Mission In this exercise, the attacker has admin access already so there is nothing more to be done. However, looks like the admin access does lead to an XSS attack. So you can try to find this ...

As you’ve seen in another challenge in this category, setuid programs can provide great power and flexibility, but if not secured properly, can easily lead to a full system compromise. Your miss...

Mission You have managed to get access to the “student” account on the client’s server. This is bad enough as all the student resources are available to you. You are now trying to escalate privi...

Mission The admin was tasked to create a replica of an existing Linux system. He copied the entire filesystem to his computer, made modifications to some files and then copied it onto the newly ...

Mission The attacker might not have any user level access to the web application. However, this does not mean that the application cannot be compromised remotely. Remote Code Execution vulnerabi...