linux

This box shows it pays to check every link during enumeration (tip: spidering). The box is probably pitched too high at hard, it’s more of a medium box imho

A box rated medium, but given the needed CVE leaps off the google search pages there isn’t a huge challenge to this one. Probably better rated as easy but still a good, well-put-together room

Recon to foothold First off we’ll take the information given and add the hostnames fortress and temple.fortress to our /etc/hosts file Now let’s scan to find what we’re dealing with. A masscan to start rob:Fortress/ $ sudo masscan -p1-65535,U:1-65535 10.10.6.73 --rate=1000 -e tun0 [sudo] password for rob: Starting masscan 1.3.2 (http://bit.ly/14GZzcT) at 2021-09-25 15:23:25 GMT Initiating SYN Stealth Scan Scanning 1 hosts [131070 ports/host] Discovered open port 5581/tcp on 10.10.6.73 Discovered open port 22/tcp on 10....

The container escape can be tricky if you take the harder route :smile: justifying the ‘medium’ difficulty tag

Rated hard, that seems fair! It’s a tough one with many steps and lots to research. Excellent box to root, learned a lot

Part of Incognito CTF. A clever box, rated medium, with a simple but effective route to root. Probably about the right level