Bug fixes: /

Modifications: /


v1.5
****

Release date: 27/09/2014

bWAPP version: 2.1

New features:

- CGI support (Shellshock ready)

Bug fixes: /

Modifications: /


v1.4
****

Release date: 12/05/2014

bWAPP version: 2.0

New features:

- Lighttpd web server installed, running on port TCP/9080 and TCP/9443
- PHP SQLite module installed
- SQLiteManager 1.2.4 installed
- Vulnerable bWAPP movie network service (BOF)

Bug fixes: /

Modifications: /


v1.3
****

Release date: 19/04/2014

bWAPP version: 1.9+

New features:

- Nginx web server installed, running on port TCP/8080 and TCP/8443
- Nginx web server configured with a vulnerable OpenSSL version (heartbleed vulnerability)
- Insecure distcc (a fast, free distributed C/C++ compiler)
- Insecure NTP configuration
- Insecure SNMP configuration
- Insecure VNC configuration

Bug fixes:

- bWAPP update script checks for Internet connectivity

Modifications: /


v1.2
****

Release date: 22/12/2013

bWAPP version: 1.8

New features:

- Apache modules enabled: rewrite, include, headers, dav, action
- Apache server-status directive enabled
- Insecure anonymous FTP configuration
- Insecure WebDAV configuration
- Server-Side Includes configuration
- Vulnerable PHP CGI configuration

Bug fixes: /

Modifications:

- MySQL listening on 0.0.0.0
- New bWAPP update script


v1.1
****

Release date: 12/09/2013

bWAPP version: 1.5

New features:

- bWAPP update script

Bug fixes: /

Modifications: /


v1.0
****

Release date: 15/07/2013

bWAPP version: 1.4

New features: /

Bug fixes: /

Modifications: /

-----------------
bee-box - INSTALL
-----------------

bee-box is a custom Linux VM pre-installed with bWAPP.

With bee-box you have the opportunity to explore all bWAPP vulnerabilities!
bee-box gives you several ways to hack and deface the bWAPP website.
It's even possible to hack the bee-box to get root access...


Requirements
////////////

*/ Windows, Linux or Mac OS
*/ VMware Player, Workstation, Fusion or Oracle VirtualBox


Installation steps
//////////////////

No! I will not explain how to install VMware or VirtualBox...

*/ Extract the compressed file.

*/ Double click on the VM configuration file (bee-box.vmx), or import the VM into the VMware software.

*/ Start the VM. It will login automatically.

*/ Check the IP address of the VM.

*/ Go to the bWAPP login page. If you browse the bWAPP root directory you will be redirected.

    example: http://[IP]/bWAPP/
    example: http://[IP]/bWAPP/login.php

*/ Login with the default bWAPP credentials, or make a new user.

    default credentials: bee/bug

*/ You are ready to explore and exploit the bee!


Notes
/////

*/ Linux credentials:

    bee/bug
    root/bug

*/ MySQL credentials:

    root/bug

*/ Modify the Postfix settings (relayhost,...) to your environment.

    config file: /etc/postfix/main.cf

*/ bee-box gives you several ways to deface the bWAPP website.
   It's even possible to hack the bee-box to get root access...

   Have fun!

*/ Take a snapshot of the VM before hacking the bee-box.
   There is also a backup of the bWAPP website (/var/www/bWAPP_BAK).

*/ To reinstall the bWAPP database, delete the database with phpmyadmin (http://[IP]/phpmyadmin/).
   Afterwards, browse to the following page: https://[IP]/bWAPP/install.php

*/ Don't upgrade the Linux operating system, you will lose all fun :)


This project is part of the ITSEC GAMES project. ITSEC GAMES are a fun approach to IT security education. 
IT security, ethical hacking, training and fun... all mixed together.
You can find more about the ITSEC GAMES and bWAPP projects on our blog.

We offer a 2-day comprehensive web security course 'Attacking & Defending Web Apps with bWAPP'.
This course can be scheduled on demand, at your location!
More info: http://goo.gl/ASuPa1 (pdf)

Enjoy!

Cheers

Malik Mesellem
Twitter: @MME_IT

Pegasus

         .-.
   %%%%,/   :-.
   % `%%%, /   `\   _,
   |' )`%%|      '-' /            Filename:   pegasus.ova
   \_/\  %%%/`-.___.'             MD5:        5046e330ff42e9adee0a42b63694cbfe
    __/  %%%"--"""-.%,            SHA1:       f18b7437ca3c96f76a2e1b06f569186b63567dd5
  /`__|  %%         \%%           Difficulty: Intermediate
  \\  \   /   |     /'%,          Author:     Knaps
   \]  | /----'.   < `%,          Tester:     Mulitia
       ||       `>> >
       ||       ///`
       /(      //(

Welcome to my first boot2root VM! Inspired by various CTF events I took part in and by couple cool concepts I learnt in the last couple months.

