Hack Troubleshooting Scenarios

advent2025 apache bash c caddy clickhouse csv data processing disk volumes dns docker envoy etcd git golang gunicorn hack haproxy harbor hashicorp vault helm java jenkins json kubernetes linux-other mongodb mysql nginx node.js php podman postgres prometheus python rabbitmq redis sql sqlite ssh ssl supervisord systemd traefik

realistic / interviews new pro business

Hack

Hacking Scenarios

#	Name	Level	Time	Type
1	"Taipei": Come a-knocking	Easy	15 m	Hack	"Taipei": Come a-knocking Scenario: "Taipei": Come a-knocking Level: Easy Type: Hack Access: Email Description: There is a web server on port :80 protected with Port Knocking. Find the one "knock" needed (sending a SYN to a single port, not a sequence) so you can `curl localhost`. Test: Executing `curl localhost` returns a message with md5sum fe474f8e1c29e9f412ed3b726369ab65. (Note: the resulting md5sum includes the new line terminator: `echo $(curl localhost)`) Time to Solve: 15 minutes.
2	"Paris": Where is my webserver?	Medium	15 m	Hack	"Paris": Where is my webserver? Scenario: "Paris": Where is my webserver? Level: Medium Type: Hack Access: Email Description: A developer put an important password on his webserver localhost:5000 . However, he can't find a way to recover it. This scenario is easy to to once you realize the one "trick". Find the password and save it in /home/admin/mysolution , for example: `echo "somepassword" > ~/mysolution` Scenario credit: PuppiestDoggo Test: `md5sum ~/mysolution` returns `d8bee9d7f830d5fb59b89e1e120cce8e` Time to Solve: 15 minutes.
3	"Constanta": Jumping Frog	Medium	20 m	Hack	"Constanta": Jumping Frog Scenario: "Constanta": Jumping Frog Level: Medium Type: Hack Access: Email Description: This is a "hacking" or Capture The Flag challenge. You need to copy the message at `/home/user3/secret.txt` into the `/home/admin/solution.txt` file. Test: Running `md5sum /home/admin/solution.txt` returns the hash `7fe16554d0b326309d980314cebc2994` The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 20 minutes.
4	"La Rinconada": Elevating privileges	Medium	15 m	Hack	"La Rinconada": Elevating privileges Scenario: "La Rinconada": Elevating privileges Level: Medium Type: Hack Access: Email Description: You are logged in as the user "admin" without general "sudo" privileges. The system administrator has granted you limited "sudo" access; this was intended to allow you to read log files. Your mission is to find a way to exploit this limited sudo permission to gain a full root shell and read the secret file at /root/secret.txt Copy the content of /root/secret.txt into the /home/admin/solution.txt file, for example: `cat /root/secret.txt > /home/admin/solution.txt` (the "admin" user must be able to read the file). Test: As the user "admin", `md5sum /home/admin/solution.txt` returns `52a55258e4d530489ffe0cc4cf02030c` (we also accept the hash of the same secret string without an ending newline). The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 15 minutes.
5	"Annapurna": High privileges	Medium	20 m	Hack	"Annapurna": High privileges Scenario: "Annapurna": High privileges Level: Medium Type: Hack Access: Email Description: You are logged in as the user admin. You have been tasked with auditing the admin user privileges in this server; "admin" should not have sudo (root) access. Exploit this server so you as the admin user can read the file /root/mysecret.txt Save the content of /root/mysecret.txt to the file /home/admin/mysolution.txt , for example: `echo "secret" > ~/mysolution.txt` Test: Running `md5sum /home/admin/mysolution.txt` returns `47ee165a2262476f6866902a93f2a41d`. (We also accept the md5sum of the same file without a newline at the end). The "Check My Solution" button runs the script /home/admin/agent/check.sh, which you can see and execute. Time to Solve: 20 minutes.
6	"Roseau": Hack a Web Server	Hard	30 m	Hack	"Roseau": Hack a Web Server Scenario: "Roseau": Hack a Web Server Level: Hard Type: Hack Access: Email Description: There is a secret stored in a file that the local Apache web server can provide. Find this secret and have it as a /home/admin/secret.txt file. Note that in this server the admin user is not a sudoer. Also note that the password crackers Hashcat and Hydra are installed from packages and John the Ripper binaries have been built from source in /home/admin/john/run Test: `sha1sum /home/admin/secret.txt \|awk '{print $1}'` returns `cc2c322fbcac56923048d083b465901aac0fe8f8` Time to Solve: 30 minutes.
7	"Monaco": Disappearing Trick	Hard	30 m	Hack	"Monaco": Disappearing Trick Scenario: "Monaco": Disappearing Trick Level: Hard Type: Hack Access: Email Description: There is a web server on :5000 with a form. POSTing the correct form password into this web service will return a secret. Save this secret provided by the web page (not the password you sent to it) to /home/admin/mysolution, for example: `echo "SecretFromWebSite" > ~/mysolution` TIP: a developer worked on the web server code in this VM, using the same 'admin' account. Scenario credit: PuppiestDoggo Test: `md5sum /home/admin/mysolution` returns `a250aa19f16dda6f9fcef286f035ec4b` Time to Solve: 30 minutes.

Hack Troubleshooting Scenarios

Hack

Hacking Scenarios

"Taipei": Come a-knocking

"Paris": Where is my webserver?

"Constanta": Jumping Frog

"La Rinconada": Elevating privileges

"Annapurna": High privileges

"Roseau": Hack a Web Server

"Monaco": Disappearing Trick

Send Us Feedback or Get Notified