SSRF Box

22 June 2018

1921 Compromissions 18%

58 Votes

Attention : this CTF-ATD is linked to the challenge "Server Side Request Forgery"

Your goal is simple: compromise the virtual environment "SSRF Box".

The validation password of challenge (Realist) is in the /root directory.

4 hours

linux

CTF Results for SSRF Box

Pseudo	Virtual Environnement	Attackers count	Time start	Environnement compromised in
-	SSRF Box	4	14 November 2018 at 11:32	-
-	SSRF Box	5	14 November 2018 at 07:30	-
-	SSRF Box	4	13 November 2018 at 19:57	-
mk_	SSRF Box	2	13 November 2018 at 18:04	1h23
Redouane	SSRF Box	1	13 November 2018 at 16:01	1h07

Results	Name	Validations ↓↑	Difficulty	Author	Note
	RIPv1 - No Authentication	0% 0		apges01
	OpenClassrooms_SkP_Pentest_Web	0% 0
	DC416 - Basement	0% 0
	DC416 - Baffle	0% 0
	Windows - ZeroLogon	0% 0
	Open My Vault	0% 0
	CTFair	0% 0
	AppArmorJail1	0% 0		nivram
	ARP Spoofing EcouteActive	0% 0		voydstack
	OpenClassrooms - P7 - Analyste SOC	0% 0
	AppArmorJail2	0% 0
	ARP Spoofing Man In The Middle	0% 0		o71, voydstack
	OpenClassrooms - P4 - RAP US	0% 0
	OpenClassrooms - P3 - Cybersecurity Bootcamp_test	0% 0		Titouan
	DC416 - Dick Dastardly	0% 0
	OpenClassrooms - P3 - Cybersecurity Bootcamp	0% 1
	Apprenti-Scraper	0% 1
	Gittysburg	3% 2
	The Pentesters: 64-Bit AppSec Primer	4% 3
	SP - Christophe	3% 3
	OwlNest v1.0.2	9% 4
	brainpan3	6% 6
	Moonraker	10% 8
	Replay 1	15% 8
	Hell	2% 8
	CsharpVulnSoap	8% 8
	Gemini-Pentest-v2	12% 9
	LoBOTomy	4% 9
	IMF	8% 9
	OpenClassrooms - Juice Shop	1% 9		Sh1n, EtienneC
	Raven 2	12% 10
	Flick 2	8% 10
	The Ether : EvilScience	6% 10
	g0rmint	8% 11
	digitalworld.local - DEVELOPMENT	8% 12
	ROP Primer: 0.2	10% 13
	Challenge SecuriTech	1% 13
	Homeless	9% 14
	The Purge	5% 14
	CsharpVulnJson	5% 14		notfound404
	Vulnix	2% 14
	DepthB2R	24% 15
	Infernal Hades	6% 15
	RA1NXing Bots	7% 16
	digitalworld.local - BRAVERY	11% 17
	Xerxes	3% 18
	DonkeyDocker v1	23% 18
	3mrgnc3 - D0Not5top v1.2	17% 19
	Basilic	4% 19
	Xerxes: 2.0.1	13% 20