【VulnHub】【2023年07月18日】最新全部靶场详情（中）

名称
发布日期
作者名称
系列
镜像大小
下载地址
描述1
描述2
MD5
SHA1
虚拟机格式
操作系统
DHCP服务
IP地址


five86: 2
14 Jan 2020
DCAU
five86
1.7 GB
https://download.vulnhub.com/five86/Five86-2.zip
Five86-2 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
The ultimate goal of this challenge is to get root and to read the one and only flag. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward. Five86-2 is a VirtualBox VM built on Ubuntu 64 bit, but there shouldn’t be any issues running it on most PCs. Five86-2 has been tested successfully on VMWare Player, but if there are any issues running this VM in VMware, have a read through of this. It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox or VMWare and away you go. While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. A big thanks goes out to the members of @m0tl3ycr3w and @syed__umar. I’m also very interested in hearing how people go about solving these challenges, so if you’re up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you’ve DM’d me if you’d prefer). I can be contacted via Twitter - @Five86_x
2791B8B8489D91500AB9F0CE6C07E52E
F9A7E0700464D07BFAA2A37C77E7506A7FD81D77
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

hackNos: ReconForce (v1.1)
18 Jan 2020
Rahul Gehlaut
hackNos
1.5 GB
https://download.vulnhub.com/hacknos/ReconForce-01.1.ova
Good Enumeration Skills
Difficulty: Easy to Intermediate Flag: 2 Flag first user And the second root Learning: Web Application | Enumeration | Privilege Escalation Web-site: www.hacknos.com Contact-us Twitter: @rahul_gehlaut## Changelogv1.1 - 2020-01-18v1.0 - 2020-01-11
BC62DC7A7B9F3ED26B1D08F9740D542B
DF9F2E296D96BD6EE8455361FE8C92EB5046A44F
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Secret Hacker: Vulnerable Web Application Server
16 Dec 2019
Secret Hacker
Secret Hacker
2.4 GB
https://download.vulnhub.com/secrethacker/Hackable-Secret_Hacker.rar
Blog Post : https://secrethackersite.blogspot.com/2019/10/hackable-secret-hacker-vulnerable-web.html
This works better with VirtualBox rather than VMware
CB02E44050986B194AF7A6ABE2673947
6327A69538F944F0C3BDD65137442C7DA85DEA92
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

djinn: 2
23 Jan 2020
0xmzfr
djinn
1.1 GB
https://download.vulnhub.com/djinn/djinn-2.ova


611C7C2D1AA8E5036D3E35480C75D106
A5D5529D9050A5EF2C5A163122052AA7E85B1B79
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 9
29 Dec 2019
DCAU
DC
700 MB
https://download.vulnhub.com/dc/DC-9.zip
DC-9 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
The ultimate goal of this challenge is to get root and to read the one and only flag. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward. DC-9 is a VirtualBox VM built on Debian 64 bit, but there shouldn’t be any issues running it on most PCs. DC-9 has been tested successfully on VMWare Player, but if there are any issues running this VM in VMware, have a read through of . It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox or VMWare and away you go. While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. A big thanks goes out to the members of @m0tl3ycr3w. I’m also very interested in hearing how people go about solving these challenges, so if you’re up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you’ve DM’d me if you’d prefer). I can be contacted via Twitter - @DCAU7
69A5C7F9712B1A35B61CBCF7BF4A0455
B9A3018997C4C01FFE0994AD019E0C37FF019001
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Doomsday: 1
31 Dec 2019
c0rruptedb1t
Doomsday
1.7 GB
https://download.vulnhub.com/doomsday/Doomsday.zip
The Stheno Corporation are planning to cause a doomsday event using an unknown doomsday device within the next 12 hours, are you able to stop them dead in their tracks?
Stop the doomsday from occuring by disabling the doomsday devices created by The Stheno Corporation. Once you have succeeded you can retrieve your flag from http://192.168.56.105/flag.php There are two vms that need to be powered on at the same time you cannot have one open while the other is offline The vms must be on a host-only network and must be able to use the following ips (default settings for virtualbox): Settings for virtualbox: - IPv4 Address: 192.168.56.1 - IPv4 Netmask: 255.255.255.0 DHCP: This must be setup as there are strict firewall rules on the vms Do not worry if you cannot reach 192.168.56.107 from the host pc this is intendedThis works better with VirtualBox rather than VMware
F3F924A8E6E07F754CD2F34CFDFEB503
F7A9C3F42829DA6947E390B3C51D4D772B50D92E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

inclusiveness: 1
10 Feb 2020
h4sh5 & Richard Lee
inclusiveness
2.6 GB
https://download.vulnhub.com/inclusiveness/Inclusiveness.ova
Inclusiveness is an intermediate boot to root VM to practice your hacking skills. Can you get in?

DC3A7055AE1C7CD7B8C7A2725C5B4071
B753DFDA6F76107382AB5323A7B61473372621EA
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

EnuBox: Mattermost
6 Jan 2020
Avraham Cohen
EnuBox
3.5 GB
https://download.vulnhub.com/enumbox/Mattermost.7z


CC6BF6DD876FF62C1530B9DC284490F1
3C5C6B323A6DB7AEB996F51FF6D875561870C010
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

WTF: 1
22 Nov 2019
pwn4magic
WTF
1001 MB
https://download.vulnhub.com/wtf/wtf.rar
beginner - intermediate machine, your goal is to read /root/flag.txt.
Remember, good enumeration! VMware based, you may have problems with VB.
69AFAACCF4F57064F8551D5CC32B72DD
7B98C7A8CD5C861F9D2C868A282C5BAB7834F802
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

In Plain Sight: 1.0.1
2 Dec 2019
bzyo
In Plain Sight
1.6 GB
https://download.vulnhub.com/inplainsight/inplainsight1.ova
Level: Beginner - Intermediate
Description: Built/Tested with VirtualBox. DHCP enabled. Need to get root to read flag## Changelog2019-12-02: v1.0.12019-11-22: v1.0
97ED126C3059D36256B9A03A1AC86DA7
ABCC0A81C31CDA533B08A7F1F08071C40A37E937
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Me and My Girlfriend: 1
13 Dec 2019
TW1C3
Me and My Girlfriend
693 MB
https://download.vulnhub.com/meandmygirlfriend/Me-and-My-Girlfriend-1.ova
Description: This VM tells us that there are a couple of lovers namely Alice and Bob, where the couple was originally very romantic, but since Alice worked at a private company, “Ceban Corp”, something has changed from Alice’s attitude towards Bob like something is “hidden”, And Bob asks for your help to get what Alice is hiding and get full access to the company!
Difficulty Level: Beginner Notes: there are 2 flag files Learning: Web Application | Simple Privilege Escalation
E5BE41E7C0DA9ADE0A2D420607F05A3A
4CD0DB2B048C53E927D2DB5CFB5F441B03966067
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

sunset: dusk
1 Dec 2019
whitecr0wz
sunset
1.1 GB
https://download.vulnhub.com/sunset/dusk.7z
Description: Here is another one, enjoy.
Difficulty: Beginner Contact: @whitecr0wzThis works better with VirtualBox rather than VMware
080B018FB98340B347CCEBE2E0C68F30
5A479A65AAC98FD436548D8815C67B0BF54BD021
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

hackNos: Os-hackNos
27 Nov 2019
Rahul Gehlaut
hackNos
827 MB
https://download.vulnhub.com/hacknos/Os-hackNos-1.ova
Difficulty : Easy to Intermediate
Flag : 2 Flag first user And second root Learning : exploit | Web Application | Enumeration | Privilege Escalation Website : www.hackNos.com mail :
597902F4E99775B7379EE9E4C671499E
22511AD173136AA25F1DD5B3E3F20018E78641E8
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

MyExpense: 1
7 Dec 2019
Sh4rpf0rc3
MyExpense
1.2 GB
https://download.vulnhub.com/myexpense/MyExpense-Vulnerable-Web-Application.ova
MyExpense is a deliberately vulnerable web application that allows you to train in detecting and exploiting different web vulnerabilities. Unlike a more traditional “challenge” application (which allows you to train on a single specific vulnerability), MyExpense contains a set of vulnerabilities you need to exploit to achieve the whole scenario.
You are “Samuel Lamotte” and you have just been fired by your company “Furtura Business Informatique”. Unfortunately because of your hasty departure, you did not have time to validate your expense report for your last business trip, which still amounts to 750 € corresponding to a return flight to your last customer. Fearing that your former employer may not want to reimburse you for this expense report, you decide to hack into the internal application called to manage employee expense reports. So you are in your car, in the company carpark and connected to the internal Wi-Fi (the key has still not been changed after your departure). The application is protected by username/password authentication and you hope that the administrator has not yet modified or deleted your access. Your credentials were: samuel/fzghn4lw Once the challenge is done, the flag will be displayed on the application while being connected with your (samuel) account. If you need to restore the database : go to http://IP/config/setup.phpThis works better with VirtualBox rather than VMware
6CB854185924742C8B6B46C31B62CF33
1048B4193F449D44F00C2D7CB3008B875FCC6047
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

UA: Literally Vulnerable
6 Dec 2019
Syed Umar Arfeen
UA
967 MB
https://download.vulnhub.com/ua/LiterallyVulnerable.7z
Vulnerable is supposed to give beginners a taste of real-world scenarios and OSCP machines at the same time! It was inspired highly by the @DC series.
You’re supposed to know the big three (EEEs) Enumeration, Exploitation & Escalation of pentesting to pwn the machine. The machine is supposed to be beginner-friendly and the difficulty level is Easy-Intermediate depending on your knowledge. You need to have enough information about Linux file types & permissions for privileges escalation. There are three flags in the machine: local.txt, user.txt & root.txt. You’re supposed to grab all three in order to completely pwn the machine. Hope you like the machine, best of luck! I’ll try my best to continue with the series!
08DEA33CB1B1207321535F2539328101
D1347C065ED7248E8F594A467B494A7658C0E5A1
Virtual Machine (Virtualbox - VDI)
Linux
Enabled
Automatically assign

FSoft Challenges VM: 1
28 Nov 2019
Akasafe Team
FSoft Challenges VM
1.4 GB
https://download.vulnhub.com/fsoft/OVA-Fsoft_Hacking_Challenge.zip
Difficulty : Intermediate
Flag : Need to get root to read flag (root.txt) Learning : Exploit | Web Application | Digital Forensics | Enumeration | Privilege Escalation DHCP enabled Welcome to Fsoft Hacking Labs ! If during boot, you notice Apache error. Please wait one minute then reboot. Labs are designed to destroy themselves when you exploit them incorrectly - Please create a snapshot of yourself. Good luck to you as well ! Akasafe Team - FSOFT
CFE9CF0A7A44761E1DE2E52D0DD4E2CB
68F1F3ACF29F4FB32A67FF2CCBA303E7DC3CBD90
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

hackNos: Os-hackNos-2.1
29 Nov 2019
Rahul Gehlaut
hackNos
1.4 GB
https://download.vulnhub.com/hacknos/Os-hackNos-2.1.ova
Difficulty : Easy to Intermediate
Flag : 2 Flag first user And second root Learning : Web Application | Enumeration | Password Cracking## Changelog- 2019-12-13 ~ v1.1- 2019-11-29 ~ v1.0
576448985771F267792497BA4C806874
BD0F6A35B48DFCAD19329B515FB95768AAE83EF5
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Tempus Fugit: 3
23 Nov 2019
4nqr34z & theart42
Tempus Fugit
3.7 GB
https://download.vulnhub.com/tempusfugit/Tempus-Fugit-3.ova
Tempus Fugit is a Latin phrase that roughly translated as “time flies”.
This is an hard, real life box, created by @4nqr34z and @theart42 to be used as a CTF challenge on Bsides Newcastle 23. november 2019 and released on Vulnhub the same day. In Tempus Fugit 3, the idea is still, like in the first two challenges; to create something “out of the ordinary”. The vm contains 5 flags. If you don’t see them, you are not looking in the right place… Need any hints? Feel free to contact us on Twitter: @4nqr34z or @theart42 DHCP-Client. Tested both on Virtualbox and vmware Health warning: For external use onlyThis works better with VirtualBox rather than VMware
564255E0E91EC8BA981A8A1491345112
A09A0EB8CA46B292953642375BE49C611932D00C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

hackNos: Os-hackNos-3
14 Dec 2019
Rahul Gehlaut
hackNos
1.8 GB
https://download.vulnhub.com/hacknos/Os-hackNos-3.ova
Difficulty: Intermediate
Flag: 2 Flag first user And the second root Learning: Web Application | Enumeration | Privilege Escalation Web-site: www.hacknos.com Contact-us : @rahul_gehlautThis works better with VirtualBox rather than VMware
20E94D060CAF653C6AD7223D60254858
A53D8360BC18C3FAFEF217E44425150C9E1DA11A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

sunset: sunrise
6 Dec 2019
whitecr0wz
sunset
3.0 GB
https://download.vulnhub.com/sunset/sunrise.7z
Description: Have fun!
Difficulty: Beginner Contact: @whitecr0wz
D61B9F1C73F2BC78EA02A1EEF5A6D5AA
9F6B2B8C4BFA66755FF152C712769F1DE97B659A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: Dhanush
9 Nov 2019
Hacking Articles
HA
783 MB
https://download.vulnhub.com/ha/dhanush.zip
The
of the . It redefined the warfare to a new level and is mentioned in all the Mythological Accounts in the History. Choose Your Dhanush, Stretch the string and Shoot for Root!! ENUMERATION IS THE KEY!!!
70ACF0E18AC171DE86190F18457984D4
BC5EE785FF19CBEDA1C51414A2BF9C97D5FCFAE2
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Mortal Kombat: 1
18 Oct 2019
p4w
Mortal Kombat
1.5 GB
https://download.vulnhub.com/mortalkombat/MortalKombat.ova
This is an hard machine.
You’ll need to master and chain together multiple vulnerabilities. If you need a hint feel free to contact me on Twitter: @p4w16This works better with VirtualBox rather than VMware
3C547FAC1BABB64994EE0D8CDC3A0E6D
1E2243DBF26643920F867D8694C55BB10942B8AE
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: Chanakya
9 Nov 2019
Hacking Articles
HA
884 MB
https://download.vulnhub.com/ha/chanakya.zip
The Mastermind that took down kingdoms is back and this time he has created a puzzle that would make you scratch you brains! It’s time to face Chanakya.
Will you be able to solve this Boot to Root and prove that you are wiser? ENUMERATION IS THE KEY!!!
CB975BB516FB07C185080547E42C55F3
63A9279DA098F98EA427C49683A544A34F2A43C1
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Connect The Dots: 1
21 Oct 2019
Sumit Verma
Connect The Dots
2.3 GB
https://download.vulnhub.com/connectthedots/Connect-The-Dots.ova


30B807367C47A94492BF25ED4E789462
C2D354487D39B91A7337FF2E2575009355553998
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

hackNos: Os-Hax
1 Nov 2019
Rahul Gehlaut
hackNos
918 MB
https://download.vulnhub.com/hacknos/Os-Hax.ova
Difficulty : Intermediate
Flag : boot-root Learing : exploit | web application Security | Privilege Escalation Contact … https://www.linkedin.com/in/rahulgehlaut/This works better with VirtualBox rather than VMware
55FA67F69A481C3F71427628DE98D42E
C6B801D3C7702898A1699CC671125234284879B6
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

CyNix: 1
18 Nov 2019
Sumit Verma
CyNix
1.6 GB
https://download.vulnhub.com/cynix/CyNix.ova

This works better with VirtualBox rather than VMware.
F4C85FAFABA25AFD9444D8EB61E6990D
71DA0D6193665C51BC54A3F305F5DF561742771E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: Rudra
22 Oct 2019
Hacking Articles
HA
685 MB
https://download.vulnhub.com/ha/rudra.zip
This festive season witness the Mahakaal himself in this Boot to Root Challenge. Gain the Root and Get indulged in the Bliss of The Rudra. Call yourself the True Bhole Bakth on completion of this challenge.
ENUMERATION IS THE KEY!!!
3C432A797790B8189280239CEF0E4871
ACBEC196530BF65EA2D13B40B8C4FC9C5AAEFD24
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

View2aKill: 1
29 Oct 2019
creosote
View2aKill
4.0 GB
https://download.vulnhub.com/view2akill/View2aKill.ova
Mission: Millionaire psychopath Max Zorin is a mastermind behind a scheme to destroy Silicon Valley in order to gain control over the international microchip market. Get root and stop this madman from achieving his goal!

