Tommy Boy: 1

I decided to take a break from the exploit-exercises levels and tackle a boot to root challenge from vulnhub.com. The newest VM on their list today is called Tommy Boy:1. Here is the description

Description
=================

HOLY SCHNIKES! Tommy Boy needs your help!

The Callahan Auto company has finally entered the world of modern technology and stood up a Web server for their customers to use for ordering brake pads.

Unfortunately, the site just went down and the only person with admin credentials is Tom Callahan Sr. - who just passed away! And to make matters worse, the only other guy with knowledge of the server just quit!

You'll need to help Tom Jr., Richard and Michelle get the Web page restored again. Otherwise Callahan Auto will most certainly go out of business :-(

Notes
=================

The primary objective is to restore a backup copy of the homepage to Callahan Auto's server. However, to consider the box fully pwned, you'll need to collect 5 flags strewn about the system, and use the data inside them to unlock one final message.

Continue reading “Tommy Boy: 1”

Nebula Level 08

Level 08 instructions

About
World readable files strike again. Check what that user was up to, and use it to log into flag08 account.

To do this level, log in as the level08 account with the password level08. Files for this level can be found in /home/flag08.

Source code
There is no source code available for this level

Continue reading “Nebula Level 08”

Nebula Level 07

Level 07 instructions

Level07
The flag07 user was writing their very first perl program that allowed them to ping hosts to see if they were reachable from the web server.

To do this level, log in as the level07 account with the password level07. Files for this level can be found in /home/flag07.
#!/usr/bin/perl

use CGI qw{param};

print "Content-type: text/html\n\n";

sub ping {
  $host = $_[0];

  print("<html><head><title>Ping results</title></head><body>




<pre>");

  @output = `ping -c 3 $host 2>&1`;
  foreach $line (@output) { print "$line"; }

  print("</pre>

</body></html>");

}

# check if Host set. if not, display normal page, etc

ping(param("Host"));

Continue reading “Nebula Level 07”

Nebula Level 06

Level 06 instructions

About
The flag06 account credentials came from a legacy unix system.

To do this level, log in as the level06 account with the password level06. Files for this level can be found in /home/flag06.

Source code
There is no source code available for this level

Continue reading “Nebula Level 06”