RedHatAugust/digitalworld.local-VENGEANCE v0.01

Taken from https://www.vulnhub.com/entry/digitalworldlocal-vengeance,704/ About Release: Name: digitalworld.local: VENGEANCE Date release: 31 May 2021 Author: Donavan Series: digitalworld.local Description: 2021 brings us the VENGEANCE of digitalworld.local! A box born out of COVID-19. This machine was built whilst the author was mulling over life in infosec whilst doing his PEN-300 course. But the author always has a heart for the OSCP, which explains yet another OSCP-like box, full of enumeration goodness. If you MUST have hints for this machine (even though they will probably not help you very much until you root the box!): VENGEANCE is (#1): all about users making use of other users, (#2): broken hearts, (#3): broken minds. Note: Always think like a user when enumerating target machine. Feel free to contact the author at https://donavan.sg/blog if you would like to drop a comment. Vagrant box made by RedHatAugust

RedHatAugust/Cereal-1 v0.01

Taken from https://www.vulnhub.com/entry/cereal-1,703/ About Release: Name: Cereal: 1 Date release: 29 May 2021 Author: Thomas Williams Series: Cereal Web page: https://www.bootlesshacker.com/cereal-ctf/ Description: This one is quite different from my normal machines. It’s probably more realistic and less like a CTF. I’m going to stop grading my boxes though because what’s difficult to one person is easy to another and vice versa. If you find this difficult, don’t be put off. This is simply a learning step which everyone at some point crosses. This box is probably hard though – it’s certainly not for beginners. I hope you learn something new. Take your time. Have patience. And take time to learn about the environment once you pop the initial shell. Vagrant box made by RedHatAugust RedHatAugust Notes: This license agreement was attached to the VM: Educational use only. Use at your own risk. Follow me on Twitter @bootlesshacker ==CHANGELOG 1.1: Fixed VMWare DHCP issue

RedHatAugust/Venom-1 v0.01

Taken from https://www.vulnhub.com/entry/venom-1,701/ About Release: Name: Venom: 1 Date release: 24 May 2021 Author: Ayush Bawariya & Avnish Kumar Series: Venom Description: This machine was created for the OSCP Preparation.This box was created with virtualbox. For any queries please contact me on twitter: @avi0813. Enumeration is the Key. Vagrant box made by RedHatAugust

RedHatAugust/Funbox-Lunchbreaker v0.01

Taken from https://www.vulnhub.com/entry/funbox-lunchbreaker,700/ About Release: Name: Funbox: Lunchbreaker Date release: 22 May 2021 Author: 0815R2d2 Series: Funbox Description: It's a box for beginners and can be pwned in the lunch break. This works better with VirtualBox rather than VMware Vagrant box made by RedHatAugust

RedHatAugust/Coffee-Addicts-1 v0.01

Taken from https://www.vulnhub.com/entry/coffee-addicts-1,699/ About Release: Name: Coffee Addicts: 1 Date release: 20 May 2021 Author: BadByte Series: Coffee Addicts Description: Our coffee shop has been hacked!! can you fix the damage and find who did it? This works better with VirtualBox rather than VMware Vagrant box made by RedHatAugust

RedHatAugust/nezuko-1 v0.01

Taken from https://www.vulnhub.com/entry/nezuko-1,352/ About Release: Name: nezuko: 1 Date release: 21 Aug 2019 Author: yunaranyancat Series: nezuko Description: Creator : @yunaranyancat (Twitter) Difficulty : Easy ~ Intermediate OS Used: Ubuntu 18.04 Services : Webmin 1.920, Apache, SSH User : root, zenitsu, nezuko Hashes : at their home directory Vagrant box made by RedHatAugust

RedHatAugust/scarecrow-1.1 v0.01

Taken from https://www.vulnhub.com/entry/scarecrow-11,354/ About Release: Name: scarecrow: 1.1 Date release: 26 Aug 2019 Author: sk4, p4w & bvb Series: scarecrow Description: This is an intermediate machine. Your goal is to get paw-sk4 user and then root flag. Try harder and share with us the flag, if you can ;). For any need, contact us on Twitter: @sk4pwn @p4w16 and @bytevsbyt3 ## Changelog 2019-08-21: v1.0 2019-08-26: v1.1 - Fixed a bug with privilege escalation Vagrant box made by RedHatAugust

RedHatAugust/DC-7 v0.01

Taken from https://www.vulnhub.com/entry/dc-7,356/ About Release: Name: DC: 7 Date release: 31 Aug 2019 Author: DCAU Series: DC Description: Description DC-7 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing. While this isn't an overly technical challenge, it isn't exactly easy. While it's kind of a logical progression from an earlier DC release (I won't tell you which one), there are some new concepts involved, but you will need to figure those out for yourself. :-) If you need to resort to brute forcing or dictionary attacks, you probably won't succeed. What you will need to do, is to think "outside" of the box. Waaaaaay "outside" of the box. :-) The ultimate goal of this challenge is to get root and to read the one and only flag. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won't give you the answer, instead, I'll give you an idea about how to move forward. Technical Information DC-7 is a VirtualBox VM built on Debian 64 bit, but there shouldn't be any issues running it on most PCs. I have tested this on VMWare Player, but if there are any issues running this VM in VMware, have a read through of this. It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox or VMWare and away you go. Important While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn't be any problems, but I feel the need to throw this out there just in case. Contact I'm also very interested in hearing how people go about solving these challenges, so if you're up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you've DM'd me if you'd prefer). I can be contacted via Twitter - @DCAU7 Vagrant box made by RedHatAugust