7147C0C8F871B0FBCFC07383FDB73CCE
58B95DD4668721DD10D792BCBE196D5AB11146AA
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

EVM: 1
2 Nov 2019
Ic0de
EVM
780 MB
https://download.vulnhub.com/evm/EVM.ova
This is super friendly box intended for Beginner’s
This works better with VirtualBox rather than VMware
19D564088D642EF1A63D23A87EB4F4F7
94758070A7907FC4C8CD0BA39E8E2659DDE0B56E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: Chakravyuh
30 Oct 2019
Hacking Articles
HA
1.1 GB
https://download.vulnhub.com/ha/chakravyuh.zip
Close your eyes and feel the heat of being in the middle of the Chakravyuh. The Epic Battle formation that is said to uncrackable. Can you crack the Uncrackable? Does it have it in you? Crack this epic Challenge and Claim the Title of Arjuna of 21st Century.
ENUMERATION IS THE KEY!!!
2722A5EC177BAF2BB8ADA3C60CC1284A
7A68F4B3203A26F713F073336091F85E4A2EA775
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

hackNos: Os-Bytesec
8 Nov 2019
Rahul Gehlaut
hackNos
885 MB
https://download.vulnhub.com/hacknos/Os-ByteSec.ova
Difficulty : Intermediate
Flag : 2 Flag first user And second root Learning : exploit | SMB | Enumration | Stenography | Privilege Escalation Contact … https://www.linkedin.com/in/rahulgehlaut/This works better with VirtualBox rather than VMware.
5650899EECF15B434AE26847CD89BB8E
414576020669441B8DE9DADCA2F875AD82109EA6
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

djinn: 1
18 Nov 2019
0xmzfr
djinn
1.9 GB
https://download.vulnhub.com/djinn/djinn.ova


AC904F3C4170B0167FEA4A5A08095E10
96E4E858F5E7A9EAF887C15CD34555AB122D805D
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

serial: 2
27 Sep 2019
sk4
serial
1.1 GB
https://download.vulnhub.com/serial/serial2.zip
This box has an intermediate difficulty for the user, I suggest you to enumerate it and use some tools for get the first flag. Note that if you don’t see the flag maybe you should find it in other place .
The hard part is the privilege escalation for the root user, try hard and get the root flag (if you can;))! If you need an hint, feel free to contact me on Twitter: @sk4pwnThis works better with VirtualBox rather than VMware
6CA2A85774D8E8079B4AB222E10DCB3C
8C6C4E737A4695BEB062D14678107250F74A6E6A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Mumbai: 1
25 Sep 2019
Dylan Barker
Mumbai
1.9 GB
https://download.vulnhub.com/mumbai/Mumbai.ova
N/A
This works better with VirtualBox rather than VMware
EAB28413413227DC9C8645DFD3B15B48
5FB5778D9C87EA1BC785F6695B430EBB7A6E514C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

bossplayersCTF: 1
28 Sep 2019
Cuong Nguyen
bossplayersCTF
665 MB
https://download.vulnhub.com/bossplayers/bossplayersCTF.ova
Aimed at Beginner Security Professionals who want to get their feet wet into doing some CTF’s. It should take around 30 minutes to root.
This works better with VirtualBox rather than VMware
CE49887192FEAA7C3349ACEE9551CFF7
5D1D96526D87096508AD50F30F9F7083F5CBB89B
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SafeHarbor: 1
5 Oct 2019
Dylan Barker
SafeHarbor
3.2 GB
https://download.vulnhub.com/safeharbor/SafeHarbor.ova
A harder VM designed to train for both pentesting newer IT infrastructure methodologies as well as network pivot practice.
You’ll need to be familiar with pivoting techniques, web app vulnerabilities, Metasploit and Meterpreter, as well as enumeration methodologies and a good bit of patience. As a note, there are two additional bonus flags that will appear in the /root directory based on pre-defined actions taken during the course of rooting the VM.This works better with VirtualBox rather than VMware.
00CDAEE6E782FD9833DEF91FBB842FED
F3EDD607D91023D10A210AE457C12A3EEFAAB5AD
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SiXeS: 1
8 Oct 2019
Hafidh ZOUAHI
SiXeS
1.5 GB
https://download.vulnhub.com/sixes/SiXeS-1aa67eae208f9fcc3785c1e622805a35.ova
Advanced-Hard Boot2Root machine intended to be used in a Workshop/CTF beside Shellmates Club.
The machine has 6 flags that will guide the challenger through it. It covers web security, binary exploitation, and various misconfigurations.This works better with VirtualBox rather than VMware.
1AA67EAE208F9FCC3785C1E622805A35
C086EA40BCBBFC6DEF483C3D85C18D97BB6E2325
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Bottleneck: 1
28 Sep 2019
bytevsbyte
Bottleneck
1.6 GB
https://download.vulnhub.com/bottleneck/Bottleneck.ova
Bottleneck is an intermediate boot2root machine.
After some cyber attacks the admin hardened the system, show him that it’s not so secure. If you need a hint feel free to contact me on Twitter: @bytevsbyt3
819492A5B6344EF09C981D245F23CA74
54007FB2CBC5642F51A03F1BE1223663C422CC1B
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: Joker
9 Oct 2019
Hacking Articles
HA
856 MB
https://download.vulnhub.com/ha/joker.zip
This lab is going to introduce a little anarchy. It will upset the established order, and everything becomes will become chaos. Get your face painted and wear that Purple suit because it’s time to channel your inner Joker. This is a boot2root lab. Getting the root flag is ultimate goal.
ENUMERATION IS THE KEY!!!
F34A2D25CF07D119F4E19D7D0FCC3DE2
380E9DABF9623901843ADE2A1D5BD567C2BD5A02
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Misdirection: 1
24 Sep 2019
FalconSpy
Misdirection
1.6 GB
https://download.vulnhub.com/misdirection/Misdirection.zip
The purpose of this machine is to grant OSCP students further develop, strengthen, and practice their methodology for the exam.
This works better with VirtualBox rather than VMware
6D1EF59FAFD464F04B77F1CA2AE84529
95238571D43DB60571129C89FDB39F7340164356
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Gears of War: EP#1
17 Oct 2019
eDu809
Gears of War
1.1 GB
https://download.vulnhub.com/gearsofwar/Gear_Of_War%231.ova
Its a CTF machine that deals with the history of gears of war, where we must try to escape from prison and obtain root privileges. it has some rabbit holes, so you have to try to connect the tracks to get access.
This works better with VirtualBox rather than VMware.
1E1A0D3EB9998C8D736A6DEA72D244EE
A11CDCD5718E1D1321583F237FB4CABAAF991F1C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Hacker Fest: 2019
7 Oct 2019
Martin Haller
Hacker Fest
569 MB
https://download.vulnhub.com/hackerfest/HF2019-Linux.ova
The machine was part of my workshop for Hacker Fest 2019 at Prague.
Difficulty level of this VM is very “very easy”. There are two paths for exploit it.This works better with VirtualBox rather than VMware.- .OVA = VirtualBox file- .ZIP = Hyper-V VM (v5)
98C0A9C41F779207689379D1E2E301E8
1D1547763D3183C8049CC3ADAC9A189A6C90965E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: ISRO
4 Oct 2019
Hacking Articles
HA
804 MB
https://download.vulnhub.com/ha/isro.zip
This is our tribute to the Indian Space Research Organisation (ISRO). We as Indians are proud of ISRO and its achievements. Solve this CTF challenge and feel the work of ISRO.
This machine contains 4 different flags to test your skills. ENUMERATION IS THE KEY!!!
439B8D12310E319A8321DA45E7EABE8F
E0523AA0B633B3EE3B4D55E31E6915100E6C0FD3
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

HA: Naruto
11 Oct 2019
Hacking Articles
HA
1001 MB
https://download.vulnhub.com/ha/naruto.zip
Book your tickets to The Konohagakure, and train under Master Jiraiya, Hokage Uzumaki and Tsunade. Use your hacking skills to stop Orrochimaru and Rescue Sasuke. Hack this boot to root and get the title of “The Number One Hyperactive, Knucklehead Ninja”
ENUMERATION IS THE KEY!!!
751ABE040E0F1D23F5B921BA23BE126C
F740033668D87ACDA998C6A0E48F271BC5437D9A
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

HA: Avengers Arsenal
20 Sep 2019
Hacking Articles
HA
4.9 GB
https://download.vulnhub.com/ha/HA-Avengers-Arsenal.ova
Avengers are meant to be Earth’s Mightiest Heroes, but some heroes just aren’t mighty enough without their trusty weapon in hand.
The Goal is to gather all the 5 mightiest weapons: ENUMERATION IS THE KEY!!! Visit our website http://hackingarticles.in
512DCEB15F9F185D6A5C77F79E89EFBE
FB06EEBA7E75558220FDD1DF3127A003D5779C0E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

WebGOAT: 1
16 Sep 2019
Renato Neves
WebGOAT
1.2 GB
https://download.vulnhub.com/webgoat/WebGOAT.ova
This is ubuntu 18.04 server which autostarts webgoat on
Credentials: - user: webgoat - pass: webgoat This machine is used to practice on different types of web attacks. Enjoy!This works better with VirtualBox rather than VMware
F144F3DA6D3BBD0122223C6A32A4B59B
E31A5DEA43EE50E85E76C999E3D8089C189DB446
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: Infinity Stones
16 Sep 2019
Hacking Articles
HA
3.3 GB
https://download.vulnhub.com/ha/HA-InfinityStones.zip
Thanos thinks that if he kills half of all life in the universe, he’ll restore balance. To do so, he needs all six Infinity Stones to power his Infinity Gauntlet, which in turn will give him the ability to bend time, space, energy, and the laws of physics and reality. But the Avengers are one step ahead of Thanos this time. Avengers have hidden all the Infinity Stones all over this CTF. Help Thanos to get all the Infinity Stones and restore the balance of the universe.
This machine contains 6 Infinity Stones with Six different flags to test your skills. Each stone can be found in a different way. ENUMERATION IS THE KEY!!! Visit our website http://hackingarticles.in
598E5FA80F979016FBF5B659C8F9D153
A7E51F535B1E7B948FE1C01BC7EEFA7FF8897EF1
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: Wordy
13 Sep 2019
Hacking Articles
HA
3.5 GB
https://download.vulnhub.com/ha/ha-wordy.ova
Wordy is design for beginners to experience real life Penetration testing. This lab is completely dedicated to Web application testing and there are several vulnerabilities that should be exploited in multiple ways. Therefore, it is not only intended as a root challenge boot, the primary agenda is proactive in exploiting tops listed web application vulnerabilities.
As this is a wordpress based lab, it is designed so that users can practice following vulnerabilities: - LFI - RFI - CSRF - File Upload - SQL There is a total of 3 flags. Completion is only registered on exploiting all vulnerabilities and flags. Hint: “Everything is not what it seems to be.” Visit our website http://hackingarticles.in
DC5E6DDA23847EA6A91D0BF3A952E72D
D96B32FBEA9D684AC81552296F5B58EA027A84AC
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Mordor: 1.1
7 Jan 2020
strider
Mordor
725 MB
https://download.vulnhub.com/mordor/MordorCTF-1.1.ova
Mordor-CTF
Mordor CTF is a CTF-Machine with a nice story. This VM has a small touch of lord of the rings. And tells a story during part 2 of the movies. In this VM are 9 flags to get. This I my first VM i’ve created, I hope you enjoy it. The goal is to reach the root and readout the file /root/flag.txt If you found other ways, to reach the goal, let me know What include this VM? OS: For any hints contact me here [strider007 at protonmail dot com] If you found Bugs or you have problems with the VM, you can contact me also here [strider007 at protonmail dot com] This VM is completely licensed under Creative Commons v3. except the elements by LOTR. I do not own the characters and the elements of LOTR. They was used for the fanfiction story during the CTF. I do not earn money with this machine and all the other elements of this machine. If you use parts of this machine please ensure that you remove all LOTR elements.May work better in VIrtualBox than VMware.## Changelog:1.1 - 2020/01/071.0 - 2019/09/05
4B5441B04D25508CA6EB83D1390F18F0
53C55A7D29F7F88C9517B652861B182D0FDD0BAE
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Tempus Fugit: 2
10 Sep 2019
4ndr34z
Tempus Fugit
2.1 GB
https://download.vulnhub.com/tempusfugit/Tempus-Fugit-2.ova
Tempus Fugit is a Latin phrase that roughly translated as “time flies”.
This is an intermediate, real life box. In Tempus Fugit 2, the idea is still, like in the first vm; to create something “out of the ordinary”. The vm contains both user and root flags. If you don’t see them, you are not looking in the right place… Need any hints? Feel free to contact me on Twitter: @4nqr34z DHCP-Client. Tested both on Virtualbox and vmware Health warning: Have driven people to the brink of insanity
D92F65DA78C90B4043CF6A47C0FA06A6
925CF25D03E29593DDAAD4870EAAE2A680455E41
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Prime: 1
1 Sep 2019
Suraj Pandey
Prime
2.2 GB
https://download.vulnhub.com/prime/Prime_Series_Level-1.rar
This machine is designed for those one who is trying to prepare for OSCP or OSCP-Exam.
This is first level of prime series. Some help at every stage is given. Machine is lengthy as OSCP and Hackthebox’s machines are designed. So you have a target to get root flag as well as user flag. If stuck on a point some help are given at a level of enumeration. If any extra help needed Visit our website http://hacknpentest.com and http://hnpsecurity.com. Some extra improvement needed to my VM please contact me on my email- suraj at hnpsecurity dot com.
8E34566F7C05EFB4092DE9BED7DC364A
3775288C5C02863A29B3F8F1AE42E01E7C080CA8
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 8
8 Sep 2019
DCAU
DC
379 MB
https://download.vulnhub.com/dc/DC-8.zip
DC-8 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
This challenge is a bit of a hybrid between being an actual challenge, and being a “proof of concept” as to whether two-factor authentication installed and configured on Linux can prevent the Linux server from being exploited. The “proof of concept” portion of this challenge eventuated as a result of a question being asked about two-factor authentication and Linux on Twitter, and also due to a suggestion by @theart42. The ultimate goal of this challenge is to bypass two-factor authentication, get root and to read the one and only flag. You probably wouldn’t even know that two-factor authentication was installed and configured unless you attempt to login via SSH, but it’s definitely there and doing it’s job. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward.
B24EA5A4BE61B1A7BFD2774031DEC1AC
B67F48F72B5D7D7DD7B04C8C6CA2C686934AAD80
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HA: Armour
22 Sep 2019
Hacking Articles
HA
1.4 GB
https://download.vulnhub.com/ha/HA-Armour.zip
Klaw has stolen some armours from the Avengers Super-Secret Base. Falcon has checked the manifest, following things are unaccountable:
Klaw hide all these armours and now it’s up to you. Can you use your penetration skills to recover them all? -Captain Steve Rogers P.S. Klaw has a habit of dividing his passwords into 3 parts and save them at different locations. So, if you get some combine them to move forward.This works better with VirtualBox rather than VMware
E2EFC54507391344233C1112894566ED
B34D4FBD71203CDFD3314D8260463F978ACE6610
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

