App - Script

Exploit environment weaknesses, configuration mistakes and common vulnerability patterns in shell scripting and system hardening.

For each of these challenges, you will be provided with connection credentials such as SSH access or a network socket. Depending on the challenge you will need to elevate your privileges or escape the sandbox by exploiting the provided environment.

Prerequisites:
Some knowledge of the UNIX shell and of common UNIX privilege escalation techniques
Advanced understanding of scripting languages such as Python, Perl, PHP in order to escape jails

16 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	Bash - System 1	15% 20151	5		Lu33Y		10
	sudo - weak configuration	11% 13666	5		notfound		4
	Bash - System 2	10% 12523	10		Lu33Y		10
	Perl - Command injection	5% 6452	15		Tosh		9
	Bash - cron	5% 6348	20		g0uZ		8
	Python - input()	7% 8337	20		g0uZ		11
	Python - pickle	2% 2687	25		koma		7
	SSH - Agent Hijacking	1% 802	30		mayfly		4
	Python - PyJail 1	3% 3480	35		sambecks		3
	Bash/Awk - netstat parsing	1% 216	40		sbrk		3
	PHP - Jail	1% 203	40		LordRoke		9
	Python - PyJail 2	2% 1857	40		zM		9
	Python - Jail - Exec	1% 781	50		Arod		2
	Javascript - Jail	1% 192	55		waxous		2
	Python - Jail - Garbage collector	1% 234	55		n0d		2
	Bash - Restricted shells	1% 1186	70		Yorin		3

Challenge Results

Pseudo	Challenge	Lang	date
0w0	Bash - System 2		20 June 2019 at 01:09
0w0	sudo - faiblesse de configuration		20 June 2019 at 00:54
0w0	Bash - System 1		20 June 2019 at 00:50
hexabeast	Javascript - Jail		20 June 2019 at 00:20
Grenadine	PHP - Jail		19 June 2019 at 23:45
Yolanda	Bash - System 1		19 June 2019 at 23:40
isaac	Bash/Awk - parsing netstat		19 June 2019 at 23:14
thoms	Bash - System 2		19 June 2019 at 22:56
Avalon	Bash - System 2		19 June 2019 at 22:47
thoms	sudo - faiblesse de configuration		19 June 2019 at 22:30