Categories
CTF's My CTF's

Insanity – CTF

Welcome to Insanity – my fifth CTF. There is one flag on this CTF. Your objective is to gain root access.

Download Now

This CTF is rated as 5/5 for difficulty. What makes this CTF difficult is not necessarily the types of vulnerabilities you will find – instead, it’s the process of exploiting them. DHCP is enabled – this CTF has been tested on VirtualBox only, though I don’t think there’ll be issues if you run it with VMWare.

Synopsis

A web hosting provider has asked you to test their security. Can you find the vulnerabilities on their server and gain root access? If anyone wants to submit a written report for this, I’d give it a read and potentially publish it on this blog! 🙂

Note about hints

Please note, I will not be giving out hints for this CTF until at least the 30th August 2020. Try harder.

Edit: A few people have joined my Discord Server to share information (which is absolutely fine). Feel free to join and discuss ways to hack this CTF.

Download now

You can download Insanity here.

SHA-256: 75819bda88013d13465c9ec4145d56470378450e8c6c0c6faa8c72503a049850
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbBiicuM2ITDGGcOJPvHWS2kZ5UMFAl85f2UACgkQPvHWS2kZ
5UOzOA//U4MqQxALEc3yRdvhR9ZOMIWUeywgoiy+KsmExplMKRJXWXKy4Nh0vcUT
tJP1zT20jUEwWJA1+gREZsfVIB/3pKvHK2RWKyaI5QwqAoD6aXdkHniwA+ZFBJAB
IG0JqGBrre90NccQ9Z7KxNmxGCDaGPI2xgIPTj8iEgfeWeMh6gdZN8kl8h17yggv
GRIpIeJkgzKgHsVXQhFxnyZrRUBADn+wgYuxAMbqRd20n2Ms5QvRgOUWh5Mltr6+
BO4lr6Chjgsbu/7zAeeUdNgJGRLTAnZvM0E/2NocBD5Dul9WNIlQSDjarGpjTxGV
2aIaNCoHht3YnTsSOF+FP5930sz1ctaCsGt7Wpb2XLEalOF8n5LHSbvTw6TxvbCC
i9BTzcQriHEzxQffr+jSxhqvOcez+gatxOn3Tsc+CE0PCxxo5Hwju2O7gsb6NJDJ
/biaAt3R54brBiIMitXXH2JjOxRu9d+FPnCYlftCztTREqmJ7I6wlsmn9k691Xf6
V19uyF2J5x9a0o3DQvFBMwp3tEB4uCaZuPt6MMao41Gd5QLcK+2q6XNVVCTBJCKA
uxPCyIp8zhbLzEhD0V4Ty3AIkEzo3zptXnoloTG8dchJAtK/t90ooqRumfwz22P8
UTBEqDpr3t3pZW/qriF3pMVHnOeHY+ZcYBtE8PlOHsAaki4l+JI=
=h7cJ
-----END PGP SIGNATURE-----

How hard did you find Insanity?

View Results

Loading ... Loading ...
Categories
CTF's My CTF's

Presidential CTF

Presidential is my third Capture the Flag exercise. It is rated as Medium to Hard – I wouldn’t say the exploitation techniques are necessarily difficult on this server, but this box will definitely test your enumeration skills. If you need a hint, feel free to contact me – but enumerate harder first.

Enumerate Enumerate Enumerate

This is the best advice I can give you.

Download Now

Synopsis:

The Presidential Elections within the USA are just around the corner (November 2020). One of the political parties is concerned that the other political party is going to perform electoral fraud by hacking into the registration system, and falsifying the votes.

The state of Ontario has therefore asked you (an independent penetration tester) to test the security of their server in order to alleviate any electoral fraud concerns (I’m aware Ontario isn’t a real US state – this is meant to be fictional). Your goal is to see if you can gain root access to the server – the state is still developing their registration website but has asked you to test their server security before the website and registration system are launched.

This CTF was created and has been tested with VirtualBox. It should also be compatible with VMWare and is DHCP enabled.

You can download the CTF here. I look forward to your feedback.

SHA-256: 1d402ad612251e4b07bf990d7f55f1d3c5158bf9c0aad4e3663526f4d06a3e97
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbBiicuM2ITDGGcOJPvHWS2kZ5UMFAl7334kACgkQPvHWS2kZ
5UMx4hAAn8P9vng05Q7O4VUpmpnTHZIn8e1lpjNUAy7Gt5coPbmvlEqIHp+kqLtO
IH9omyBndDN6D8xa1FkfLYjUF5J9xKAXgU7JfY+dbDtWBmRD+62X1C0BO3m1M+FX
y/C76sVfzI9k7nFas+nv/GI4J4jYbDSSBrA8dO7IXH7OUzxF24TsU610IkNxjO6e
Oucora8F/ayZ3ZCAvN+ogHggFYoj0cQs5SZuY5W5A6SK8qw7t4qN8j88Qjffh+I0
Kp0bF9GwfhDxIPZ64vYVo1BqpDKMFA2S7MFuuZFxsYOSOfnLv09jdxn8N/nKaNHE
azRn4tBsj6ougwgqaenH3tA8wQqcnZDqoLDtBVujXSANVL7lrP2tbwrbCNZz/j7m
mPLmoyPjWbeluGXsFgx/Y/xppOrBJ4TjhXcq8Uoy+Ej7UZmTgb3xxJwdIR9tTbcj
3epu3xsG5xOA+ZZ2Qh3SzNDKtcifCnTXo4ZcyUKRN70SSTvib5uY01IoQj/0E3tM
L4cjO+Rd1ottCdOPNXQvh7pH91hfKOXx8NBmMeSd5SAYNkpBGf76/5Ja8pQB1g+Z
h9hRaoeqedcI5K97Mp1N4SqKBy3Y5pEYx9HLW1kJZpfwW1cljrUTl7NGdLo8NEqG
U+x8r+DqQrapCf/TV/05rHIUuHuCHCrXDbE6KL5dZZCc5PQKIG4=
=9xw4
-----END PGP SIGNATURE-----

Write Up’s

A big thanks to 0xatom for doing a write up on this box. If you need help, feel free to read their write up. Though, try harder first. You will find it so much more rewarding if you manage to crack it yourself.