ARM FTP box

Дата

Валидации

74 Компромиссы 4%

Примечание  Рейтинг

1
2
3
4
5
4 голоса

Описание

Attention : this CTF-ATD is linked to the challenge "ARM FTP Box"

My company asked me to develop a small FTP server for an IOT project. I found one on Github that should do the trick. Why reinvent the wheel?

If you can, find vulnerabilities on the FTP service and exploit them to get a shell on the machine, then find the way to get root privileges.

  • The FTP service is running on the TCP/2121 port.
  • Challenge validation password is in the /passwd-challenge file.
  • The CTF-ATD validation password is in the /passwd file.

Время компромисса

4 часы

Операционная система

 linux

запустить эту виртуальную среду

результаты CTF за весь период результаты CTF за весь период для ARM FTP box

Псевдоним Виртуальное окружение Количество злоумышленников Дата начала Окружающая среда в опасности
- ARM FTP box 0 16 Декабрь 2018 to 23:18 -
- ARM FTP box 1 16 Декабрь 2018 to 05:11 -
- ARM FTP box 1 15 Декабрь 2018 to 22:30 -
- ARM FTP box 2 14 Декабрь 2018 to 23:37 -
- ARM FTP box 0 14 Декабрь 2018 to 01:15 -

 178 Виртуальные среды

Результаты Имя Валидации Трудность  Трудность Автор Примечание  Рейтинг
pas_valide /dev/random : Pipe 4% 238
pas_valide /dev/random : Relativity 7% 99
pas_valide /dev/random : Sleepy 4% 47
pas_valide 3mrgnc3 - 64Base 10% 55
pas_valide 3mrgnc3 - D0Not5top v1.2 17% 19
pas_valide 6Days Lab - v1.0.1 12% 40
pas_valide A bittersweet shellfony 12% 243 mayfly
pas_valide ARM FTP box 4% 74 chaignc
pas_valide ARP Spoofing EcouteActive 0% 0 voydstack
pas_valide ARP Spoofing Man In The Middle 0% 0 o71, voydstack
pas_valide Acid: Reloaded 18% 178
pas_valide Acid: Server 11% 220
pas_valide Analougepond 13% 48
pas_valide AppArmorJail1 0% 0 nivram
pas_valide AppArmorJail2 0% 0
pas_valide Apprenti-Scraper 0% 1
pas_valide Awky 8% 504 sbrk
pas_valide BBQ Factory 6% 129 sm0k, dvor4x
pas_valide BLACKLIGHT 10% 85
pas_valide BSCorp - Unix 5% 203 ghozt, mayfly
pas_valide BSides-Vancouver-2018-Workshop 27% 47
pas_valide Bash considered harmful 8% 138 sbrk
pas_valide Basic pentesting 1 32% 4941
pas_valide Basilic 4% 19
pas_valide Bee-box v1 6% 41
pas_valide Billu-b0x 8% 36
pas_valide Billu-b0x2 9% 128
pas_valide BlackMarket 11% 69
pas_valide Bluebox - Microsoft Pentest 4% 426
pas_valide Bluebox 2 - Pentest 3% 315 sambecks
pas_valide Bob v1.0.1 27% 90
pas_valide Born2Root 9% 172
pas_valide Born2rootv2 33% 94
pas_valide BreakingRootme2020 15% 544 Laluka
pas_valide Bulldog 26% 197
pas_valide Bulldog2 13% 31
pas_valide C for C-cure 5% 21 nikost
pas_valide CH4INRULZ v1.0.1 15% 30
pas_valide CTFair 0% 0
pas_valide Challenge SecuriTech 1% 13
pas_valide Command Injection OS 18% 59
pas_valide Covfefe 35% 54
pas_valide CsharpVulnJson 5% 14 notfound404
pas_valide CsharpVulnSoap 9% 8
pas_valide DC-1 14% 349
pas_valide DC-4 17% 163
pas_valide DC-6 30% 116
pas_valide DC-7 27% 50
pas_valide DC-9 32% 111
pas_valide DC416 - Baffle 0% 0