• Name: SpyderSec: Challenge
• Date release: 4 Sep 2015
• Author: SpyderSec
• Series: SpyderSec

• SpyderSecChallenge.ova (Size: 2.4 GB)
• Download (Mirror): https://download.vulnhub.com/spydersec/SpyderSecChallenge.ova

The Challenge:

You are looking for two flags. Using discovered pointers in various elements of the running web application you can deduce the first flag (a downloadable file) which is required to find the second flag (a text file). Look, read and maybe even listen. You will need to use basic web application recon skills as well as some forensics to find both flags.

Level: Intermediate

Description:

The virtual machine comes in an OVA format, and is a generic 32 bit CentOS Linux build with a single available service (HTTP) where the challenge resides. Feel free to enable bridged networking to have the VM automatically be assigned a DHCP address. This VM has been tested in VMware Workstation 12 Player (choose "Retry" if needed), and VirtualBox 4.3.

SHA1: f60f497f3f8fda0d0aeccfc84dad8e19ad164f55 Challenge.ova

Twitter: @SpyderSec

• Filename: SpyderSecChallenge.ova
• File size: 2.4 GB
• MD5: C3370138A79E68C2F00BDF3A31F7809B
• SHA1: F60F497F3F8FDA0D0AECCFC84DAD8E19AD164F55

• Format: Virtual Machine (Virtualbox - OVA)
• Operating System: Linux

• DHCP service: Enabled
• IP address: Automatically assign

• 19 Oct 2016 - Hack the SpyderSec VM (CTF Challenge) (Raj Chandel)
• 20 Sep 2015 - SPYDERSEC CHALLENGE WRITE UP { MSF } (Creatigon)
• 14 Sep 2015 - Breaking the SpyderSec Challenge. (MadmanTM)
• 12 Sep 2015 - Spydersec Solution (mr_h4sh)
• 9 Sep 2015 - SpyderSec solution (Unlogic)
• 8 Sep 2015 - SpyderSec Challenge VulnHub Writeup (g0blin)
• 8 Sep 2015 - SpyderSec VM Write up (drxp)
• Reto SpyderSec (PDF) (Spanish) (1GbDeInfo)