SSRF Box

22 June 2018

1934 Compromissions 18%

61 Votes

Attention : this CTF-ATD is linked to the challenge "Server Side Request Forgery"

Your goal is simple: compromise the virtual environment "SSRF Box".

The validation password of challenge (Realist) is in the /root directory.

4 hours

linux

CTF Results for SSRF Box

Pseudo	Virtual Environnement	Attackers count	Time start	Environnement compromised in
-	SSRF Box	1	26 February 2019 at 19:47	-
-	SSRF Box	1	26 February 2019 at 13:27	-
-	SSRF Box	1	26 February 2019 at 14:07	-
-	SSRF Box	5	26 February 2019 at 09:08	-
Hadiux	SSRF Box	1	25 February 2019 at 21:52	1h05

Results	Name	Validations	Difficulty ↓↑	Author	Note
	Challenge SecuriTech	1% 13
	SP - Eric	31% 43
	Homeless	9% 14
	Kuya	21% 25
	Lampiao	8% 23
	Lazysysadmin	16% 58
	Node	19% 34
	Basilic	4% 19
	NullByte	27% 54
	SP - Christophe	3% 3
	The Ether : EvilScience	6% 10
	Gittysburg	3% 2
	Typhoon-v1	30% 32
	Replay 1	15% 8
	Bash considered harmful	8% 138		sbrk
	System Disaster	7% 144		sbrk
	Shared Objects Hijacking	13% 613		das
	k8s	9% 168		sambecks
	DC-4	17% 166
	DC-6	30% 118
	HackDay-Albania	12% 24
	Gemini-Pentest-v2	12% 9
	DC-9	32% 113
	Billu-b0x	8% 36
	Kevgir-VM	14% 31
	lin.security_v1.0	42% 100
	Moonraker	10% 8
	OwlNest v1.0.2	9% 4
	Raven 2	12% 10
	Sambox v4	3% 114		sambecks
	Django unchained	23% 692		TiWim
	Billu-b0x2	9% 128
	BlackMarket	10% 70
	Gemini-Pentest-v1	7% 29
	Born2rootv2	32% 96
	Bee-box v1	6% 41
	Command Injection OS	18% 60
	DC-1	14% 351
	digitalworld.local - BRAVERY	11% 17
	digitalworld.local - DEVELOPMENT	8% 12
	DonkeyDocker v1	23% 18
	g0rmint	8% 11
	DC-7	26% 50
	Well-Known	10% 660		sm0k
	IMF	8% 9
	ARP Spoofing EcouteActive	0% 0		voydstack
	Windows - sAMAccountName spoofing	23% 303
	OpenClassrooms_SkillProgram_AD1	1% 115		Pixis, EtienneC
	CTFair	0% 0
	Windows - KerbeRoast	16% 627