The Fortress: 1
4 Sep 2019
at0mik
The Fortress
1.3 GB
https://download.vulnhub.com/thefortress/The-Fortress-CTF.ova
Hard CTF challenge.

BDEA4C509A8E577FAF46BA505824E173
59F94A734A2098FD219C187C11751BB0B349AAC2
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SP: alphonse (v1.3)
18 Sep 2020
Daniel Solstad
SP
1.1 GB
https://download.vulnhub.com/sp/alphonse-v1.3.ova
Alphonse is into genes and would like to research your DNA. Is his setup secure thought?
Flags: Tested with VirtualBox DHCP enabled Difficulty: Intermediate## Changelogv1.3: 2020-09-18v1.1: 2019-09-10v1.0: 2019-09-08
CD847FFE5ECF47368A920F116F09A3AC
310F0A814F75327191322318867C2056A6FD5561
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Bob's Missing Cat CTF: 1.1
11 Oct 2019
ThreeWhiteHats
Bob's Missing Cat CTF
2.0 MB
https://download.vulnhub.com/bobsmissingcat/BMCInstructablePT1.docx
Bob’s Missing Cat is a three part CTF where the goal is to find your lost cat.
Bob’s Missing Cat Pt. 1 is an introduction to the world of Linux. (This CTF is different from most, intended to be played out more like a story.) Types of Commands learned by the end of Pt. 1: , , , , , , , , , etc. Please do Bob’s Missing Cat Pt. 1 alongside the BMCInstrictable document. Download ~ https://download.vulnhub.com/bobsmissingcat/BMCInstructable.docxYou start local on this VM, not remotely. Find the starting point using the Word document!## Change Log- 1.1 = 2019-10-11- 1.0 = 2019-09-09
C616D2B6CF594865E7FD6E7157A046E3
C9B611A590DD62668983642FE32F16DF8C4E4045
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

sunset: nightfall
29 Aug 2019
whitecr0wz
sunset
1.1 GB
https://download.vulnhub.com/sunset/nightfall.zip
nightfall is a born2root VM designed for beginners.
Virtualbox is strongly recommended for doing this challenge. If you need to contact me for hints you can do it via twitter here: @whitecr0w1This works better with VirtualBox rather than VMware
7AA556D47607926792EEB63ADBDC6EE1
6AE37F8117D4D52E933B561EEE1F6CC3A203BE57
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Broken: Gallery
9 Aug 2019
Avraham Cohen
Broken
1.4 GB
https://download.vulnhub.com/broken/Broken.7z
The gallery is different kind of web application. You find what you are looking for like any other vulnerable web application. Try harder to fix the problem and then you will win. Privilege escalation is another method of security through obscurity.

C35C1C8C0F7AC5D1D897A8A37CFC518E
19568D6ED65BDDFDDF882868A98777A427E2D35B
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

serial: 1
20 Aug 2019
sk4
serial
3.5 GB
https://download.vulnhub.com/serial/serial.zip
This is a simple boot2root for beginner/immediate. If you need a hint, feel free to contact me on Twitter: @sk4pwn
This is just the hard drive. You will need to create a new VM and then attached this HDD instead of creating a new one.
CD969E8B553987B0C0048A0F9C00456D
A8CBD92E4CE946C0C558884DB3B9AA434CEB0D3F
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

AI: Web: 2
1 Sep 2019
Mohammad Ariful Islam
AI: Web
907 MB
https://download.vulnhub.com/aiweb/AI-Web-2.0.7z
This is the second box from the series AI: Web and you will have more fun to crack this challenge. The goal is simple. Get flag from /root/flag.txt. Enumerate the box, get low privileged shell and then escalate privilege to root.
You may need to crack password. Use wordlist SecLists/rockyou-45.txt by Mr. Daniel Miessler. For any hint please tweet on @arif_xpress
4C409F159C933C40A1E2349A68B3B8CE
11DE56FC5BEFBC01A811530EED53B58D43332996
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 7
31 Aug 2019
DCAU
DC
939 MB
https://download.vulnhub.com/dc/DC-7.zip
DC-7 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
While this isn’t an overly technical challenge, it isn’t exactly easy. While it’s kind of a logical progression from an earlier DC release (I won’t tell you which one), there are some new concepts involved, but you will need to figure those out for yourself. If you need to resort to brute forcing or dictionary attacks, you probably won’t succeed. What you will need to do, is to think “outside” of the box. Waaaaaay “outside” of the box. The ultimate goal of this challenge is to get root and to read the one and only flag. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward. DC-7 is a VirtualBox VM built on Debian 64 bit, but there shouldn’t be any issues running it on most PCs. I have tested this on VMWare Player, but if there are any issues running this VM in VMware, have a read through of . It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox or VMWare and away you go. While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. I’m also very interested in hearing how people go about solving these challenges, so if you’re up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you’ve DM’d me if you’d prefer). I can be contacted via Twitter - @DCAU7
B7F6186240BD5BDF8D612E3AE6D6A92B
C40A1CB152215E154A120EB7C53E4E906353BE9A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

GrimTheRipper: 1
20 Aug 2019
Manish Chandra
GrimTheRipper
1.5 GB
https://download.vulnhub.com/grimtheripper/grim.zip
This boot2root is a linux based virtual machine and has been tested using VMware workstation.
Goal: Get the root shell and then obtain flag under: . For any query contact me at: chandramanish900 at gmail dot com
9B07A43E935893DC67E6C4263DB25D5B
6877CE29AAAD0C4CEF32EE9FD5981853E059175A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

symfonos: 4
20 Aug 2019
Zayotic
symfonos
847 MB
https://download.vulnhub.com/symfonos/symfonos4.7z
OSCP-like Intermediate real life based machine designed to teach people the importance of trying harder.
This works better with VirtualBox rather than VMware.
F871F080D190BFC0E2FAA143CCB0AC4C
D4B5453FDFB811FB30C679A50DD221E5BB26876E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

dpwwn: 3
12 Aug 2019
Debashis Pal
dpwwn
660 MB
https://download.vulnhub.com/dpwwn/dpwwn-03.zip
Name: dpwwn-03
Date release: 12 Aug 2019 Author: Debashis Pal Series: dpwwn This boot2root is a linux based virtual machine and has been tested using VMware workstation. Goal: Get the root shell and then obtain flag under /root(dpwwn-03-FLAG.txt). Filename: dpwwn-03.zip File size: 659 MB MD5: ba0e52d75803daadd29a782bdac8a22e SHA1: 3e25cb3b0f97119500979ae5cfe408bb9eeb53744a48223184e94be1426aaf0d Format: Virtual Machine (VMware) Operating System: Linux DHCP service: Enabled IP address: Automatically assign Note: NAT mode was set.
BA0E52D75803DAADD29A782BDAC8A22E
49B0AE3C371D75B039AF987DED2B0A0D7D8A5E02
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

scarecrow: 1.1
26 Aug 2019
sk4, p4w & bvb
scarecrow
1.2 GB
https://download.vulnhub.com/scarecrow/scarecrow.1.1.zip
This is an intermediate machine. Your goal is to get paw-sk4 user and then root flag. Try harder and share with us the flag, if you can .
For any need, contact us on Twitter: @sk4pwn @p4w16 and @bytevsbyt3## Changelog2019-08-21: v1.02019-08-26: v1.1 - Fixed a bug with privilege escalation
04A22B9AFCF4D9134A2D280DCAD3CA02
67FC1FBFF003FE7D40384E6C8CFDE79967271DEC
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Tempus Fugit: 1
16 Aug 2019
4ndr34z & DCAU
Tempus Fugit
1.8 GB
https://download.vulnhub.com/tempusfugit/Tempus-Fugit.ova
Tempus Fugit is a Latin phrase that roughly translated as “time flies”.
It is an intermediate real life box. Created mostly by 4ndr34z with some assistance by DCAU, the idea behind Tempus Fugit was to create something “out of the ordinary” and without giving anything away, something “dynamic” and a lot like time… changing. The vm contains both user and root flags. If you don’t see them, you are not looking in the right place… Need any hints? Feel free to contact us on Twitter: @4nqr34z @DCAU7 DHCP-Client. Tested both on Virtualbox and vmware Health warning: May drive people insane## Changelog2019-08-16 ~ Beta2019-08-16 ~ Final (Same day, different release)
DE0AC0A1326918AFFBAD63E4ED34875B
2866CD558C50547BA3822DB7BD38A95DF924390C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

nezuko: 1
21 Aug 2019
yunaranyancat
nezuko
2.9 GB
https://download.vulnhub.com/nezuko/nezuko.zip
Creator : @yunaranyancat (Twitter)
Difficulty : Easy ~ Intermediate OS Used: Ubuntu 18.04 Services : Webmin 1.920, Apache, SSH User : root, zenitsu, nezuko Hashes : at their home directory
10DBD333208D012E620242276BE2F817
7D545A6F86532EC17157104F1952364A6AEDE2A5
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

AI: Web: 1
21 Aug 2019
Mohammad Ariful Islam
AI: Web
823 MB
https://download.vulnhub.com/aiweb/AI-Web-1.0.7z
Difficulty: Intermediate
Network: DHCP (Automatically assign) Network Mode: NAT This box is designed to test skills of penetration tester. The goal is simple. Get flag from /root/flag.txt. Enumerate the box, get low privileged shell and then escalate privilege to root. For any hint please tweet on @arif_xpress
F7A1D2D740AD6D09647C16D7586B3D03
28D3BDA0D84F4302A36B8178A40156056A03A6CD
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

jigsaw: 2
27 Jul 2019
Zayotic
jigsaw
1.4 GB
https://download.vulnhub.com/jigsaw/jigsaw2.7z
Difficulty: Insane
It has 2 flags. Certain functionality only work with VMware.
B9D50698B642DA806F033F75B437CE2F
52898AC143B0BBB69392BC4C6AF4BD1784FAF88E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

dpwwn: 1
4 Aug 2019
Debashis Pal
dpwwn
618 MB
https://download.vulnhub.com/dpwwn/dpwwn-01.zip
Name: dpwwn-01
Date release: 04 Aug 2019 Author: Debashis Pal Series: dpwwn This boot2root is a linux based virtual machine and has been tested using VMware workstation 14. The network interface of VM will take it’s IP settings from DHCP (Network Mode: NAT). Goal: Gain the root privilege and obtain the content of dpwwn-01-FLAG.txt under /root Directory. Note: Tested on VMware workstation 14. Difficulty: Easy/helpful for beginners. Format: Virtual Machine (VMware) Operating System: Linux DHCP service: Enabled IP address: Automatically assign Note: NAT mode was set.
3C33FD411D7D7D74503F18C96740EED5
E7FA062AB0E9B0B121F9715040FE8859D5BCBB74
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

sunset: dawn
3 Aug 2019
whitecr0wz
sunset
1.6 GB
https://download.vulnhub.com/sunset/dawn.zip
dawn is a boot2root machine with a difficulty designed to be Easy with multiple ways to be completed. It is recommended to use Virtualbox.
If you need to contact me for hints you can do it via twitter here: @whitecr0w1
A60B7A68671823C26D51A77F1DC9A7DC
B690A624BB52C64D84F0548E0895357F2A1C6435
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

ReadMe: 1
26 Jul 2019
Rob
ReadMe
1.2 GB
https://download.vulnhub.com/readme/ReadMe.ova
N/A