RedHatAugust/sunset-nightfall v0.01

Taken from https://www.vulnhub.com/entry/sunset-nightfall,355/ About Release: Name: sunset: nightfall Date release: 29 Aug 2019 Author: whitecr0wz Series: sunset Description: nightfall is a born2root VM designed for beginners. Virtualbox is strongly recommended for doing this challenge. If you need to contact me for hints you can do it via twitter here: @whitecr0w1 This works better with VirtualBox rather than VMware Vagrant box made by RedHatAugust

RedHatAugust/Prime-1 v0.01

Taken from https://www.vulnhub.com/entry/prime-1,358/ About Release: Name: Prime: 1 Date release: 01 Sep 2019 Author: Suraj Pandey Series: Prime Description: This machine is designed for those one who is trying to prepare for OSCP or OSCP-Exam. This is first level of prime series. Some help at every stage is given. Machine is lengthy as OSCP and Hackthebox's machines are designed. So you have a target to get root flag as well as user flag. If stuck on a point some help are given at a level of enumeration. If any extra help needed Visit our website http://hacknpentest.com and http://hnpsecurity.com. Some extra improvement needed to my VM please contact me on my email- suraj at hnpsecurity dot com. Vagrant box made by RedHatAugust

RedHatAugust/AI-Web-2 v0.01

Taken from https://www.vulnhub.com/entry/ai-web-2,357/ About Release: Name: AI: Web: 2 Date release: 01 Sep 2019 Author: Mohammad Ariful Islam Series: AI: Web Description: About Release: Name: AI: Web 2.0 Author: Mohammad Ariful Islam Series: AI: Web Description: Difficulty: Intermediate Network: DHCP (Automatically assign) Network Mode: NAT This is the second box from the series AI: Web and you will have more fun to crack this challenge. The goal is simple. Get flag from /root/flag.txt. Enumerate the box, get low privileged shell and then escalate privilege to root. You may need to crack password. Use wordlist SecLists/rockyou-45.txt by Mr. Daniel Miessler. For any hint please tweet on @arif_xpress File Information: Filename: AI Web 2.0.7z File size: 906 MB Virtual Machine: Tested: VMWare Workstation 10 or later. Operating System: Linux Networking: DHCP service: Enabled IP Address: Automatically assign Vagrant box made by RedHatAugust

RedHatAugust/The-Fortress-1 v0.01

Taken from https://www.vulnhub.com/entry/the-fortress-1,360/ About Release: Name: The Fortress: 1 Date release: 04 Sep 2019 Author: at0mik Series: The Fortress Description: Hard CTF challenge. Vagrant box made by RedHatAugust

RedHatAugust/DC-8 v0.01

Taken from https://www.vulnhub.com/entry/dc-8,367/ About Release: Name: DC: 8 Date release: 08 Sep 2019 Author: DCAU Series: DC Web page: http://www.five86.com/dc-8.html Description: DC-8 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing. This challenge is a bit of a hybrid between being an actual challenge, and being a "proof of concept" as to whether two-factor authentication installed and configured on Linux can prevent the Linux server from being exploited. The "proof of concept" portion of this challenge eventuated as a result of a question being asked about two-factor authentication and Linux on Twitter, and also due to a suggestion by @theart42. The ultimate goal of this challenge is to bypass two-factor authentication, get root and to read the one and only flag. You probably wouldn't even know that two-factor authentication was installed and configured unless you attempt to login via SSH, but it's definitely there and doing it's job. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won't give you the answer, instead, I'll give you an idea about how to move forward. Vagrant box made by RedHatAugust

RedHatAugust/Tempus-Fugit-2 v0.01

Taken from https://www.vulnhub.com/entry/tempus-fugit-2,364/ About Release: Name: Tempus Fugit: 2 Date release: 10 Sep 2019 Author: 4ndr34z Series: Tempus Fugit Description: Tempus Fugit is a Latin phrase that roughly translated as “time flies”. This is an intermediate, real life box. In Tempus Fugit 2, the idea is still, like in the first vm; to create something “out of the ordinary”. The vm contains both user and root flags. If you don’t see them, you are not looking in the right place... Need any hints? Feel free to contact me on Twitter: @4nqr34z DHCP-Client. Tested both on Virtualbox and vmware Health warning: Have driven people to the brink of insanity Vagrant box made by RedHatAugust