Rules of engagement are simple - find a way in, escalate your privileges all the way up to the root and get the flag!

As with all VMs like this, think outside the box, don't jump to conclusions too early and "read between the lines" :)

The VM has been tested on VMWare and VirtualBox, just import it, ensure the network is set as "Host Only" and run it. It should pick up the IP address automatically.

Enjoy! :)

Sokar

Filename:  sokar.ova
MD5:  75f5c48e65fa81dc81ef3b58b7ee6bab
SHA1:  5f4aca536898bf962bfcfd2aaccb66fda1ab790a
Author:  Rasta Mouse
Testers:  Barrebas & TheColonial

=====
Notes
=====
DHCP (Automatically Assigned)

    Special note to VMWare users - you must manually set the
    NIC MAC address to 08:00:27:F2:40:DB

Get root, then the flag!

ZORZ is another VM that will challenge your webapp skills. There are 3 separate challenges (web pages) on this machine. It should be pretty straight forward. I have explained as much as I can in the readme file:

Welcome to the ZorZ VM Challenge

This machine will probably test your web app skills once again. There are 3 different pages that should be focused on (you will see!) If you solve one or all three pages, please send me an email and quick write up on how you solved each challenge. Your goal is to successfully upload a webshell or malicious file to the server. If you can execute system commands on this box, thats good enough!!! I hope you have fun!

[email protected]

The goal of this challenge is to break into the machine via the web and find the secret hidden in a sensitive file. If you can find the secret, send me an email for verification. :)

There are a couple of different ways that you can go with this one. Good luck!

Simply download and import the OVA file into virtualbox!

New VM challenge that should be fun for people trying to get into packet analysis!

There are several steps to this box. I created it with virtualbox. The VM is built on:

Ubuntu 14.04 32 bit

If you beat the box then please shoot me an email! Have fun guys!

P.S. I got the word "Fart Knocker" from watching beavis and butthead back in the day. Otherwise you kids might not understand :)

Darknet has a bit of everything, a sauce with a touch of makeup and frustration that I hope will lead hours of fun for migraines and who dares to conquer his chambers.

As the target gets used will read the file contents /root/flag.txt obviously once climbed the privileges necessary to accomplish the task.

The image can be mounted with VirtualBox . The machine has DHCP active list so once automatically assign an IP network, the next step will be to identify the target and discover the / the service / s to start the game. Good luck !. If you want to send in pdf format solucionarios can do so at the following address: s3csignal [at] gmail [dot] com

  __ )    _ \      \    _ _|   \  |   _ \    \      \  |     _ _| _ _| _ _| 
  __ \   |   |    _ \     |     \ |  |   |  _ \      \ |       |    |    |  
  |   |  __ <    ___ \    |   |\  |  ___/  ___ \   |\  |       |    |    |  
 ____/  _| \_\ _/    _\ ___| _| \_| _|   _/    _\ _| \_|     ___| ___| ___|

                                                            by superkojiman
                                                            techorganic.com

DISCLAIMER

By using this virtual machine, you agree that in no event will I be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of or in connection with the use of this software.

TL;DR: If something bad happens, it's not my fault.

SETUP

Brainpan 3 has been tested and found to work with VMware Player, VMware Fusion, and Virtual Box.

Check to make sure Brainpan_III.ova has following checksums so you know your download is intact:

MD5 : 170e0d8b26ab721587537fcde69087a0

SHA1: ed9ae53c556a1ce6988b3a54621dd6469c8b8aa5

Import Brainpan_III.ova into your preferred hypervisor and configure the network settings to your needs. It will get an IP address via DHCP, but it's recommended you run it within a NAT or visible to the host OS only since it is vulnerable to attacks.

GOAL

Get root and get the flag.

TESTERS

• barrebas : https://twitter.com/barrebas
• Swappage : https://twitter.com/Swappage

Codename: NB0x01

Download: ly0n.me/nullbyte/NullByte.ova.zip

Objetcive: Get to /root/proof.txt and follow the instructions.

Level: Basic to intermediate.

Description: Boot2root, box will get IP from dhcp, works fine with virtualbox&vmware.

Hints: Use your lateral thinking skills, maybe you’ll need to write some code.