Overview Devvortex is an easy-difficulty Linux machine that features a Joomla CMS that is vulnerable to information disclosure. Accessing the service’s configuration file reveals plaintext credent...

Overview Surveillance is a medium-difficulty Linux machine that showcases a vulnerability ([CVE-2023-41892](https://nvd.nist.gov/vuln/detail/CVE-2023-41892)) in Craft CMS, which abuses PHP object ...

Overview Hospital is a medium-difficulty Windows machine that hosts an Active Directory environment, a web server, and a RoundCube instance. The web application has a file upload vulnerability tha...

Overview Codify is an easy Linux machine that features a web application that allows users to test Node.js code. The application uses a vulnerable vm2 library, which is leveraged to gain remote co...

Overview Analytics is an easy difficulty Linux machine with exposed HTTP and SSH services. Enumeration of the website reveals a Metabase instance, which is vulnerable to Pre-Authentication Remote ...

Overview This was a very interesting box with lots of rabbit holes. Initial foothold was obtained by exploiting LFI to leak some file and use that to find the debug pin of Werkzeug Debugger. Got t...

Overview This was a fairly easy box. Firstly a public exploit leads to user flag and from there it was easy to get root via sudo Name - Busqueda Difficulty - Easy OS - Linux Points - 20 Inf...

Challenge Description This is a ctf challenge made by me for CTF Community Bangladesh. Challenge Name: find_the_main Challenge Type: Reversing Challenge Difficulty: Medium/Hard Flag Format: CT...