BatLab

Lord of the Root
IP 10.0.0.6
Difficulty Expert
Credits KookSec
http://kooksec.blogspot.com/
This is a Capture the flag style VM; It is designed around the builds for the OSCP builds
Walkthrough

Submit a Walkthrough

Brainpan 3
IP 10.0.0.7
Difficulty Intermediate
Credits superkojiman
http://blog.techorganic.com/2015/07/27/brainpan-3-hacking-challenge/
Get root and get the flag
Walkthrough

Submit a Walkthrough

Darknet 1.0
IP 10.0.0.8
Difficulty Intermediate
Credits q3rv0
http://www.securitysignal.org/2015/04/darknet-10.html
Darknet has a bit of everything. You are trying to access /root/flag.txt
Walkthrough

Submit a Walkthrough

Pegasus
IP 10.0.0.9
Difficulty Intermediate
Credits Knapsy
https://knapsy.github.io/blog/2014/12/16/pegasus-has-arrived-my-first-boot2root-vm
Rules of engagement are simple - find a way in, escalate your privileges all the way up to the root and get the flag! As with all VMs like this, think outside the box, don't jump to conclusions too early and "read between the lines" :)
Walkthrough

Submit a Walkthrough

Web Security Dojo 2
IP 10.0.0.10
Difficulty Easy
Credits Maven Security
https://www.mavensecurity.com/
Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v10.04.2, which is patched with the appropriate updates and VM additions for easy use.

Targets include:

  • OWASPs WebGoat - Login guest:guest
  • Googles Gruyere
  • Damn Vulnerable Web App - Login admin:password
  • Hacme Casino
  • OWASP InsecureWebApp
  • w3afs test website
  • simple training targets by Maven Security (including REST and JSON)
Walkthrough

Submit a Walkthrough

Metasploitable
IP 10.0.0.11
Difficulty Easy
Credits Metasploit
https://www.offensive-security.com/metasploit-unleashed/requirements/
One of the questions that we often hear is "What systems can i use to test against?" Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes. Metasploitable is an Ubuntu 8.04 server install on a VMWare 6.5 image. A number of vulnerable packages are included, including an install of tomcat 5.5 (with weak credentials), distcc, tikiwiki, twiki, and an older mysql.
Walkthrough

Submit a Walkthrough

Primer
IP 10.0.0.22
Difficulty Easy
Credits Arne Rick
http://wiki.fablab-karlsruhe.de/doku.php?id=projekte:primer
This is a story based challenge written in a style heavily inspired by Neil Stephensons Snow Crash and William Gibsons Sprawl Trilogy. Each chapter is unlocked by solving the puzzle. From hardcoded clear text javascript password checks, SQL-injections and cracking hashes to a simulated terminal. You only need to start the VM, a webserver will come up and you can connect with your browser. In fact you never have to leave the browser.
Walkthrough

Submit a Walkthrough

VulnSoap
IP 10.0.0.23
Difficulty Internmediate
Credits Brandon Perry
http://volatileminds.net/
The CsharpVulnSoap virtual appliance is a purposefully vulnerable SOAP service, focusing on using XML, which is a core feature of APIs implemented using SOAP. The web application, listening on port 80, allows you to list, create, and delete users in the PostgreSQL database. The web application is written in the C# programming language and uses apache+mod_mono to run. The main focus of intentional vulnerabilities was SQL injections. The vulnerable SOAP service is available on http:///Vulnerable.asmx, and by appending ?WSDL to the URL, you can get an XML document detailing the functions exposed by the service. Using this document, you can automatically fuzz the endpoint for any vulnerabilities by parsing the document and creating the HTTP requests expected programmatically. The SQL injections yield a variety of potential exploit techniques since different SQL verbs are used to perform actions against the server. For instance, a SQL injection in an INSERT statement may not be exploitable in the same ways the DELETE or SELECT statements will be. Using a tool like sqlmap will help you learn how to exploit each SQL injection vulnerability using a variety of techniques. If you are curious how sqlmap is performing the checks for, and ultimately exploiting, the vulnerabilities in the web application, you can use the --proxy option for sqlmap and pass the HTTP requests through Burpsuite. You can then see in the HTTP history tab the raw HTTP requests made by sqlmap.
Walkthrough

Submit a Walkthrough

Mr Robot
IP 10.0.0.27
Difficulty Intermediate
Credits Jason
https://www.vulnhub.com/author/jason,292/
Based on the show, Mr. Robot. This VM has three keys hidden in different locations. Your goal is to find all three. Each key is progressively difficult to find. The VM isn't too difficult. There isn't any advanced exploitation or reverse engineering. The level is considered beginner-intermediate.
Walkthrough

Submit a Walkthrough