This is a fun box where we have to exploit an authenticated file upload vulnerability to get a shell on the machine. The credentials for the authentication to the Koken CMS is revealed in an open file share.

This is a rellay fun box aimed to teach port knocking. We portknock the box at three instance to get to the ssh port but, the shells aren’t stable TTY shells and we have to find our way in.

This is a beginner friendly box aimed to teach some port knocking and some neat privilege esclation. Here, we have a single port open and connecting to this port gives the port sequence for port knocking.

This is a fairly easy beginner friendly machine which can have some real life scenarios. Here, we have anonymous login enabled and we can download and read files.