Summay Heal is a medium difficulty machine which was only running a web server and a SSH service. The web server was running a ruby on rails application which was vulnerable to an LFI (Local File I...

Summary Ledger is a Hard Windows machine that focuses on Active Directory enumeration and exploitation. At first we are presented with lots of possible attack vectors. By enumerating the given hos...

Box Summary Underpass was an easy linux machine where enumeration was key to find the right path to get a shell as root. Starting of with the normal TCP scan showed only a web server and SSH servi...

Summary BigBang is a Hard-rated box that required some creative exploitation to gain a foothold. The target hosted a WordPress site with a vulnerable plugin that allowed unauthenticated arbitrary f...

Summary The Forest box was compromised by first identifying it as a Domain Controller of a domain and confirming LDAP anonymous bind. LDAP enumeration revealed a service account, svc-alfresco, whic...