Flick 2

date

8 Februar 2016

Validierung

10 Compromissions 8%

Bewertung

1 Bewerten

Beschreibung

Your challenge, should you choose to accept, is to gain root access on the server! The employees over at Flick Inc. have been hard at work prepping the release of their server checker app. Amidst all the chaos, they finally have a version ready for testing before it goes live.

You have been given a pre-production build of the Android .apk that will soon appear on the Play Store, together with a VM sample of the server that they want to deploy to their cloud hosting provider.

The .apk may be installed on a phone (though I wont be offended if you don’t trust me ;]) or run in an android emulator such as the Android Studio (https://developer.android.com/sdk/index.html).

Zeit der Kompromittierung

4 Stunden

Betriebssystem

linux

diese virtuelle Umgebung starten

Ergebnisse des CTF alltheday für Flick 2

Nickname	Virtual Machine	Anzahl der Angreifer	Begonnen am	Maschine kompromittiert in
-	Flick 2	0	22. Januar 2017 zu 20:25	-
-	Flick 2	4	13. Januar 2017 zu 20:53	-
-	Flick 2	0	15. Dezember 2016 zu 21:20	-
-	Flick 2	0	14. November 2016 zu 11:31	-
-	Flick 2	1	31. Oktober 2016 zu 10:29	-

178 Virtuals Environnements

Ergebnis	Name	Validierung	Schwierigkeitsgrad	Autor	Bewertung
	Challenge SecuriTech	1% 13
	Windows XP pro 01	5% 509		g0uZ
	Exploit KB Vulnerable Web App	12% 308
	Holynix v1	24% 294
	Kioptrix level 2	24% 976
	Kioptrix level 3	32% 578
	Kioptrix level 4	34% 465
	LAMP security CTF4	35% 2772
	LAMP security CTF5	25% 3951
	LAMP security CTF6	18% 610
	Metasploitable	12% 1772
	Metasploitable 2	39% 8847
	Moth	20% 107
	pWnOS	31% 405
	Ubuntu 8.04 weak	5% 211		g0uZ
	Ultimate LAMP	18% 149
	VulnVoIP	17% 881
	VulnVPN	12% 60
	LAMP security CTF8	14% 293
	LAMP security CTF7	38% 900
	Hackademic RTB1	19% 365
	No Exploiting Me	14% 54
	SamBox v1	7% 749		sambecks
	SamBox v2	13% 1016		sambecks
	RA1NXing Bots	7% 16
	Murdering Dexter	16% 49
	LoBOTomy	4% 9
	Vulnix	2% 14
	Xerxes	3% 18
	Infernal Hades	6% 15
	SkyTower	24% 217
	Bluebox - Microsoft Pentest	4% 431
	Acid: Reloaded	17% 178
	Acid: Server	11% 220
	CsharpVulnJson	5% 14		notfound404
	CsharpVulnSoap	8% 8
	/dev/random : Pipe	4% 240
	/dev/random : Relativity	7% 100
	/dev/random : Sleepy	4% 47
	brainpan1	4% 84
	LordoftheRoot	25% 234
	Flick 1	8% 65
	Flick 2	8% 10
	FristiLeaks 1.3	28% 217
	The Purge	5% 14
	SickOs: 1.1	13% 91
	Xerxes: 2.0.1	13% 20
	brainpan2	8% 22
	brainpan3	6% 6
	SAP Pentest	7% 300		iggy