9C60559302D106D8A6468474B15ECE51
C7E0C0B7F7DB4AD5A571A71BA7FC977C2DFA6CB7
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Tr0ll: 3
6 Aug 2019
Maleus
Tr0ll
4.0GB
https://download.vulnhub.com/tr0ll/Tr0ll3.ova
The latest version of the Tr0ll series. This one is a little different from the previous iterations, I would say still on the beginner++ level. I hope everyone has fun, be sure to tag @Maleus21 with screen shots of the flag.
You will need to login with : Type: Boot 2 Root Goal: Obtain flag.txt Difficulty: Beginner++ Fun level: Over 9000
E264031F36FEECE381A655F2D1937F69
8FE19E4A0D3FB50BE7324843586D96A36812DB9F
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

symfonos: 3.1
7 Apr 2020
Zayotic
symfonos
979 MB
https://download.vulnhub.com/symfonos/symfonos3v2.7z
Intermediate real life based machine designed to test your skill at enumeration. If you get stuck remember to try different wordlist, avoid rabbit holes and enumerate everything thoroughly. SHOULD work for both VMware and Virtualbox.
For hints you’re welcome to contact me via Twitter @zayotic## Changelogv3.1 - 2020-04-07v3.0 - 2019-07-20
18B52E45E2E0B23A118A8122306BF250
86E77ACA2BACEDD0BDE23292718B0365BC9847D6
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

The Library: 1
22 Jul 2019
Avraham Cohen
The Library
1.2 GB
https://download.vulnhub.com/thelibrary/Library.7z
The library is a sophisticated web application which has few advanced vulnerabilities. You will have to think out of the box to be able to compromised successfully this machine. If you can’t you can just enjoy countries history 

309AE8BEBE72F3F227F1CDB363F3D7FB
2F15B68B9C0CEE131A8EA0571187683A68C6241A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

The Library: 2
25 Jul 2019
Avraham Cohen
The Library
1.2 GB
https://download.vulnhub.com/thelibrary/Library-2.7z
The library is a sophisticated web application which has few advanced vulnerabilities. You will have to think out of the box to be able to compromised successfully this machine. If you can’t you can just enjoy countries history 
Hint: PHP $_REQUEST
737911917B4C40C3C047C80F34B65082
B9BA3E7D5720D9532512E5AA317C30D20DDEB982
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

sunset: 1
29 Jul 2019
whitecr0wz
sunset
843 MB
https://download.vulnhub.com/sunset/sunset.zip
N/A

A4EC1CFB0F5DF080002C71F8207A2525
A4EC1CFB0F5DF080002C71F8207A2525
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

MinU: v2
18 Jul 2019
8BitSec
MinU
53 MB
https://download.vulnhub.com/minu/MinUv2.ova.7z
This boot2root is a linux based virtual machine and has been tested using VirtualBox. The network interface of the virtual machine will take it’s IP settings from DHCP.
Your goal is to capture the flag on /root. : Tested on VirtualBox : Host-Only, NAT (not required) : OVA : easy/intermediateThis works better with VirtualBox than VMware.
ED68CE401725058989A844DDD143EE86
27345775AF82B5152D8A9DE4A1B1396A28E5B3FA
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

dpwwn: 2
8 Aug 2019
Debashis Pal
dpwwn
1.4 GB
https://download.vulnhub.com/dpwwn/dpwwn-02.zip
Name: dpwwn-02
Date release: 09 Aug 2019 Author: Debashis Pal Series: dpwwn This boot2root is a linux based virtual machine and has been tested using VMware workstation. Difficulty: Intermediate++ and fun. Goal: Get the root shell i.e.( :~#) and then obtain flag under /root(dpwwn-02-FLAG.txt). Filename: dpwwn-02.zip File size: 1.37 GB MD5: 0ebd0bd68d651e65608a17310ca567e2 SHA1: 41856ebd27341fc9300a65724c47476f63edccbaaae30dced0c50cf1b4e52645 Format: Virtual Machine (VMware) Operating System: Linux DHCP service: Disabled Static IP address: 10.10.10.10 Note: Host only network adapter set (VM IP: 10.10.10.10/24)
0EBD0BD68D651E65608A17310CA567E2
AD1AED8C03296C029D5B2DC3FBDDD1DB3EDAE019
Virtual Machine (VMware)
Linux
Disabled
10.10.10.10

WestWild: 1.1
29 Jul 2019
Hashim Alsharef
WestWild
642 MB
https://download.vulnhub.com/westwild/West-Wild-v1.1.ova
West Wild v1 1 is a beginner level CTF series, created by Hashim This CTF series is for people who have basic knowledge of penetration Testing tools and techniques , and this machine is include of
1- System Testing Level = intermediate and i hope you all will Have F0n ## Changelogv1.1 - 2019-08-08 ~ Fix DHCPv1 - 2019-07-29
7047F9AA30DCB5F3938EB65B903D4CC2
6ADCDDFE8847643ADE930F2B08034D2799D7ED32
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Ted: 1
16 Jul 2019
Avraham Cohen
Ted
1.6 GB
https://download.vulnhub.com/ted/Ted.7z
How well do you understand PHP programs? How familiar are you with Linux misconfigurations? This image will cover advanced Web attacks, out of the box thinking and the latest security vulnerabilities.
Please note that this is capture the flag machine which means it is not real life scenario but will challenge you hard before you can obtain root privileges.
5EF03E7346ABA7B66A0E384C248789FB
E72BAD7609476F2CCDDA9B4DD5EABCDAF75CC48D
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

CLAMP: 1.0.1
14 Jul 2019
Mehmet Kelepçe
CLAMP
2.3 GB
https://download.vulnhub.com/clamp/CLAMP-Machine-v1.0.1.zip
There are many vulnerabilities on the CLAMP machine.
You need some time and patience when dealing with security vulnerabilities. The scenario is progressing through web vulnerabilities. You will feel the test air while doing them. Maybe you’il have some fun. When sending information, the security of the protocol you use is very important. You must keep the evidence in safe places. Good Luck!## Changelog- v1.0.1 ~ 14/07/2019- v1.0.0 ~ 13/06/2019
268B8A8947F25E4E47DE3A9A30DDFD04
8F7A880342377D16C60D5CC6864E448F5C51781A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

hackme: 1
18 Jul 2019
x4bx54
hackme
3.1 GB
https://download.vulnhub.com/hackme/hackme.ova
‘hackme’ is a beginner difficulty level box. The goal is to gain limited privilege access via web vulnerabilities and subsequently privilege escalate as root. The lab was created to mimic real life environment.
‘hackme’ uses DHCP and in the possible event that the mysqld shuts down on its own (very rare cases), attempt to force restart the machine and it should be working fine subsequently.This works better with VirtualBox rather than VMware
52D0FE633959338AB762A91946BBE8FA
970D01C7079DCD6C699EB20EFF8E15CD419CDFAA
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Matrix: 3
9 Jul 2019
Ajay Verma
Matrix
554 MB
https://download.vulnhub.com/matrix/Machine_Matrix_v3.ova
: Matrix is a medium level boot2root challenge Series of MATRIX Machines. The OVA has been tested on both VMware and Virtual Box.
[Flags: Your Goal is to get root and read /root/flag.txt Networking: DHCP: Enabled IP Address: Automatically assigned Hint: Follow your intuitions … and enumerate! For walkthrough writeup permission or any other query, feel free to contact me on: Twitter: @unknowndevice64 or Email: info@]ud64.com : 554 MB : linux : intermediate
23C9BCF1C187549C9DB3EB973A9AF36A
4276F80E54141B02D16E3D1FCCFF357178E7F4A7
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DomDom: 1
11 Jul 2019
Avraham Cohen
DomDom
2.1 GB
https://download.vulnhub.com/domdom/DomDom.7z
How well do you understand PHP programs? How familiar are you with Linux misconfigurations? This image will cover advanced Web attacks, out of the box thinking and the latest security vulnerabilities.
Please note that this is capture the flag machine which means it is not real life scenario but will challenge you hard before you can obtain root privileges.
EB35ECAA5650E282133D2F6CC9D696D3
71A28748B3504E7DD7BD957B01268BF185832BE3
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

CTF KFIOFan: 2
1 Jun 2019
Khaos Farbauti Ibn Oblivion
CTF KFIOFan
872 MB
https://download.vulnhub.com/kfiofan/CTF-KFIOFan2.ova
The two french fans of Khaos Farbauti Ibn Oblivion are back ! Since the last attack on their server, Bob is trying to create a new, so much more secure, one. … Well at least he thinks so. Time to prove him wrong !
Difficulty : Beginner with some little non-usual twists Flag : No flag except for the root one, some easter eggs along the wayThis works better with VirtualBox rather than VMware.
F01385F030D14C81FB322625071B7CFE
FB4E234823503001CC79DE36A1590F8A0F3CA8FA
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Mission-Pumpkin v1.0: PumpkinRaising
2 Jul 2019
Jayanth
Mission-Pumpkin v1.0
844 MB
https://download.vulnhub.com/missionpumpkin/PumpkinRaising.ova
Mission-Pumpkin v1.0 is a beginner level CTF series, created by keeping beginners in mind. This CTF series is for people who have basic knowledge of hacking tools and techniques but struggling to apply known tools. I believe that machines in this series will encourage beginners to learn the concepts by solving problems. PumpkinRaising is Level 2 of series of 3 machines under Mission-Pumpkin v1.0. The Level 1 ends by accessing PumpkinGarden_Key file, this level is all about identifying
(4 Flags - Seed ID’s) and gain access to root and capture final file.
3096B85001AEAA7620A3A82EA1858A82
7CD4AD889BE6CE5C83FFA954C31ECDEBDF0121F0
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Escalate_Linux: 1
30 Jun 2019
Manish Gupta
Escalate_Linux
2.3 GB
https://download.vulnhub.com/escalatelinux/Escalate_Linux.ova
Escalate_Linux - A intentionally developed Linux vulnerable virtual machine.The main focus of this machine is to learn Linux Post Exploitation (Privilege Escalation) Techniques.
“Escalate_Linux” A Linux vulnerable virtual machine contains different features as.
EE35F30696C88FE5BB3138ADB40F17C7
BD731E9483947A1C3BDAC81F496F9E76B31EAAAC
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

symfonos: 1
29 Jun 2019
Zayotic
symfonos
739 MB
https://download.vulnhub.com/symfonos/symfonos1.7z
Beginner real life based machine designed to teach a interesting way of obtaining a low priv shell. SHOULD work for both VMware and Virtualbox.
Note: You may need to update your host file for
A26759752F413FCD6BA7BE31B0D7862D
126D57358E7B9AD713CF269A7F38E66B5D798744
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Mission-Pumpkin v1.0: PumpkinGarden
28 Jun 2019
Jayanth
Mission-Pumpkin v1.0
773 MB
https://download.vulnhub.com/missionpumpkin/PumpkinGarden.ova
Mission-Pumpkin v1.0 is a beginner level CTF series, created by keeping beginners in mind. This CTF series is for people who have basic knowledge of hacking tools and techniques but struggling to apply known tools. I believe that machines in this series will encourage beginners to learn the concepts by solving problems. PumpkinGarden is Level 1 of series of 3 machines under Mission-Pumpkin v1.0. The end goal of this CTF is to gain access to
file stored in the root account.
8ED5015BDC5E1A00A7BC86F979254EAC
73F72BC5440258EB9AE2D8D05BFD31764A576B0A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Mission-Pumpkin v1.0: PumpkinFestival
17 Jul 2019
Jayanth
Mission-Pumpkin v1.0
841 MB
https://download.vulnhub.com/missionpumpkin/PumpkinFestival.ova
Mission-Pumpkin v1.0 is a beginner level CTF series, created by keeping beginners in mind. This CTF series is for people who have basic knowledge of hacking tools and techniques but struggling to apply known tools. I believe that machines in this series will encourage beginners to learn the concepts by solving problems.
PumpkinFestival is Level 3 of series of 3 machines under Mission-Pumpkin v1.0. The Level 1 ends by accessing PumpkinGarden_Key file. Level 2 is about identifying pumpkin seeds. In this level (Level 3) it is time for Pumpkin Festival, the goal is to reach root and access and collect on the way.
B1CB13BF860D20D149E306FFAE9F4C66
848FD03D47B464293AA40ED149D70EA1A2461FC6
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

symfonos: 2
18 Jul 2019
Zayotic
symfonos
1.1 GB
https://download.vulnhub.com/symfonos/symfonos2.7z
OSCP-like Intermediate real life based machine designed to teach the importance of understanding a vulnerability. SHOULD work for both VMware and Virtualbox.

