FourFourFourFour

Recently I decided to look into the Go language - this was purely due to my inquisitive nature, and I thought it’d be fun to learn another language. However, there’s some stranege things going on when you compile the source.

The Purge was created by strata, and I can tell you it’s a hassle to complete. But I did, and here’s how !

c0ne surprised us all by releasing Pandora’s Box, which is a VM geared more towards exploit dev, and breaks the norm for vulnerable VM’s, as it doesn’t start with a website !

There are 5 challenges, I am going to post them as I crack them.

Knapsy (blog) released Pegasus - to be honest I was supposed to beta test it, but I kinda didn’t get a chance to. However, it allowed me to experience the VM at the same time as everyone else.

People generally work alone on VM’s, so to mix it up a bit, I decided to team up with barrebas (blog) and own the VM as a collaboration :)

So, here’s a quick walkthrough on how to root Pegasus, written by both barrebas and myself.

zer0w1re released his first VM, Knock Knock, so I downloaded it and had a go (truth be told, I tested it before the public release, but this writeup is for the version available on Vulnhub.)

So, while we were all sitting in #vulnhub (on Freenode) waiting for superkojiman to release Persistence, Swappage released OwlNest. I thought, what the hell, might as well use it to pass the time, right ? I was, however, not expecting it to take me 4 days…

Maleus released Tr0ll a while ago, and while I didn’t attempt it, I figured I’d do the follow up - Tr0ll2. So, here is a quick runthrough of how to pwn it.

I would put this VM at beginner level - it’s not particularly complicated. It’s more a case of finding hidden data than actually doing any vulnerability exploitation. Lets get started.

Whilst in the middle of cracking Xerxes2, leonjza decided to release Flick - a CTF that is sure to tax minds.  Naturally I decided to make myself feel like an unskilled loser, and downloaded it. Here’s the story of how I rooted Flick first.

root@flick:~# id
uid=0(root) gid=0(root) groups=0(root)
First ! @leonjza @VulnHub #flick #boot2root #vulnhub

It’s been a long wait, but barrebas released Xerxes2 on Vulnhub. I’ve not broken into Xerxes1, so I figured what the hell, lets give this a go. It might take me ages, but it’s all a learning curve, right ? Here’s how I became the first person to get root

root@xerxes2:~# id
uid=0(root) gid=0(root) groups=0(root)

Yup. #vulnhub #xerxes2 @barrebas @VulnHub](https://twitter.com/VulnHub

SkyTower is available from Vulnhub, and is a quick brain teaser that everyone is encouraged to try. It doesn’t take long, so it’s fun to see if you can do in your lunchbreak. The walkthrough is going to be short and sweet - maybe with a few GIFs thrown in for good measure.