App - Script

Exploit environment weaknesses, configuration mistakes and common vulnerability patterns in shell scripting and system hardening.

For each of these challenges, you will be provided with connection credentials such as SSH access or a network socket. Depending on the challenge you will need to elevate your privileges or escape the sandbox by exploiting the provided environment.

Prerequisites:
Some knowledge of the UNIX shell and of common UNIX privilege escalation techniques
Advanced understanding of scripting languages such as Python, Perl, PHP in order to escape jails

16 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	Bash - System 1	15% 21043	5		Lu33Y		10
	sudo - weak configuration	10% 14342	5		notfound		4
	Bash - System 2	10% 13064	10		Lu33Y		10
	Perl - Command injection	5% 6784	15		Tosh		9
	Bash - cron	5% 6614	20		g0uZ		8
	Python - input()	7% 8751	20		g0uZ		11
	Python - pickle	2% 2816	25		koma		7
	SSH - Agent Hijacking	1% 906	30		mayfly		5
	Python - PyJail 1	3% 3639	35		sambecks		3
	Bash/Awk - netstat parsing	1% 247	40		sbrk		3
	PHP - Jail	1% 248	40		LordRoke		9
	Python - PyJail 2	2% 1952	40		zM		9
	Python - Jail - Exec	1% 814	50		Arod		2
	Javascript - Jail	1% 201	55		waxous		2
	Python - Jail - Garbage collector	1% 257	55		n0d		2
	Bash - Restricted shells	1% 1250	70		Yorin		3

Challenge Results

Pseudo	Challenge	Lang	date
Terao	Bash - System 1		22 August 2019 at 17:43
pilou44	Python - input()		22 August 2019 at 17:40
lory9894	Python - input()		22 August 2019 at 17:39
Swaypii	Perl - Command injection		22 August 2019 at 17:36
Swaypii	Bash - System 2		22 August 2019 at 17:33
Swaypii	Bash - System 1		22 August 2019 at 17:28
Swaypii	Python - input()		22 August 2019 at 17:18
Antoxyde	Javascript - Jail		22 August 2019 at 16:18
lory9894	Bash - System 2		22 August 2019 at 16:06
lory9894	Bash - System 1		22 August 2019 at 15:50