DD95AAB0BEC0D9E8DC2CC244D4FF23B9
9A36FAD87B0A81149391F11430C9218BBB0A853B
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

CSRF Minefield: 1
15 May 2019
Uday Mittal
CSRF Minefield
3.0 GB
https://download.vulnhub.com/csrfminefield/CSRF-Minefield-V1.0.zip
CSRF Minefield is an Ubuntu Server 18.04 based virtual machine, that is heavily ridden with Cross-Site Request Forgery (CSRF) vulnerabilities. This VM hosts 11 real-world web applications that were found vulnerable to CSRF vulnerability and your aim is to find them and detonate them before they explode the target network.
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the attacker has no way to see the response to the forged request. - As a starting point, you can use the following resources by the OWASP Project: In case you run into any troubles, contact me on @yaksas443 (twitter) or csc[at]yaksas[dot]in May the force be with you! Credits (vulnerability researchers):
8978E6940110D281904EA95E37F100BF
A6CCA2E12DA89975E49CAE427F23A60D3FB780AB
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 5
21 Apr 2019
DCAU
DC
521 MB
https://download.vulnhub.com/dc/DC-5.zip
DC-5 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
The plan was for DC-5 to kick it up a notch, so this might not be great for beginners, but should be ok for people with intermediate or better experience. Time will tell (as will feedback). As far as I am aware, there is only one exploitable entry point to get in (there is no SSH either). This particular entry point may be quite hard to identify, but it is there. You need to look for something a little out of the ordinary (something that changes with a refresh of a page). This will hopefully provide some kind of idea as to what the vulnerability might involve. And just for the record, there is no phpmailer exploit involved. The ultimate goal of this challenge is to get root and to read the one and only flag. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward. But if you’re really, really stuck, you can watch this video which shows the first step. DC-5 is a VirtualBox VM built on Debian 64 bit, but there shouldn’t be any issues running it on most PCs. I have tested this on VMWare Player, but if there are any issues running this VM in VMware, have a read through of this. It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox or VMWare and away you go. While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. I’m also very interested in hearing how people go about solving these challenges, so if you’re up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you’ve DM’d me if you’d prefer). I can be contacted via Twitter - @DCAU7
AB856B4F43F829F8235F4EA701DD22FD
C6881E15881F056248D7E6B7FAFE4F1E77641C17
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 6
26 Apr 2019
DCAU
DC
619 MB
https://download.vulnhub.com/dc/DC-6.zip
DC-6 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
This isn’t an overly difficult challenge so should be great for beginners. The ultimate goal of this challenge is to get root and to read the one and only flag. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward. DC-6 is a VirtualBox VM built on Debian 64 bit, but there shouldn’t be any issues running it on most PCs. I have tested this on VMWare Player, but if there are any issues running this VM in VMware, have a read through of this. It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox or VMWare and away you go. NOTE: I’ve used 192.168.0.142 as an example. You’ll need to use your normal method to determine the IP address of the VM, and adapt accordingly. This is VERY important. And yes, it’s another WordPress based VM (although only my second one). While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. I’m also very interested in hearing how people go about solving these challenges, so if you’re up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you’ve DM’d me if you’d prefer). I can be contacted via Twitter - @DCAU7 OK, this isn’t really a clue as such, but more of some “we don’t want to spend five years waiting for a certain process to finish” kind of advice for those who just want to get on with the job. cat /usr/share/wordlists/rockyou.txt | grep k01 > passwords.txt That should save you a few years. 
8F873D9D6FB28711F7A475ECE6F678B3
21B782C260F0E20FFE39DF762CD6B90B3F3888A2
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 2
22 Mar 2019
DCAU
DC
847 MB
https://download.vulnhub.com/dc/DC-2.zip
Much like DC-1, DC-2 is another purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing.
As with the original DC-1, it’s designed with beginners in mind. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. Just like with DC-1, there are five flags including the final flag. And again, just like with DC-1, the flags are important for beginners, but not so important for those who have experience. In short, the only flag that really counts, is the final flag. For beginners, Google is your friend. Well, apart from all the privacy concerns etc etc. I haven’t explored all the ways to achieve root, as I scrapped the previous version I had been working on, and started completely fresh apart from the base OS install. DC-2 is a VirtualBox VM built on Debian 32 bit, so there should be no issues running it on most PCs. While I haven’t tested it within a VMware environment, it should also work. It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox and away you go. Please note that you will need to set the hosts file on your pentesting device to something like: Obviously, replace 192.168.0.145 with the actual IP address of DC-2. It will make life a whole lot simpler (and a certain CMS may not work without it). If you’re not sure how to do this, instructions are here. While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. This is the second vulnerable lab challenge that I’ve created, so feel free to let me know what you think of it. I’m also very interested in hearing how people go about solving these challenges, so if you’re up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you’ve DM’d me if you’d prefer). I can be contacted via Twitter - @DCAU7
F66A5E3AA422A20A526DD4D1018F599B
906D1930E008BBA5DBA06BBC2E59B2D6E908BEC5
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Silky-CTF: 0x01
27 Apr 2019
Silky
Silky-CTF
2.5 GB
https://download.vulnhub.com/silky/Silky-CTF_0x01.ova
Simple Boot2root for beginner/immediate. This challenge is made for the Security Hackadeny (https://www.security-hackademie.de/). Made for virtualbox

3664D8EFBAEDED2CE75088E7AE8BB133
5A89FB96D955FADE75CD2DC0EAC183A96A55BDA4
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Oz: 1
29 May 2019
inCIDRthreat & Mumbai
Oz
1.9 GB
https://download.vulnhub.com/oz/Oz.zip
Oz was originally created and submitted to HackTheBox. It is a medium/hard boot2root challenge. The Oz box has 2 flags to find (user and root) and has a direct route for each, no need to bruteforce access. It is a slightly trolly box with real world vulnerabilities. The OVF has been tested on VirtualBox, VMware Fusion, and VMware Workstation.
If you have questions or concerns we can be contacted via Twitter - @incidrthreat and @ilove2pwn_
8D840CA1C92FEA9C1BC6E13653476361
7C697328955A45EB2671C08A8D2B7F618FA37142
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Silky-CTF: 0x02
27 Apr 2019
Silky
Silky-CTF
2.3 GB
https://download.vulnhub.com/silky/Silky-CTF_0x02.ova
This is the second Simple Boot2root for the Security Hackadeny (https://www.security-hackademie.de/) and for virtualbox. Try to break in and get the User and root Flag

E00F10E0D0D043AB1F6BE024B26E9253
0A3FE9CE86E29F26E78CFEB91ED36BA811941D23
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 3.2
25 Apr 2020
DCAU
DC
1005 MB
https://download.vulnhub.com/dc/DC-3-2.zip
DC-3 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
As with the previous DC releases, this one is designed with beginners in mind, although this time around, there is only one flag, one entry point and no clues at all. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward. For those with experience doing CTF and Boot2Root challenges, this probably won’t take you long at all (in fact, it could take you less than 20 minutes easily). If that’s the case, and if you want it to be a bit more of a challenge, you can always redo the challenge and explore other ways of gaining root and obtaining the flag. DC-3 is a VirtualBox VM built on Ubuntu 32 bit, so there should be no issues running it on most PCs. Please note: There was an issue reported with DC-3 not working with VMware Workstation. To get around that, I recommend using VirtualBox, however, I have created a separate DC-3 VMware edition for those who can only use VMware. It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox and away you go. While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. I’m also very interested in hearing how people go about solving these challenges, so if you’re up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you’ve DM’d me if you’d prefer). I can be contacted via Twitter - @DCAU7This works better with VirtualBox rather than VMware## Changelogv3.2 - 2020-04-25v3.0 - 2019-03-26
3DD0C0B4E96D593FBEADEC1EFC6B50C8
63FB4EFCE0D347CA5BAA39F949FD92FFEA212589
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

jigsaw: 1
10 May 2019
Zayotic
jigsaw
931 MB
https://download.vulnhub.com/jigsaw/jigsaw.7z
Name: jigsaw: 1
Difficulty: Hard Tested: VMware Workstation 15 Pro & VirtualBox 6.0 DHCP Enabled This works better with VirtualBox than VMware.Note, Check for ARP rather than port scans.
517AAA2B3D59CD0A82B0F70E5B7D12D3
8FFC1A904FE3D1B9BD08A9D247C30BDE5934295E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 4
7 Apr 2019
DCAU
DC
617 MB
https://download.vulnhub.com/dc/DC-4.zip
DC-4 is another purposely built vulnerable lab with the intent of gaining experience in the world of penetration testing.
Unlike the previous DC releases, this one is designed primarily for beginners/intermediates. There is only one flag, but technically, multiple entry points and just like last time, no clues. Linux skills and familiarity with the Linux command line are a must, as is some experience with basic penetration testing tools. For beginners, Google can be of great assistance, but you can always tweet me at @DCAU7 for assistance to get you going again. But take note: I won’t give you the answer, instead, I’ll give you an idea about how to move forward. DC-4 is a VirtualBox VM built on Debian 32 bit, so there should be no issues running it on most PCs. If there are any issues running this VM in VMware, have a read through of this. It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox and away you go. While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. I’m also very interested in hearing how people go about solving these challenges, so if you’re up for writing a walkthrough, please do so and send me a link, or alternatively, follow me on Twitter, and DM me (you can unfollow after you’ve DM’d me if you’d prefer). I can be contacted via Twitter - @DCAU7
20BEE5882154CCD447602F757D3B7423
184ECEDF85492AADCA84A8E7E2AD5CAE13CE4B19
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

A Get A Post: 1
28 Apr 2019
Fl3x
A Get A Post
1.8 GB
https://download.vulnhub.com/agetapost/ctf_a_get_a_post_v1_by_Fl3x.zip
After the hacking of their french website, the website is under maintenance with restricted access to admins … Multiple bugs and flaws are still present on the website and hackers can penetrate and take control of the server … Difficulty : educative challenge for beginner… Seven flags to collect… Good luck and happy hacking !!

6AF224E826AC305E58D2387ED9B1B6EB
AA9DA0174A8619C6B832E7BC09C9235BE013578E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

2much: 1
11 Jun 2019
4ndr34z
2much
4.5 GB
https://download.vulnhub.com/2much/2much.tar.gz
2Much was made for pen-testing practice. When I worked on it, it hit me; Wouldn’t be great to have an extra vulnerability on the host itself? As an extra bonus? It is at medium level difficulty. Enumeration is the key.
The vm contains both user and root flags. If you don’t see them, you need to try harder… Built and tested on VMWare ESXi and Fusion. DHCP-client Need any hints? Feel free to contact me on Twitter: @4nqr34zThis works better with VirtualBox rather than VMware.
7E0B8B96BF6E5F50FBBCFA1C9C6970D6
6C16AA98D4B112B0FB6CA6535063384BFEB66096
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

digitalworld.local: JOY
31 Mar 2019
Donavan
digitalworld.local
3.3GB
https://download.vulnhub.com/digitalworld/JOY.7z
Does penetration testing spark joy? If it does, this machine is for you.
This machine is full of services, full of fun, but how many ways are there to align the stars? Perhaps, just like the child in all of us, we may find joy in a playground such as this. This is somewhat OSCP-like for learning value, but is nowhere as easy to complete with an OSCP exam timeframe. But if you found this box because of preparation for the OSCP, you might as well try harder. If you MUST have hints for this machine (even though they will probably not help you very much until you root the box!): Joy is (#1): https://www.youtube.com/watch?v=9AvWs2X-bEA, (#2): something that should be replicated, (#3): what happens when you clean out seemingly “hidden” closets. Note: There are at least two reliable ways of obtaining user privileges and rooting this machine. Have fun. Feel free to contact the author at https://donavan.sg/blog if you would like to drop a comment.
134B6D5F6844439352671AECA38DA84D
11D09686EC959F9D5E5A1CBFF335648E80D2E58C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Sputnik: 1
4 Apr 2019
Ameer Pornillos
Sputnik
1.7 GB
https://download.vulnhub.com/sputnik/Sputnik.ova
Sputnik is an easy level boot2root machine designed to be a challenge for security enthusiasts to learn and practice compromising machines and penetration testing.
The vulnerable machine was made as a boot2root CTF challenge for an InfoSec community wherein CTF challenges were made by hackstreetboys (a CTF team from Philippines).
3A904C30947A3BE9F4DB3C6EB4E2D7E0
54AD6E9CEE41703CFA941019AB5993031217A7D4
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SP: harrison
14 Apr 2019
Daniel Solstad
SP
1.2GB
https://download.vulnhub.com/sp/harrison-v1.0.0.7z
Can you break free from Harrison’s prison?
Flags - /root/flag.txt Tested with VirtualBox DHCP enabled Difficulty: Intermediate Should not be as easy as to just run a MSF module to get root right away, if so please let me know.Doesn’t always get an IP address nicely with DHCP.
E25FA54CD19FED0D205CB925B7AAE00C
57164344416E5AECC52D8F16669A88CB6C179972
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

unknowndevice64: 2
26 Mar 2019
Ajay Verma
unknowndevice64
1.7 GB
https://download.vulnhub.com/unknowndevice64/unknowndevice64-V2.0.ova
: unknowndevice64 v2.0 is a beginner level boot2root challenge. The OVA has been tested on both VMware (with some fix provided in this video https://www.youtube.com/watch?v=scRpxo8fra4) and Virtual Box.
: Beginner : Your Goal is to get root and read flag.txt with at least two different ways. : - DHCP: Enabled - IP Address: Automatically assigned : Follow your intuitions … and enumerate! and for any questions, feel free to contact me on Twitter: @unknowndevice64 Happy Hacking…!!!You may need to add nomodeset to GRUB with VMware. Afterwards, wait a little longer (30 seconds)
9CEBD322AF81541F04608B0CACBD201E
DE3DAA174FB224CE13512AB36C1A3E31A5350B7B
Virtual Machine (Virtualbox - OVA)
Android
Enabled
Automatically assign

HackInOS: 1
9 Mar 2019
Fatih Çelik
HackInOS
3.1 GB
https://download.vulnhub.com/hackinos/HackInOS.ova
HackinOS is a beginner level CTF style vulnerable machine. I created this VM for my university’s cyber security community and all cyber security enthusiasts. I thank to Mehmet Oguz Tozkoparan, Ömer Faruk Senyayla and Tufan Gungor for their help during creating this lab.
: is meant to be there!
BBDCFD18C41CC69C2EA13D92D49516FD
C29FD5676BCD1A3FB7343A4F910FFD4E3AE572B7
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Overflow: 1
1 Apr 2019
Fred Wemeijer
Overflow
494 MB
https://download.vulnhub.com/overflow/Overflow.ova
A new machine works in VirtualBox. Two flags: user and root. Some easy overflow stuff.
Doesn’t get a NIC out of the box with VMware. Recommend VirtualBox
4D2AD7DB8E706B7479B7E66CA2A35702
EE0BC569C159284578A09393E502A2CB2E3DA0ED
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Zeus: 1
20 Apr 2019
Vasile Revnic
Zeus
1.4 GB
https://download.vulnhub.com/zeus/zeus-ovf.zip
: Zeus is an intermediate level boot2root VM. Your goal is to get root and read the flags. Tested on VMware.
: Medium : user.txt and root.txt : Static IP ~
35871511556871F51C91955B6ADE32C6
ED9C4AEA7862AE153E039ED579182B14B9C98FD6
Virtual Machine (Virtualbox - OVA)
Linux
Disabled
192.168.131.170

