App - Script

Exploit environment weaknesses, configuration mistakes and vulnerability patterns in shell scripting and system hardening.

For each of these challenges, you will be provided with connection credentials such as SSH access or a network socket. Depending on the challenge you will need to elevate your privileges or escape the sandbox by exploiting the provided environment.

Prerequisites:
Some knowledge of the UNIX shell and of common UNIX privilege escalation techniques
Advanced understanding of scripting languages such as Python, Perl, PHP in order to escape jails

16 Challenges

Results	Name	Validations	Number of points	Difficulty	Author	Note	Solution
	Bash - System 1	15% 23257	5		Lu33Y		10
	sudo - weak configuration	10% 15709	5		notfound404		4
	Bash - System 2	9% 14282	10		Lu33Y		10
	Perl - Command injection	5% 7572	15		Tosh		9
	Bash - cron	5% 7177	20		g0uZ		8
	Python - input()	6% 9593	20		g0uZ		11
	Python - pickle	2% 3086	25		koma		8
	SSH - Agent Hijacking	1% 1068	30		mayfly		5
	Python - PyJail 1	3% 3948	35		sambecks		3
	Bash/Awk - netstat parsing	1% 283	40		sbrk		3
	PHP - Jail	1% 311	40		LordRoke		9
	Python - PyJail 2	2% 2143	40		zM		9
	Python - Jail - Exec	1% 884	50		Arod		2
	Javascript - Jail	1% 230	55		waxous		2
	Python - Jail - Garbage collector	1% 290	55		n0d		2
	Bash - Restricted shells	1% 1370	70		Yorin		3

Challenge Results

Pseudo	Challenge	Lang	date
mattboll	Bash - System 1		12 December 2019 at 02:56
9aylas	Python - pickle		12 December 2019 at 02:51
Samos_	Bash - System 1		12 December 2019 at 02:46
madmanfred	PHP - Jail		12 December 2019 at 02:45
Purificateur001	Bash - System 2		12 December 2019 at 01:13
Purificateur001	sudo - faiblesse de configuration		12 December 2019 at 01:13
d0wdu	sudo - weak configuration		12 December 2019 at 01:00
s-lck	Perl - Command injection		12 December 2019 at 00:42
s-lck	sudo - faiblesse de configuration		12 December 2019 at 00:10
nirouviere	Perl - Command injection		12 December 2019 at 00:03