Categories
CTF's My CTF's

Insanity – CTF

Welcome to Insanity – my fifth CTF. There is one flag on this CTF. Your objective is to gain root access.

Download Now

This CTF is rated as 5/5 for difficulty. What makes this CTF difficult is not necessarily the types of vulnerabilities you will find – instead, it’s the process of exploiting them. DHCP is enabled – this CTF has been tested on VirtualBox only, though I don’t think there’ll be issues if you run it with VMWare.

Synopsis

A web hosting provider has asked you to test their security. Can you find the vulnerabilities on their server and gain root access? If anyone wants to submit a written report for this, I’d give it a read and potentially publish it on this blog! 🙂

Note about hints

Please note, I will not be giving out hints for this CTF until at least the 30th August 2020. Try harder.

Edit: A few people have joined my Discord Server to share information (which is absolutely fine). Feel free to join and discuss ways to hack this CTF.

Download now

You can download Insanity here.

SHA-256: 75819bda88013d13465c9ec4145d56470378450e8c6c0c6faa8c72503a049850
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbBiicuM2ITDGGcOJPvHWS2kZ5UMFAl85f2UACgkQPvHWS2kZ
5UOzOA//U4MqQxALEc3yRdvhR9ZOMIWUeywgoiy+KsmExplMKRJXWXKy4Nh0vcUT
tJP1zT20jUEwWJA1+gREZsfVIB/3pKvHK2RWKyaI5QwqAoD6aXdkHniwA+ZFBJAB
IG0JqGBrre90NccQ9Z7KxNmxGCDaGPI2xgIPTj8iEgfeWeMh6gdZN8kl8h17yggv
GRIpIeJkgzKgHsVXQhFxnyZrRUBADn+wgYuxAMbqRd20n2Ms5QvRgOUWh5Mltr6+
BO4lr6Chjgsbu/7zAeeUdNgJGRLTAnZvM0E/2NocBD5Dul9WNIlQSDjarGpjTxGV
2aIaNCoHht3YnTsSOF+FP5930sz1ctaCsGt7Wpb2XLEalOF8n5LHSbvTw6TxvbCC
i9BTzcQriHEzxQffr+jSxhqvOcez+gatxOn3Tsc+CE0PCxxo5Hwju2O7gsb6NJDJ
/biaAt3R54brBiIMitXXH2JjOxRu9d+FPnCYlftCztTREqmJ7I6wlsmn9k691Xf6
V19uyF2J5x9a0o3DQvFBMwp3tEB4uCaZuPt6MMao41Gd5QLcK+2q6XNVVCTBJCKA
uxPCyIp8zhbLzEhD0V4Ty3AIkEzo3zptXnoloTG8dchJAtK/t90ooqRumfwz22P8
UTBEqDpr3t3pZW/qriF3pMVHnOeHY+ZcYBtE8PlOHsAaki4l+JI=
=h7cJ
-----END PGP SIGNATURE-----

How hard did you find Insanity?

View Results

Loading ... Loading ...
Categories
CTF's My CTF's

GreenOptic CTF

GreenOptic is my fourth Capture the Flag box. It is rated as ‘Very Hard’ (as per the difficulty matrix). As with all of my CTFs, please run this in ‘Host Only’ mode – it does not need an internet connection.

Download Now

Don’t let the difficulty put you off though – the CTF is designed to be realistic, so you won’t come across anything you wouldn’t experience in a real environment.

You will need to enumerate this box very well, and likely chain together different bits of information and vulnerabilities in order to gain access.

Synopsis:

British Internet Service Provider GreenOptic has been subject to a large scale Cyber Attack. Over 5 million of their customer records have been stolen, along with credit card information and bank details.

GreenOptic have created an incident response team to analyse the attack and close any security holes. Can you break into their server before they fix their security holes?

You can download GreenOptic here.

SHA-256: 00af6eb4a29fa6447fb68ea4dae112de822c78d2021e210d8233e0b0ba8cc5e9
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbBiicuM2ITDGGcOJPvHWS2kZ5UMFAl8MkR0ACgkQPvHWS2kZ
5UOMHA//UsZaeOr5P/CW9ND8ouww9EaczP03SvfFqLClFadGeY5HhpCDA4+nYOjS
6mbJH3LHrNgTIPLUoEtZJvM5zShWxvaMNYgICkUBv6W0dgmfumuMhRaaLjyFtCXA
vwqApoaKm8Gooe0r5F3OfW7cIkGAShD5N/Qh0cEUmJnkH9GOW6DT3qQdZaTkvBP+
VoVisf2BP49fjyZQ2gF856LnNKZAgUOQp612fCIcFPoKEylNAbb7PCe1GNsq2yu4
8PteNSCCXiSQfU+X6YrHDyz5v8UAmZX8TuvccmfJpcfd9sWkwHGnuc4TEWPzwZOf
T7DosUGWeQb8wJxctYdsWz9Iw35lKf385GNzYoZ4p9tffhcDtMwatlhRTJG1eXmm
SHDBhOWhmLwBiD5VXKP6riv5wSNH8mYYgajsqzU3Vn56RofGqwtS+BYc6B3m1KXN
HC19Y7SZevOTVjmNXOjaj4rv6q08zj6p/CNDKf30WOHVokjPOIEQM+xcIJ8RRPMN
6tfUruMKqnXFtRFpulwGqBooWf9fMALR4Ha1vQUbnZ9oe6YY1aIaQDTnyW6BqZay
zLu0fVPdvDd7BUugVb52/qwpwGYpFwQe9CrGvWgA2yeFWm+0VKcxtDR7CyRzDVvM
hWKnf/K+4tLQ7HwB15gcMYwgVS2XZpNB/AP4fYYWcqZGrWqe1nw=
=aF4J
-----END PGP SIGNATURE-----

Once you’ve completed my CTF, let me know how you found it.

How difficult did you find GreenOptic?

View Results

Loading ... Loading ...