Cybero: 1
23 Apr 2019
Ramal H-ev
Cybero
691 MB
https://download.vulnhub.com/cybero/Cybero.ova
middle-class lab
There are different tasks in the lab. It is very joyful.
5C80FF36054C3DBE57AD1E15DE19429E
0990A4ED5C43DF3115358A2ABD1395FCAB275341
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

digitalworld.local: TORMENT
31 Mar 2019
Donavan
digitalworld.local
2.5 GB
https://download.vulnhub.com/digitalworld/TORMENT.7z
This is the evil twin of JOY. Unlike JOY, this machine is designed to drive you crazy. Stephen Hawking once mentioned, “God plays dice and throws them into places where they cannot be seen.”
The dice for the machine can all be found on the Internet. Like all other machines built by me, you should not torment yourself by brute force. But perhaps, JOY and TORMENT are two sides of the same coin of satisfaction? Can we really spark joy if we can’t first be tormented to endure sufferance? This machine guarantees to teach you some new ways of looking at enumeration and exploitation. Unlike all the other OSCP-like machines written by me, this machine will be mind-twisting and maybe mind-blowing. You may lose your mind while at it, but we will still nudge you to… try harder! This is NOT an easy machine and you should not feel discouraged if you spend a few days headbanging on this machine. At least three competent pentesters I have asked to test this machine report days (thankfully not weeks) of head banging and nerve wrecking. Do this machine if you enjoy being humbled. If you MUST have hints for this machine (even though they will probably not help you very much until you root the box!): Torment is (#1): what happens when you can’t find your answer on Google, even though it’s there, (#2): what happens when you plead for mercy, but do not succeed, (#3): https://www.youtube.com/watch?v=7ge1yWot4cE Feel free to contact the author at https://donavan.sg/blog if you would like to drop a comment.
7B55B079A859D8FA0ADC4DBEDC87C0BD
117E303FE35E4ACB68219271104275D384617400
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HappyCorp: 1
5 Mar 2019
Zayotic
HappyCorp
913 MB
https://download.vulnhub.com/happycorp/happycorp1.7z

This works better with VirtualBox rather than VMware
AB3FB85176DCF9A81BEFCBA0D90A87DE
AB53409425E030ED60F63C89C6EF9706DB84D031
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SP: jerome (v1.0.1)
25 Jun 2019
Daniel Solstad
SP
1.6 GB
https://download.vulnhub.com/sp/jerome-v1.0.1.7z
Jerome has created some awesome recipes. Can you find them?
Flags - /root/flag.txt - /home/jerome/flag.txt Tested with VirtualBox DHCP enabled Difficulty: Intermediate Should not be as easy as to just run a MSF module to get root right away, if so please let me know.Doesn’t always get an IP address nicely with DHCP.## Changelogv1.0.1 - 2019-06-25v1.0.0 - 2019-04-19
C7EB7CE96D6CA78130F40180AE128115
EEE41F0D777907CA24CC5D41BBDBF11F70E1E09F
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

unknowndevice64: 1
9 Mar 2019
Ajay Verma
unknowndevice64
283 MB
https://download.vulnhub.com/unknowndevice64/unknowndevice64-V1.0.ova
: unknowndevice64 v1.0 is a medium level boot2root challenge. The OVA has been tested on both VMware and Virtual Box.
: Intermediate : Your Goal is to get root and read /root/flag.txt : : Follow your intuitions … and enumerate! and for any questions, feel free to contact me on Twitter: @unknowndevice64 Happy Hacking…!!!
63D05E2943258D47C296C03AFFD28839
21AAEC6CF3E1D298F8883F2212ACE5ABDC9663D4
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Chatty: 1 & 2 (v5)
9 Aug 2018
Hélvio Junior
Chatty
6.3 GB
https://download.vulnhub.com/chatty/chatty1_v5.ova
N/A
## Changelogv5 - 2018-08-09 - Auto discover, FDE, GRUB and other misc fixesv1 - 2018-08-09
26FDD4C740E49353D234331B519C21B4
43044130FDC29E6388A68C9ADF0BAFE20DAE9137
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Stack Overflows for Beginners: 1.0.1
16 Jun 2019
Jack Barradell-Johns
Stack Overflows for Beginners
5.7 GB
https://download.vulnhub.com/stackoverflow/IntroToStackOverflow_v1.0.1.ova
A series of challenges to test basic stack overflow skills, originally developed for the Sheffield University Ethical Hacking Society.
Starting as level0 exploit a binary owned by the next user to get the flag. There are 5 flags to collect: Each flag is the corresponding users password, so once you exploit the binary owned by level1 and get the level1 flag, you can su to level1 and take on the next challenge To start boot the machine and login as: You’ll find the first binary to exploit is: You may want to increase the resources allocated to the machine## Changelogv1.0.1 - 2019-06-16 ~ Bug fixesv1.0.0 - 2019-02-26
841359863B0E577F536CC2D712FB8024
A30FB1A203AEF3245FDD3B252A4D0ED981FB3F27
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Kuya: 1
21 Dec 2018
Ashhad
Kuya
692 MB
https://download.vulnhub.com/kuya/Kuya.ova
A Boot2Root machine with hints of CTF
In total there are 3 flags and you will be required to use some CTF skills to solve it.
5A3412C99D5D02556055655F5ABB6BF9
385106DFFBF6F82797583D08E386E55C19F0B715
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Born2Root: 2
28 Feb 2019
Hadi Mene
Born2Root
3.0 GB
https://download.vulnhub.com/born2root/Born2rootv2.ova
N/A

542A01824EE985B86A33AE632FA96BDB
7E5C3F63FA127B79CC5E5E6CA14147031A1EC0B5
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

NorzhCTF: 2019 (Basilic)
26 Jan 2019
DrStache
NorzhCTF
635 MB
https://download.vulnhub.com/norzhctf/Basilic.ova
Name: Basilic Author: DrStache
The Basilic VM was created as part of NorzhCTF 2019. A Python developer has put a website online. Your goal is to compromise the different users of the server and gain root privileges. There are 4 flags to retrieve, they are in md5 format. Difficulty: Intermediate / Hard Categories: Web, Jail, Crypto, PrivEsc For any questions, feel free to contact me on Twitter: @DrStache_
0EF9BD1D542F291FF652205AD3C136EE
B7E66C99B72955FB1144D0D09D80480EE3B61043
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

The Beast: 2
8 Feb 2019
Avraham Cohen
The Beast
4.6 GB
https://download.vulnhub.com/thebeast/TheBeast.zip
The Beast 2 is an intermediate level boot2root VM. Capture the flag event, can you follow the hints?. Can you still breach The Beast?

4583229DCA3B1C8895FEC7531477D696
DD77233E6BCDB891E69EC86EC041CBF6ADACC17C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Web Developer: 1
5 Nov 2018
Fred Wemeijer
Web Developer
1.3 GB
https://download.vulnhub.com/webdeveloper/WebDeveloper.ova
A machine using the newest
Server, the newest and containing some …## Changelogv1 - 2018/11/05Beta - 2018/9/22
A54D454764A61C8E18B1BE5995918B94
552F63BB245A390268BD7EE26623F86CE0F8962C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

MEA-CTF: 1
28 Jan 2019
SecuritySura
MEA-CTF
1.1 GB
https://download.vulnhub.com/mea/MEA-CTF-1.zip
DHCP service: Enabled
IP address: Automatically assign Ultimate goal : find the /root/root.txt Difficulty for user: Medium Difficulty for root: Easy/MediumFull Disk Encryption (FDE) is enabled.Enter the username/password from the README to fully boot up the VM.
A6699378F441E9E4F1DE5A06B41BA396
AAAEA2B6514DCEE64EAD5AD9C7D8F75500525E81
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC: 1
28 Feb 2019
DCAU
DC
733 MB
https://download.vulnhub.com/dc/DC-1.zip
DC-1 is a purposely built vulnerable lab for the purpose of gaining experience in the world of penetration testing.
It was designed to be a challenge for beginners, but just how easy it is will depend on your skills and knowledge, and your ability to learn. To successfully complete this challenge, you will require Linux skills, familiarity with the Linux command line and experience with basic penetration testing tools, such as the tools that can be found on Kali Linux, or Parrot Security OS. There are multiple ways of gaining root, however, I have included some flags which contain clues for beginners. There are five flags in total, but the ultimate goal is to find and read the flag in root’s home directory. You don’t even need to be root to do this, however, you will require root privileges. Depending on your skill level, you may be able to skip finding most of these flags and go straight for root. Beginners may encounter challenges that they have never come across previously, but a Google search should be all that is required to obtain the information required to complete this challenge. DC-1 is a VirtualBox VM built on Debian 32 bit, so there should be no issues running it on most PCs. While I haven’t tested it within a VMware environment, it should also work. It is currently configured for Bridged Networking, however, this can be changed to suit your requirements. Networking is configured for DHCP. Installation is simple - download it, unzip it, and then import it into VirtualBox and away you go. While there should be no problems using this VM, by downloading it, you accept full responsibility for any unintentional damage that this VM may cause. In saying that, there shouldn’t be any problems, but I feel the need to throw this out there just in case. This is the first vulnerable lab challenge that I’ve created, so feel free to let me know what you think of it. I can be contacted via Twitter - @DCAU7
D052D37F7C819A2B5488FE2BFF4571D8
BDDCADF7E8CFA1FF8BE04E446886EAD50B33761D
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Casino Royale: 1
23 Feb 2019
creosote
Casino Royale
2.6 GB
https://download.vulnhub.com/casinoroyale/CasinoRoyale.ova
Will you gain your status as a 00 agent?

E071600B7D60E476CA9A9C5D777A8DF4
B93AD21074619CB60B6976C3BBB78684B5C297D9
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

myHouse7: 1
2 Nov 2018
thepcn3rd
myHouse7
2.6 GB
https://download.vulnhub.com/myhouse7/myhouse7-exported.7z
myHouse7 is a vulnerable virtual machine with multiple docker images setup to be a capture-the-flag (CTF) challenge. The goal of this vulnerable virtual machine is to present a lab where you can learn and practice to pivot through the subnets to be able to compromise all of the hosts/containers except 1.
This CTF challenge consists of a total of 20 flags. The virtual machine that is provided contains 2 flags and each docker image/container when running contains 3 additional flags with exception to 1 host. The 1 host that is the exception has no flags. (A mistake that I made was to name 2 flags the same.) The structure of each flag is as follows: {{tryharder:xxx}}. The xxx in the example could be a single digit or up to 4 digits. Below is a network diagram of the setup which may or may not be accurate. The virtual machine represents the firewall in the network diagram below. A total of 7 docker images/containers launch each time the virtual machine loads. You are able to download this file from my Google Drive at this link. The file is 2.7GB compressed with 7-zip. The file is a compressed OVF exported virtual machine from VMWorkstation 14. After importing the virtual machine, the first time that it loads will take upwards of 15 minutes due to building the environment and decompressing the docker images. After the first time you load the virtual machine it will be quicker due to only having to load the docker images into containers.
1194A465B839602CFAA9C06DA6F1071C
FFEFA2283D48C98BAACE90FB1ED93C1AA464C925
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Replay: 1
10 Dec 2018
c0rruptedb1t
Replay
2.5 GB
https://download.vulnhub.com/replay/Replay_CTF.ova
Replay is a sequel to Bob my first CTF. What sort of terrible redneck netsec engineering has Bob done now?
Your Goal is to get root and read /flag.txt Note: There are three difficulties Hard: No Changelog.txt, no hex editor Mid: Read Changelog.txt, no hex editor Easy: Anything goes
217E18ABFFEEE1DDB817C7AC77430B6C
E89C937094F0817B139529B21608C871020497C8
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Raven: 2
9 Nov 2018
William McCann
Raven
765 MB
https://download.vulnhub.com/raven/Raven2.ova
Raven 2 is an intermediate level boot2root VM. There are four flags to capture. After multiple breaches, Raven Security has taken extra steps to harden their web server to prevent hackers from getting in. Can you still breach Raven?

00AEF24C4524650724124F5827E4F757
B671E6788C02EAC577D45525DC4413B74F1BB2F1
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SP: eric
9 Dec 2018
Daniel Solstad
SP
501 MB
https://download.vulnhub.com/sp/eric-v1.0.0.7z
Eric is trying to reach out on the Internet, but is he following best practice?
Flags - /root/flag.txt - /home/eric/flag.txt Tested with VirtualBox DHCP enabled Difficulty: Beginner Should not be as easy as to just run a MSF module to get root right away, if so please let me know.Doesn’t always get an IP address nicely with DHCP.
C17D4AA800EBDD540D3A710AF978BACF
694121663C4050574C7914BBAB30602CE6FF155A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

digitalworld.local: DEVELOPMENT
28 Dec 2018
Donavan
digitalworld.local
2.7 GB
https://download.vulnhub.com/digitalworld/devt-improved.7z
This machine reminds us of a DEVELOPMENT environment: misconfigurations rule the roost. This is designed for OSCP practice, and the original version of the machine was used for a CTF. It is now revived, and made slightly more nefarious than the original.
If you MUST have hints for this machine (even though they will probably not help you very much until you root the box!): Development is (#1): different from production, (#2): a mess of code, (#3): under construction. Note: Some users report the box may seem to be “unstable” with aggressive scanning. The homepage gives a clue why. Feel free to contact the author at https://donavan.sg/blog if you would like to drop a comment.
673C85EF71F8B9DF5625848BBB4E0AC4
FD8AEAE22C7A9F368E6D0A200AB9411A7A2753CA
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SP: christophe (v1.0.2)
9 Dec 2018
Daniel Solstad
SP
709 MB
https://download.vulnhub.com/sp/christophe-v1.0.2.7z
Christophe is creating a web page for his resistance. Will he succeed?
Flags - /root/flag.txt - /home/christophe/flag.txt Tested with VirtualBox DHCP enabled Difficulty: Intermediate Should not be as easy as to just run a MSF module to get root right away, if so please let me know.Doesn’t always get an IP address nicely with DHCP.## Changelogv1.0.2 = 2019-04-14v1.0.1 = 2019-03-30v1.0.0 = 2018-12-09
9ED59A6EAD4F7089520C92DF1074140C
65D631463489D41B79399F7B4628F71E6DA5F7A2
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Gittysburg: 1
22 Oct 2018
William McCann
Gittysburg
3.4 GB
https://download.vulnhub.com/gittysburg/Gittysburg.ova
Gittysburg is an intermediate level boot2root vulnerable VM. There are four flags to capture. Will you be able to git root?
Doesn’t always get an IP address nicely with DHCP.
C6C50E777AC6D86A739E37745FA6FF5C
C01646395807763CF8B77488E109908E6A983CA2
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SP: leopold (v1.2)
21 Sep 2019
Daniel Solstad
SP
767 MB
https://download.vulnhub.com/sp/leopold-v1.2.ova
Leopold is a poor adventurous little Internet user trying to find amusement.
Flags - /root/flag.txt - /home/leopold/flag.txt Tested with VirtualBox DHCP enabled Difficulty: Beginner/Intermediate Should not be as easy as to just run a MSF module to get root right away, if so please let me know.Didn’t like to be imported to VMware.## Changelog2019-09-21 ~ v1.22018-12-09 ~ v1
A0AE73598D4D47E828E263F9CDAF1742
88B7BF2BF6A774F03F4E7A5E71D045871BFA429E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

