VulnHub Momentum 2 is a medium level boot2root CTF challenge, where you have to perform some code reviews very thoroughly and exploit an unrestricted file upload vulnerability in order to gain access.
Let’s begin with finding the IP of the VM. I used Nmap for this purpose.
VulnHub BlueMoon (https://www.vulnhub.com/entry/bluemoon-2021,679/) is an easy level boot2root CTF challenge, where you have to grab 3 flags on your way towards root. Let us begin with finding the IP of the box.
Nmap was used to find the IP of the BlueMoon VM as follows.
Reverse Engineering is used by security professionals for static malware analysis in order to extract useful information of the malware when creating it, such as metadata , embedded resources , encryption keys , headers etc. …
This article is based on exploiting a simple buffer overflow in Windows using Vulnserver. If you don’t have an idea about buffer overflows, read my previous article about exploiting a Linux buffer overflow here, https://ravi5hanka.medium.com/privilege-escalation-in-linux-via-a-local-buffer-overflow-dcee4f9b4a49
VulnHub FristiLeaks(https://www.vulnhub.com/entry/fristileaks-13,133/) is a boot2root CTF challenge where you have to exploit an unrestricted file upload vulnerability, and put your efforts on some sort of decoding skills on the way towards obtaining the root flag.
After downloading the vm from vulnhub, ensure that the network is set to bridged mode…
Spectra is a BOOT2ROOT CTF challenge which checks your skills on exploiting user mistakes , WordPress exploitation and basic privilege escalation.
First of all, fire-up your pentesting machine and connect to HackTheBox network via openvpn. Let us begin with the traditional nmap scan.