GameBuzz
This box shows it pays to check every link during enumeration (tip: spidering). The box is probably pitched too high at hard, it’s more of a medium box imho
TryHackMe.com
For me this is hands down the best site for learning everything from the basics up to very advanced challenges. With walkthrough rooms to introduce topics with lots of context and examples up to very hard boot2root boxes where you’re on your own.
A very active and helpful discord is there for help, encouragement and some banter. THM makes it easy to make progress and most of the content is free! (>80%)
CMSpit
A box rated medium, but given the needed CVE leaps off the google search pages there isn’t a huge challenge to this one. Probably better rated as easy but still a good, well-put-together room
Fortress
Recon to foothold First off we’ll take the information given and add the hostnames fortress and temple.fortress to our /etc/hosts file Now let’s scan to find what we’re dealing with. A masscan to start rob:Fortress/ $ sudo masscan -p1-65535,U:1-65535 10.10.6.73 --rate=1000 -e tun0 [sudo] password for rob: Starting masscan 1.3.2 (http://bit.ly/14GZzcT) at 2021-09-25 15:23:25 GMT Initiating SYN Stealth Scan Scanning 1 hosts [131070 ports/host] Discovered open port 5581/tcp on 10.10.6.73 Discovered open port 22/tcp on 10....
Crocc Crew
Difficult in 2 ways. A very sneakily hidden initial clue and then a complex escalation path, for me at least!
Sweettooth Inc.
The container escape can be tricky if you take the harder route :smile: justifying the ‘medium’ difficulty tag
Rocket
Rated hard, that seems fair! It’s a tough one with many steps and lots to research. Excellent box to root, learned a lot