๐๏ธ Dawn
This lab demonstrates the exploitation of a misconfigured SMB share and scheduled cron jobs to achieve remote code execution. By uploading malicious files to an open SMB share, the attacker leverages a cron job to execute them. Privilege escalation is accomplished through a misconfigured SUID binary, zsh, which provides root access. This exercise highlights SMB abuse, cron job exploitation, and privilege escalation through SUID binaries.
๐๏ธ SAR
This lab demonstrates how to exploit a remote code execution (RCE) vulnerability in a vulnerable version of sar2html. By discovering the application via the robots.txt file and leveraging the RCE, you gain an initial shell. Privilege escalation is achieved by exploiting a cronjob misconfiguration that allows overwriting a custom .sh script executed as root. The exercise focuses on RCE, cronjob abuse, and obtaining root access through writable scripts.
๐๏ธ OnSystemShellDredd
This lab challenges you to exploit an exposed FTP service to uncover a hidden SSH private key, granting initial access to the system. From there, privilege escalation is achieved by leveraging a misconfigured SUID binary, cpulimit, to execute arbitrary commands as root. Understanding SUID abuses and service enumeration techniques is key to completing this challenge. Ideal for penetration testers, red teamers, and security analysts seeking experience in FTP enumeration, SSH exploitation, and SUID privilege escalation.
๐๏ธ Lampiao
In this lab, you will exploit a remote code execution (RCE) vulnerability in Drupal 7 to gain initial access. Privilege escalation is achieved using a kernel exploit (DirtyCow), targeting the vulnerable Linux kernel version.
๐๏ธ Fowsniff
The Fowsniff lab takes learners through a complete end-to-end attack chain, starting with OSINT to find leaked credentials, cracking password hashes, and leveraging mail server access to obtain SSH credentials. The final challenge involves exploiting a vulnerable kernel to achieve root access. This lab tests skills in reconnaissance, password cracking, email exploitation, and privilege escalation using kernel exploits, offering a comprehensive penetration testing experience.