App - Script

Exploit environment weaknesses, configuration mistakes and common vulnerability patterns in shell scripting and system hardening.

For each of these challenges, you will be provided with connection credentials such as SSH access or a network socket. Depending on the challenge you will need to elevate your privileges or escape the sandbox by exploiting the provided environment.

Prerequisites:
Some knowledge of the UNIX shell and of common UNIX privilege escalation techniques
Advanced understanding of scripting languages such as Python, Perl, PHP in order to escape jails

16 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	Bash - System 1	15% 19266	5		Lu33Y		10
	sudo - weak configuration	11% 13037	5		notfound		4
	Bash - System 2	10% 12004	10		Lu33Y		10
	Perl - Command injection	5% 6073	15		Tosh		8
	Bash - cron	5% 6076	20		g0uZ		7
	Python - input()	7% 7937	20		g0uZ		11
	Python - pickle	2% 2551	25		koma		6
	SSH Agent Hijacking	1% 638	30		mayfly		4
	Python - PyJail 1	3% 3333	35		sambecks		3
	Bash/Awk - netstat parsing	1% 199	40		sbrk		3
	PHP - Jail	1% 147	40		LordRoke		6
	Python - PyJail 2	2% 1770	40		zM		9
	Python - Jail - Exec	1% 735	50		Arod		2
	Javascript - Jail	1% 183	55		waxous		2
	Python - Jail - Garbage collector	1% 218	55		n0d		2
	Restricted shells	1% 1117	70		Yorin		3

Challenge Results

Pseudo	Challenge	Lang	date
Aether	SSH Agent Hijacking		24 April 2019 at 04:29
Aether	Bash - cron		24 April 2019 at 03:37
Aether	Perl - Command injection		24 April 2019 at 02:53
NewHell	Bash - System 1		24 April 2019 at 01:56
clempar	Python - Jail - Exec		24 April 2019 at 01:50
Aether	Bash - System 2		24 April 2019 at 01:08
Alex	Python - Jail - Exec		24 April 2019 at 00:42
snowbe	Bash - System 2		24 April 2019 at 00:29
Phalor	Bash - System 1		24 April 2019 at 00:28
snowbe	Perl - Command injection		23 April 2019 at 23:11