RedHatAugust/HA-Wordy v0.01

Taken from https://www.vulnhub.com/entry/ha-wordy,363/ About Release: Name: HA: Wordy Date release: 13 Sep 2019 Author: Hacking Articles Series: HA Description: Wordy is design for beginners to experience real life Penetration testing. This lab is completely dedicated to Web application testing and there are several vulnerabilities that should be exploited in multiple ways. Therefore, it is not only intended as a root challenge boot, the primary agenda is proactive in exploiting tops listed web application vulnerabilities. As this is a wordpress based lab, it is designed so that users can practice following vulnerabilities: - LFI - RFI - CSRF - File Upload - SQL There is a total of 3 flags. Completion is only registered on exploiting all vulnerabilities and flags. Hint: “Everything is not what it seems to be.” Visit our website http://hackingarticles.in Vagrant box made by RedHatAugust

RedHatAugust/HA-Infinity-Stones v0.01

Taken from https://www.vulnhub.com/entry/ha-infinity-stones,366/ About Release: Name: HA: Infinity Stones Date release: 16 Sep 2019 Author: Hacking Articles Series: HA Description: Thanos thinks that if he kills half of all life in the universe, he’ll restore balance. To do so, he needs all six Infinity Stones to power his Infinity Gauntlet, which in turn will give him the ability to bend time, space, energy, and the laws of physics and reality. But the Avengers are one step ahead of Thanos this time. Avengers have hidden all the Infinity Stones all over this CTF. Help Thanos to get all the Infinity Stones and restore the balance of the universe. This machine contains 6 Infinity Stones with Six different flags to test your skills. Space Stone Mind Stone Reality Stone Time Stone Power Stone Soul Stone Each stone can be found in a different way. ENUMERATION IS THE KEY!!!!! Visit our website http://hackingarticles.in Vagrant box made by RedHatAugust

RedHatAugust/hacksudo-L.P.E. v0.01

Taken from https://www.vulnhub.com/entry/hacksudo-lpe,698/ About Release: Name: hacksudo: L.P.E. Date release: 16 May 2021 Author: Vishal Waghmare Series: hacksudo Description: Box created by hacksudo team members , mahesh pawar And Soham Deshmukh , vishal Waghmare . This box should be easy . This machine was created for the InfoSec Prep Discord Server (https://discord.gg/tsEQqDJh) This box created for improvement of Linux privileged escalation skill , I hope so you guys enjoy, hacksudo LPE update will upload soon . This is beta version. The box was created with Virtualbox ,but it should work with VMWare Player and VMWare workstation Upon booting up use netdiscover tool to find IP address. This is the target address based on whatever settings you have. You should verify the address just incase. Find the root.txt flag submit it to the mybox channel on Discord and get chance to get hacksudo machine hacking course free . Do publish write ups for this box if you can and email me copy on flagsubmit@hacksudo.com This works better with VirtualBox rather than VMware Vagrant box made by RedHatAugust RedHatAugust Notes: The following license agreement was attached to the VM: All Right Reserved Trademark Register

RedHatAugust/hacksudo-FOG v0.01

Taken from https://www.vulnhub.com/entry/hacksudo-fog,697/ About Release: Name: hacksudo: FOG Date release: 14 May 2021 Author: Vishal Waghmare Series: hacksudo Description: This box should be easy . This machine was created for the InfoSec Prep Discord Server (https://discord.gg/7ujQrt393b) The box was created with Virtualbox. Upon booting up use netdiscover tool to find IP address. This is the target address based on whatever settings you have. You should verify the address just incase. Find the user.txt and root.txt flag submit it to the mybox channel on Discord and get chance to get hacksudo machine hacking course free . Do publish write ups for this box if you can and email me copy on vishal@hacksudo.com Box created by vishal Waghmare only This box works better with VIrtualBox rather than VMware Vagrant box made by RedHatAugust RedHatAugust Notes: The following license agreement was attached to the VM: all right reserverd by hacksudo hacksudo is trademark registered company @india

RedHatAugust/AdmX-1.0.1 v0.01

Taken from https://www.vulnhub.com/entry/admx-101,694/ About Release: Name: AdmX: 1.0.1 Date release: 11 May 2021 Author: deathflash1411 Series: AdmX Description: AdmX is an easy/medium machine built for OSCP aspirants. For any queries please contact me on twitter: @deathflash1411 ## Changelog 2021-05-11 - v1.0.1 2021-05-06 - v1.0.0 Vagrant box made by RedHatAugust

RedHatAugust/Midwest-1 v0.01

Taken from https://www.vulnhub.com/entry/midwest-1,692/ About Release: Name: Midwest: 1 Date release: 03 May 2021 Author: renmizo Series: Midwest Description: N/A Heads up - A bit of brute force is required This works better with VirtualBox rather than VMware Vagrant box made by RedHatAugust RedHatAugust Notes: I was not able to get this machine to work. Reached out to the machine author and am waiting on a response.