App - Script

Exploit environment weaknesses, configuration mistakes and vulnerability patterns in shell scripting and system hardening.

For each of these challenges, you will be provided with connection credentials such as SSH access or a network socket. Depending on the challenge you will need to elevate your privileges or escape the sandbox by exploiting the provided environment.

Prerequisites:
Some knowledge of the UNIX shell and of common UNIX privilege escalation techniques
Advanced understanding of scripting languages such as Python, Perl, PHP in order to escape jails

16 Challenges

Results	Name	Validations	Number of points	Difficulty	Author	Note	Solution
	Bash - System 1	15% 24010	5		Lu33Y		10
	sudo - weak configuration	10% 16213	5		notfound404		4
	Bash - System 2	9% 14727	10		Lu33Y		10
	Perl - Command injection	5% 7844	15		Tosh		9
	Bash - cron	5% 7460	20		g0uZ		8
	Python - input()	6% 9946	20		g0uZ		11
	Python - pickle	2% 3229	25		koma		8
	SSH - Agent Hijacking	1% 1139	30		mayfly		5
	Python - PyJail 1	3% 4121	35		sambecks		3
	Bash/Awk - netstat parsing	1% 292	40		sbrk		3
	PHP - Jail	1% 340	40		LordRoke		9
	Python - PyJail 2	2% 2255	40		zM		9
	Python - Jail - Exec	1% 941	50		Arod		2
	Javascript - Jail	1% 240	55		waxous		2
	Python - Jail - Garbage collector	1% 296	55		n0d		3
	Bash - Restricted shells	1% 1422	70		Yorin		3

Challenge Results

Pseudo	Challenge	Lang	date
dtmtcm	Bash - System 2		23 January 2020 at 06:47
babouk	Python - pickle		23 January 2020 at 06:22
_Vx	Bash - cron		23 January 2020 at 04:46
Ska	Perl - Command injection		23 January 2020 at 03:47
ATHN	Perl - Command injection		23 January 2020 at 03:46
ATHN	Bash - System 1		23 January 2020 at 03:36
Agrorec	sudo - weak configuration		23 January 2020 at 01:13
theplaystar	Bash - System 1		23 January 2020 at 00:34
_A0d3n_	Python - input()		22 January 2020 at 23:31
dxeoprtv	Python - input()		22 January 2020 at 23:01