Room based on Brute-forcing, Hash cracking and Privilege escalation. Find the room here.


Given the IP address to the machine, we ought to do an nmap scan to find services running on it.

We find 2 services open, ssh running on port 22 and…

Exploit an OS command injection vulnerability, acquire ssh credentials and escalate privileges using a user group assignment mistake.

Access this machine here

Room backstory

It’s enumeration time!

As is the norm, we first do an nmap scan of the given IP to find any open ports.The …

This room is great for testing your Local File Inclusion skills. Try it here

Task 1: Deploy the machine and start enumerating

We have to start somewhere, right? Where else than our ever reliable nmap scan:).

nmap gives us two services running , ssh and http.

Next we browse the…

Link to the room here.


This room is a simple boot2root challenge.

Task 1: Deploy and go!

Task 2: Recon

From the first ask, we need to perform recon on the machine.

1.Scan the machine, how many ports are open?

This requires an nmap scan for open ports. We…

David Wambia

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store