RootThis: 1
5 Dec 2018
Fred Wemeijer
RootThis
866 MB
https://download.vulnhub.com/rootthis/RootThis.ova
N/A

8356CADA7930749D8FD737FA8DE229CB
7782386B599873689A3F660BD7948D8F0034FD00
Virtual Machine (Virtualbox - OVA)
BSD
Enabled
Automatically assign

SP: ike (v1.0.1)
9 Dec 2018
Daniel Solstad
SP
672 MB
https://download.vulnhub.com/sp/ike-v1.0.1.7z
Ike is a servant of something which also starts with “I” and has only three letters.
Flags - /root/flag.txt - /home/ike/flag.txt Tested with VirtualBox DHCP enabled Difficulty: Intermediate Should not be as easy as to just run a MSF module to get root right away, if so please let me know.Doesn’t always get an IP address nicely with DHCP.## Changelog- v1.0.1 - 2019-02-02- v1 - 2018-12-09
E586C81EA4B01BD0C2561F300D8C1C8E
AF597A78A7AC3F78B081F728F053DE5AF61B38A8
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Matrix: 2
21 Dec 2018
Ajay Verma
Matrix
394 MB
https://download.vulnhub.com/matrix/matrix2-Unknowndevice64.ova
Matrix v2.0 is a medium level boot2root challenge. The OVA has been tested on both VMware and Virtual Box.
Difficulty: Intermediate Flags: Your Goal is to get root and read /root/flag.txt Networking: Hint: Follow your intuitions … and enumerate!
700E7735532EC91FF067D76310AD2A99
B48D78F4D7423863170E5AA2770D63C23FDEBE93
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SP: jenkins
9 Dec 2018
Daniel Solstad
SP
1.3 GB
https://download.vulnhub.com/sp/jenkins-v1.0.0.7z
Jenkins will hack you into pieces! Watch out. He usually works alone, but sometimes he tries to work with his imaginary friends.
Flags - /root/flag.txt - /home/jenkins/flag.txt Tested with VirtualBox DHCP enabled Difficulty: Intermediate Should not be as easy as to just run a MSF module to get root right away, if so please let me know.
DB0B45141AA4D04B850FAC8193FF911C
662DD938806256274A1F3F2D5E3DCDA7F2CB30C6
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

W34kn3ss: 1
14 Aug 2018
askar
W34kn3ss
865 MB
https://download.vulnhub.com/w34kn3ss/W34KN3SS.ova
The matrix is controlling this machine, neo is trying to escape from it and take back the control on it , your goal is to help neo to gain access as a “root” to this machine , through this machine you will need to perform a hard enumration on the target and understand what is the main idea of it , and exploit every possible “weakness” that you can found , also you will be facing some upnormal behaviours during exploiting this machine.
This machine was made for Jordan’s Top hacker 2018 CTF , we tried to make it simulate a real world attacks “as much as possible” in order to improve your penetration testing skills , also we but a little tricky techniques on it so you can learn more about some unique skills. The machine was tested on vmware (player / workstation) and works without any problems , so we recommend to use VMware to run it , Also works fine using virtualbox. Difficulty: Intermediate , you need to think out of the box and collect all the puzzle pieces in order to get the job done. The machine is already got DHCP enabled , so you will not have any problems with networking. Happy Hacking !
10ACFB3E7D3C99EEFB177FDB64E7375B
53883DCA9631618F7C4248B47D51C0150955DC02
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

RSA: 1
14 Aug 2018
Fred Wemeijer
RSA
227 MB
https://download.vulnhub.com/rsa/RSAfun2018.ova
N/A

0808C18EC8A2A44357C7A53F95F993E5
8C0E711C803F18C094CE63AA7FF70891E647BFC2
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

digitalworld.local: MERCY v2
28 Dec 2018
Donavan
digitalworld.local
1.8GB
https://download.vulnhub.com/digitalworld/MERCY-v2.zip
MERCY is a machine dedicated to Offensive Security for the PWK course, and to a great friend of mine who was there to share my sufferance with me. 
MERCY is a name-play on some aspects of the PWK course. It is NOT a hint for the box. If you MUST have hints for this machine (even though they will probably not help you very much until you root the box!): Mercy is: (#1): what you always plead for but cannot get, (#2): a dubious machine, (#3): https://www.youtube.com/watch?v=c-5UnMdKg70 Note: Some report a kernel privilege escalation works on this machine. If it does, try harder! There is another vector that you should try! Feel free to contact the author at https://donavan.sg/blog if you would like to drop a comment.## ChangelogMERCY v2 - 2018-12-28MERCY v1 - 2018-09-28
A61E0381CAA57B06096B4FFAB2875307
2CF1BA89616DDCA3AE021440255068D9490BC90C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

XXE Lab: 1
8 Aug 2018
Haboob Team
XXE Lab
1.4 GB
https://download.vulnhub.com/xxe/XXE.zip
Haboob Team made this virtual machine regarding the published paper “XML External Entity Injection - Explanation and Exploitation” https://www.exploit-db.com/docs/45374 to exploit the vulnerability in a private network. We hope that you enjoy the challenge!
The challenge is right here:
246EE46CD256E269DCEE10336B1963CE
B903B6C46FAC360C8AE42C311FA6F75464A47966
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Pinky's Palace: v4
15 Oct 2018
Pink_Panther
Pinky's Palace
7.4 GB
https://download.vulnhub.com/pinkyspalace/Pinkys-Palacev4.7z
Pinky has setup a development environment to develop and test new software. He thinks his dev environment is pretty locked down security wise, what do you think?
Network (DHCP) Bridged Difficulty for user: Hard/Expert Difficulty for root: Hard/Expert Tested in VirtualBox
96142459801510153ED2B00888231B97
41D61CAEEB3BA7541805ED3EEBEADEB2EA1C76A8
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

CTF KFIOFan: 1
27 Aug 2018
Khaos Farbauti Ibn Oblivion
CTF KFIOFan
558 MB
https://download.vulnhub.com/kfiofan/CTF-KFIOFan.ova
Description : Two french people want to start the very first fanclub of the youtuber Khaos Farbauti Ibn Oblivion. But they’re not very security aware ! (IMPORTANT NOTE : The whole challenge is in french, including server conf. Which may add to the difficulty if you are non-native or using a non-azerty keyboard)
Difficulty : Beginner with some little non-usual twists Flag : There are four flags to find, not all of them on the solution path
5BB96EE05BBAAEA1FB9327698D9CD30F
86646C0D67D26F25D079434AA1851FFED0D4E5A1
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Matrix: 1
19 Aug 2018
Ajay Verma
Matrix
552 MB
https://download.vulnhub.com/matrix/Machine_Matrix.zip
Description: Matrix is a medium level boot2root challenge. The OVA has been tested on both VMware and Virtual Box.
Difficulty: Intermediate Flags: Your Goal is to get root and read /root/flag.txt Networking: DHCP: Enabled IP Address: Automatically assigned Hint: Follow your intuitions … and enumerate! For any questions, feel free to contact me on Twitter: @unknowndevice64
9ECF22AD48AFE814A1F68B808DF706A9
1A9EBF12AD012FE79E620A34047914F71DF5E711
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Typhoon: 1.02
31 Oct 2018
PrismaCSI
Typhoon
2.4 GB
https://download.vulnhub.com/typhoon/Typhoon-v1.02.ova
Typhoon Vulnerable VM
Typhoon VM contains several vulnerabilities and configuration errors. Typhoon can be used to test vulnerabilities in network services, configuration errors, vulnerable web applications, password cracking attacks, privilege escalation attacks, post exploitation steps, information gathering and DNS attacks. Prisma trainings involve practical use of Typhoon. MD5 (Typhoon-v1.02.ova) = 16e8fef8230343711f1a351a2b4fb695 OS: Linux Author: PrismaCSI Series: Typhoon Format: VM(OVA) DHCP service: Enabled IP address: Automatically assign
16E8FEF8230343711F1A351A2B4FB695
EEE0EFC7CB362CB55E1449D14AD2EC88E797AAFB
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

FourAndSix: 2.01
28 Oct 2018
Fred Wemeijer
FourAndSix
447 MB
https://download.vulnhub.com/fourandsix/FourAndSix2.ova
Task is to become root and read /root/flag.txt.

A84647510A01387E1B18F298B8CC5F14
4FE47B70D38A4DDBFF33D17C1F42BEDB2B3DB557
Virtual Machine (Virtualbox - OVA)
BSD
Enabled
Automatically assign

Moonraker: 1
14 Oct 2018
creosote
Moonraker
2.4 GB
https://download.vulnhub.com/moonraker/Moonraker.ova
You’ve received intelligence of a new Villain investing heavily into Space and Laser Technologies. Although the Villian is unknown we know the motives are ominous and apocalyptic.
Hack into the Moonraker system and discover who’s behind these menacing plans once and for all. Find and destroy the Villain before it’s too late! – Difficulty: Challenging – Flag is /root/flag.txt – Tested on VMware – DCHP enabled – No extra tools besides what’s on Kali by default – Learning Objectives: Client-side Attacks, NoSQL, RESTful, NodeJS, Linux Enumeration and Google-fu. Thanks to /u/limbernie on Reddit for testing! Good luck and have fun!
020A93868C223AEA5BB254FBE45D64A7
927FBF73DDC1A0CE5D3183CCA49D268361F5B32B
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Fowsniff: 1
27 Sep 2018
berzerk0
Fowsniff
767 MB
https://download.vulnhub.com/fowsniff/Fowsniff_CTF_ova.7z
I created this boot2root last year to be hosted on Peerlyst.com It’s beginner level, but requires more than just an exploitdb search or metasploit to run.
It was created in (and is intended to be used with) VirtualBox, and takes some extra configuration to set up in VMWare.
01867069CEB2B3B470F85C9F1EC52BC9
14F19D24D13BD86591B6BEBC319A9B6827F31BD0
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Raven: 1
14 Aug 2018
William McCann
Raven
1.4 GB
https://download.vulnhub.com/raven/Raven.ova
Raven is a Beginner/Intermediate boot2root machine. There are four flags to find and two intended ways of getting root. Built with VMware and tested on Virtual Box. Set up to use NAT networking.

045162F15E6387FF06A41C6D85CA6731
199836C80BACFEDAACC86FA8BDA759B5BE5E53EE
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SolidState: 1
12 Sep 2018
Ch33z_plz
SolidState
1.9 GB
https://download.vulnhub.com/solidstate/SolidState.zip
It was originally created for HackTheBox

073F821217CA153B35FE74C598F9BF63
02F8709513E07EA4F8BDFD6A98C6758237226B31
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

ch4inrulz: 1.0.1
31 Jul 2018
askar
ch4inrulz
577 MB
https://download.vulnhub.com/ch4inrulz/CH4INRULZ_v1.0.1.ova
Frank has a small website and he is a smart developer with a normal security background , he always love to follow patterns , your goal is to discover any critical vulnerabilities and gain access to the system , then you need to gain root access in order to capture the root flag.
This machine was made for Jordan’s Top hacker 2018 CTF , we tried to make it simulate a real world attacks in order to improve your penetration testing skills. The machine was tested on vmware (player / workstation) and works without any problems , so we recommend to use VMware to run it , Also works fine using virtualbox. Difficulty: Intermediate , you need to think out of the box and collect all the puzzle pieces in order to get the job done. The machine is already got DHCP enabled , so you will not have any problems with networking. Happy Hacking ! ## Changelogv1 - 25/07/2018v1.0.1 - 31/07/2018 Fixes DHCP Issue
472D24353036DC523D82AD923ABA76F5
D9427C908FCD3A88FB0E74C6C6C1E05AB3A33D2F
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Blacklight: 1
8 Jun 2018
Carter B
Blacklight
1.1 GB
https://download.vulnhub.com/blacklight/BLACKLIGHT.ova
N/A
This works better with VirtualBox rather than VMware
3914D9120416BFAA3DDC2DA7EDBF26EF
39CAE32E761E8E0A1C64B62D75AA29B189DE0320
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Node: 1
7 Aug 2018
Rob
Node
1.5 GB
https://download.vulnhub.com/node/Node.ova
Description: Node is a medium level boot2root challenge, originally created for HackTheBox. There are two flags to find (user and root flags) and multiple different technologies to play with. The OVA has been tested on both VMware and Virtual Box.

834B7BD03C73DC7B9005F62D7A4E586C
1A8DF8B6366FAC5F9405B47102F3DC4307863AD1
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

WebSploit2018: 1
27 Jun 2018
c4b3rw0lf
WebSploit2018
1.7GB
https://download.vulnhub.com/websploit2018/WebSploit2018.7z
WebSploit2018 is a collection of vulnerable web applications packed in a virtual environment.
This VM is intended for those who want to: Unpack the VM and run it in your virtualization software. It gets an IP address via DHCP System Login: user:websploit2018 password:websploit2018 Before attacking this VM remotely, you should edit your Penetration Testing machine’s hosts file(IP-websploit2018). Point your browser to http://websploit2018/ Happy WebApp hacking 
69665D15437BF779BA02A6451B73D8F6
23F5F818E6EF77ABA04FE4E0C68442D59A3CCF74
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

BSidesTLV: 2018 CTF
28 Jul 2018
Tomer ZaitBSidesTLV CTF Team
BSidesTLV
6.4 GB
https://download.vulnhub.com/bsidestlv2018/BSidesTLV-2018-CTF.ova
The 2018 BSidesTLV CTF competition brought together over 310 team burning the midnight oil to crack our challenged in a bout that lasted for two weeks! But you can now enjoy the same pain and suffering, using this easy to use, condensed VM that now hosts all our challenges in an easy to digest format. This VM now includes all challenges from the CTF:
In order to access the challenges you need to: Credentials: CTFd URL:
2389C3D88B9C420D8E1CA0B88DCB1651
D075907EDA45048AEB1F4A126770103FE12ED0C6
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Temple of Doom: 1
8 Jun 2018
0katz
Temple of Doom
2.8 GB
https://download.vulnhub.com/templeofdoom/temple-of-DOOM-v1.ova
[+] A CTF created by https://twitter.com/0katz
[+] Difficulty: Easy/Intermediate [+] Tested in VirtualBox [+] Note: 2 ways to get root!
24922956EB4C322DA4511021A20F5C2C
74DB3835835DB2F563E27C84993C15FBA64351EF
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Toppo: 1
12 Jul 2018
Hadi Mene
Toppo
558 MB
https://download.vulnhub.com/toppo/Toppo.zip
The Machine isn’t hard to own and don’t require advanced exploitation .
Level : Beginner DHCP : activated Inside the zip you will find a vmdk file , and I think you will be able to use it with any usual virtualization software ( tested with Virtualbox) . If you have any question : my twitter is @h4d3sw0rm Happy Hacking !
D6FDABBB6EE4260BDA9DB7FF438A4B9C
0A41156E81DCB5631FDC194CAAF1B90773225508
Virtual Machine (Virtualbox - VDI)
Linux
Enabled
Automatically assign

