Single
single series all timeline

C0m80 Boot2Root

https://3mrgnc3.ninja/2017/09/c0m80/


About

This is my third public Boot2Root, This one is intended to be quite difficult compared to the last two.

But again, that being said, it will depend on you how hard it is :D

The theme with this one is all about 'enumeration, enumeration, enumeration', lateral thinking, and how to "combine" vulnerabilities in order to exploit a system.


Important Note

Once you have an IP insert it into your attack system /etc/hosts like this:

[dhcp-ip-address] C0m80.ctf

This VM will probably be different to other challenges you may have come across. With C0m80 You will be required to log in locally in the VirtualBox console window at some point. This, I know, may 'rile' some of the purists out there that say you should be able to compromise a boot2root fully remotely over a network. I agree to that in principle, and in this case I had intended to allow vnc or xrdp access. Alas, due to compatibility problems I had to make a compromise in this area in order to get the challenge published sooner rather than later.

It should be obvious at what point you need to log in. So when that time comes just pretend you are using remote desktop. ;D

Sorry, I hope you can forgive me.


Difficulty Rating

[Difficult] but depends on you really


Goal

There is only one goal here. Become God on the system and read the root flag.

I Hope You Enjoy It.


Download Link

https://3mrgnc3.ninja/files/C0m80_3mrgnc3_v1.0.ova


Details

  • File: C0m80_3mrgnc3-v1.0.ova
  • OS: WondawsXP ;D
  • VM Type: VirtualBox
  • IP Address: DHCP
  • Size: 2.7 GB

Walkthroughs

Please leave feedback and comments below. Including any info on walkthroughs anyone wishes to publish, or bugs people find in the VM Image.

Alternatively email me at 3mrgnc3 at techie dot com

more...