Five86-2 is the second machine from the series Five86 by DCAU. If you haven’t read the writeup, I request you do so. Like the previous machine, this is also a great machine. Similarly, this works on VirtualBox. And, if you are a fan of the band New Order, this machine is for you. Well, there is nothing much related to the band except for the names of the band members.
After doing so many new machines from Vulnhub, I thought why now try great old machines too. I stumbled upon machines by DCAU who is also a contributor to resources on the platform. Five86:1 is an easy machine that will teach us some basic concepts about CTF challenges. Furthermore, you will love it if you are a fan of “The IT Crowd”. Also, this machine works on VirtualBox.
Suidy by SML is an easy machine from the HackMyVM platform. The machine works on VirtualBox. As the name suggests, the machine has a vulnerability about a SUID binary.
Beelzebub is an easy machine from Vulnhub. This machine requires careful observation of everything. Talking about the machine, I have tested this on VMWare. The author of the machine is Shaurya Sharma.
Hundred is an easy machine from HackMyVM. The author of the machine is SML and he created it to celebrate 100 machines on the platform. The machine is pretty easy but requires a few special techniques to get to the root.
Black Widow is a hard machine from Vulnhub and HackMyVM. This machine works on VirtualBox and you must take a snapshot so that it’s easy to reset the machine if required. From this machine, we can learn about log poisoning and other basic techniques. “Black Widow – HackMyVM – Vulnhub”
DoubleTrouble is a recent addition to HackMyVM and Vulnhub. The author is tasiyanci and this machine is as good as his others. The machine works on VirtualBox and I suggest using a Bridged network on this one. However, using other networking types are okay as well but you have to do some more steps.
The digitalworld.local Fall is an easy machine from Vulnhub by Donavan. Although there is a lot of information in the machine, the machine is too easy to root. I have tested this on VMWare Workstation Player. In this machine, we have to enumerate the server first and then only proceed. Otherwise, there is a high chance you fall inside a rabbit hole.
We hear that we should be aware of our security and privacy while working in public wifi in places such as cafes, parks, etc. This is because one can perform man-in-the-middle attacks and can violate your security and privacy. Furthermore, we should avoid using insecure protocols like HTTP, FTP, Telnet, etc. unless one is in a situation of “do or die”. Thus, in this post, I will associate ARP spoofing and insecure protocols.
Vikings is a very nice CTF machine to practise. Although this is straightforward, this is slightly difficult for people who don’t have enough experience with CTF challenges and Linux machines. For me, this took about 1 hour once I got the foothold. This machine works on VirtualBox.