Lin.Security: 1
11 Jul 2018
In.security
Lin.Security
1.6 GB
https://download.vulnhub.com/linsecurity/lin.security_v1.0.ova
Here at in.security we wanted to develop a Linux virtual machine that is based, at the time of writing, on an up-to-date Ubuntu distro (18.04 LTS), but suffers from a number of vulnerabilities that allow a user to escalate to root on the box. This has been designed to help understand how certain built-in applications and services if misconfigured, may be abused by an attacker.
We have configured the box to simulate real-world vulnerabilities (albeit on a single host) which will help you to perfect your local privilege escalation skills, techniques and toolsets. There are a number challenges which range from fairly easy to intermediate level and we’re excited to see the methods you use to solve them! The image is just under 1.7 GB and can be downloaded using the link above. On opening the OVA file a VM named lin.security will be imported and configured with a NAT adapter, but this can be changed to bridged via the the preferences of your preferred virtualisation platform. To get started you can log onto the host with the credentials: bob/secret
F1154AE5C62AE78B35FED9AE7233869C
46096AC3F32D92FA849B3732023D7765EE9128C8
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

wakanda: 1
5 Aug 2018
xMagass
wakanda
638 MB
https://download.vulnhub.com/wakanda/wakanda-1.ova
A new Vibranium market will soon be online in the dark net. Your goal, get your hands on the root file containing the exact location of the mine.
Intermediate level Flags: There are three flags (flag1.txt, flag2.txt, root.txt) Hint: Follow your intuitions … and enumerate! For any questions, feel free to contact me on Twitter: xMagass Happy Hacking!
37357504835EAF14E276F5EE90DD8807
347667B69BEC293048DCC95AA8FA548E2FBF2827
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Rotating Fortress: 1.0.1
30 Jul 2018
c0rruptedb1t
Rotating Fortress
2.2 GB
https://download.vulnhub.com/rotatingfortress/rotating_fortress_v1.0.1.ova
Difficulty: Intermediate/Hard
Rotating Fortress has been serveral months in the making and has a unique feature that sets it apart from other vms Zeus the admin of the server is retiring from Project: Rotating Fortress, but he doesn’t want the project to die with his retirment. To find the successor to the project he has created a challenge. Will you be able to get in, rotate the fortress, escape isolation and reach root? Your Goal is to get root and read /flag.txt Note: This isn’t a short VM and may take several hours to complete.## Changelogv1.0.1 - 30/07/2018v1 - 28/07/2018
8BD7158B7D24624F16E39D073B1A7287
06C8AADF938BD21B6491522F8FB41C7375DD0626
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Bulldog: 2
18 Jul 2018
Nick Frichette
Bulldog
1.7 GB
https://download.vulnhub.com/bulldog/Bulldog2.ova
Three years have passed since Bulldog Industries suffered several data breaches. In that time they have recovered and re-branded as Bulldog.social, an up and coming social media company. Can you take on this new challenge and get root on their production web server?
This is a Standard Boot-to-Root. Your only goal is to get into the root directory and see the congratulatory message, how you do it is up to you! Difficulty: Intermediate, there are some things you may have never seen before. Think everything through very carefully Made by Nick Frichette (https://frichetten.com) Twitter: @frichette_n I’d highly recommend running this on VirtualBox. Additionally DHCP is enabled so you shouldn’t have any troubles getting it onto your network. It defaults to bridged mode but feel free to change that if you like.
251CFEC82E29EB9D439DB21EFCD1C921
10FFAE636E165F6AA24ED7CA5F5174DBF9521500
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Lampião: 1
28 Jul 2018
Tiago Tavares
Lampião
669 MB
https://download.vulnhub.com/lampiao/Lampiao.zip
Would you like to keep hacking in your own lab?
Try this brand new vulnerable machine! “Lampião 1”. Get root! Level: Easy
7437D6FB83B63A7E14BB00F9C7A758B9
B5CDBF07E78557C19555E26715B99E0DCF2400D5
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

WinterMute: 1
5 Jul 2018
creosote
WinterMute
2.4 GB
https://download.vulnhub.com/wintermute/Wintermute-v1.zip
A new OSCP style lab involving 2 vulnerable machines, themed after the cyberpunk classic Neuromancer - a must read for any cyber-security enthusiast. This lab makes use of pivoting and post exploitation, which I’ve found other OSCP prep labs seem to lack. The goal is the get root on both machines. All you need is default Kali Linux.
I’d rate this as Intermediate. No buffer overflows or exploit development - any necessary password cracking can be done with small wordlists. It’s much more related to an OSCP box vs a CTF. I’ve tested it quite a bit, but if you see any issues or need a nudge PM me here. Virtual Box Lab setup instructions are included in the zip download, but here’s a quick brief: Straylight - simulates a public facing server with 2 NICS. Cap this first, then pivot to the final machine. Neuromancer - is within a non-public network with 1 NIC. Your Kali box should ONLY be on the same virtual network as Straylight.This works better with VirtualBox rather than VMware
4BFABB5021B33C2A4AB7A5DB1F17A9ED
643D14EDCADA7EEF08C66DBD4CF89AABFD6097A3
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Basic Pentesting: 2
10 Jul 2018
Josiah Pierce
Basic Pentesting
1.3 GB
https://download.vulnhub.com/basicpentesting/basic_pentesting_2.tar.gz
This is a boot2root VM and is a continuation of the Basic Pentesting series. This series is designed to help newcomers to penetration testing develop pentesting skills and have fun exploring part of the offensive side of security.
VirtualBox is the recommended platform for this challenge (though it also work with VMware – however, I haven’t tested that). This VM is a moderate step up in difficulty from the first entry in this series. If you’ve solved the first entry and have tried a few other beginner-oriented challenges, this VM should be a good next step. Once again, this challenge contains multiple initial exploitation vectors and privilege escalation vulnerabilities. Your goal is to remotely attack the VM, gain root privileges, and read the flag located at /root/flag.txt. Once you’ve finished, try to find other vectors you might have missed! If you’d like to send me a link to your writeup, enjoyed the VM or have questions or feedback, feel free to contact me at: If you finished the VM, please also consider posting a writeup! Writeups help you internalize what you worked on and help anyone else who might be struggling or wants to see someone else’s process. There were lots of wonderful writeups for Basic Pentesting: 1, and I look forward to reading the writeups for this challenge.
3863E0E81AA7F2B6BE2713DEF8AD9677
8819E9C589F0E3659B5756954AC36F983E46D2D3
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Pinky's Palace: v3
15 May 2018
Pink_Panther
Pinky's Palace
689 MB
https://download.vulnhub.com/pinkyspalace/PinkysPalacev3.ova
N/A

3496701AE9290B642EBD27D5EE0310AC
5C0B3ED4442DBB3A9CC0F93AF7C7B9CD809FA92D
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

MinU: 1
2 May 2018
8BitSec
MinU
516 MB
https://download.vulnhub.com/minu/MinUv1.ova.7z
: MinUv1
: 2018-07-10 : 8bitsec : This boot2root is an Ubuntu Based virtual machine and has been tested using VirtualBox. The network interface of the virtual machine will take it’s IP settings from DHCP. Your goal is to capture the flag on /root. : Tested on VirtualBox : Host-Only/DHCP (should work on bridged) : OVA : easy/intermediate : MinUv1.ova.7z : 540MB : cc3d58173a8e9ed3f7606c8d12140a68 : 8409ceb3cd959085c0249eb676af2f384da85466 : Virtual Machine (Virtualbox - OVA) : Linux : Enabled : Automatically assignThis works better with VirtualBox rather than VMware
CC3D58173A8E9ED3F7606C8D12140A68
8409CEB3CD959085C0249EB676AF2F384DA85466
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

BSides Vancouver: 2018 (Workshop)
21 Mar 2018
abatchy
BSides Vancouver
1.1 GB
https://download.vulnhub.com/bsidesvancouver2018/BSides-Vancouver-2018-Workshop.ova
Boot2root challenges aim to create a safe environment where you can perform real-world penetration testing on an (intentionally) vulnerable target.
This workshop will provide you with a custom-made VM where the goal is to obtain root level access on it. This is a great chance for people who want to get into pentesting but don’t know where to start. * If this sounds intimidating, don’t worry! During the workshop, we’ll be discussing various methodologies, common pitfalls and useful tools at every step of our pentest. Requirements:
FC995817DFE08BA08111CF9A8DBAD5FC
1816EA190D808AD6C7DAFF2C7868FDE0D90F9E2B
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Trollcave: 1.2
21 Mar 2018
David Yates
Trollcave
884 MB
https://download.vulnhub.com/trollcave/trollcave-v1-2.ova
is a vulnerable VM, in the tradition of
and in general. You start with a virtual machine which you know nothing about – no usernames, no passwords, just what you can see on the network. In this instance, you’ll see a simple community blogging website with a bunch of users. From this initial point, you enumerate the machine’s running services and general characteristics and devise ways to gain complete control over it by finding and exploiting vulnerabilities and misconfigurations. Your first goal is to abuse the services on the machine to gain unauthorised shell access. Your ultimate goal is to read a text file in the user’s home directory ). This VM is designed to be holistic and fairly down to earth. I wanted to simulate a real attack on a real website rather than just presenting a puzzle box of disparate elements, and I wanted to avoid the more esoteric vulnerable VMisms, like when you have to do signal processing on an MP3 you found to discover a port-knocking sequence. Of course there are always tradeoffs between what’s realistic and what’s optimally fun/challenging, but I’ve tried to keep the challenges grounded. Because this is a VM that you’re downloading, importing and booting, one way to achieve this goal would be to mount the VM’s hard disk. I haven’t encrypted the disk or done anything to prevent this, so if you want to take that route, go ahead. I’m also not offering a prize or anything for completing this VM, so know that it will be entirely pointless. Because this is a VM running a real operating system with real services, there may be ways to get to that I did not intend. Ideally, this should be part of the fun, but if they make the box entirely trivial I’d like to know about and fix them – within reason. As of this release, I’ve installed all the updates available for Ubuntu Server 16.04 LTS, but I cannot and will not attempt to patch this VM against every new Linux kernel exploit that comes out in the future. So there’s a hint – you don’t have to use a kernel exploit to root this box. What you will need is a good HTTP intercepting proxy – I recommend – and a couple of network tools like and . You’ll also need some virtualisation software – will be easiest for most people, but KVM and VMWare should also be able to import the file after a bit of fiddling. Once you’ve imported the VM, put it on the same network as your attacking system ( ) and start hacking! You can grab the file here ( ) (updated 2018-03-19). Let me know .Doesn’t work with VMware.Changelogv1.1 - 19/03/2018v1.2 - 21/03/2018
48C974555C34224567D0F8F9DA30ADD2
DFD1375DB5D5089CE6E657942F2BADB0A91EB7B3
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Gemini Inc: 2
29 Apr 2018
9emin1
Gemini Inc
2.1 GB
https://download.vulnhub.com/geminiinc/Gemini-Pentest-v2.zip
: Gemini Inc v2
: 2018-07-10 : 9emin1 : Gemini Inc : I have decided to create vulnerable machines that replicate the vulnerabilities and difficulties I’ve personally encountered during my last year (2017) of penetration testing. Some of the vulnerabilities require the “Think out of the box (fun)” mentality and some are just plain annoyance difficulties that require some form of automation to ease the testing. GeminiInc v2 has been created that replicate a few issues that I’ve encountered which was really interesting and fun to tackle, I hope it will be fun for you guys as well. Adding a little made-up background story to make it more interesting… : Gemini Inc has contacted you to perform a penetration testing on one of their internal system. This system has a web application that is meant for employees to export their profile to a PDF. Identify any vulnerabilities possible with the goal of complete system compromise with root privilege. To demonstrate the level of access obtained, please provide the content of flag.txt located in the root directory as proof. Tweet me your writeup @ https://twitter.com/sec_9emin1 : : : More information can be obtained from my blog post on this vulnerable machine: https://scriptkidd1e.wordpress.com/ Intended solution will be provided some time after this has been published: https://scriptkidd1e.wordpress.com/geminiinc-v2-virtual-machine-walkthrough/ The VM has been tested on the following platform and is working: It should work with any virtual machine player as well. It will be able to obtain an I.P Address with DHCP so no additional configuration is required. Simply import the downloaded VM and you are good to go.
DD8D53A11B76166D75631559ED0353F9
5F210DD9A52A701BAB262A9DEF88009B1CA46300
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

Jarbas: 1
3 Apr 2018
Tiago Tavares
Jarbas
1.1 GB
https://download.vulnhub.com/jarbas/Jarbas.zip
If you want to keep your hacking studies, please try out this machine!
Jarbas 1.0 – A tribute to a nostalgic Brazilian search engine in the end of 90’s. Objective: Get root shell!
85A1698DB39908E101317ECD9BCA4322
91FC13F42E1E3D470F4C66A0B73B28EC973AE6AC
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

FourAndSix: 1
6 May 2018
Fred Wemeijer
FourAndSix
371 MB
https://download.vulnhub.com/fourandsix/FourAndSix-vbox.ova
N/A

70281B234D0BE8CB6A8B5917EDE0F051
72680ECDCC844C2676B0A0CFEE3E972A05BCC049
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

GoldenEye: 1
4 May 2018
creosote
GoldenEye
805 MB
https://download.vulnhub.com/goldeneye/GoldenEye-v1.ova
I recently got done creating an OSCP type vulnerable machine that’s themed after the great James Bond film (and even better n64 game) GoldenEye. The goal is to get root and capture the secret GoldenEye codes - flag.txt.
I’d rate it as Intermediate, it has a good variety of techniques needed to get root - no exploit development/buffer overflows. After completing the OSCP I think this would be a great one to practice on, plus there’s a hint of CTF flavor. I’ve created and validated on VMware and VirtualBox. You won’t need any extra tools other than what’s on Kali by default. Will need to be setup as Host-Only, and on VMware you may need to click “retry” if prompted, upon initially starting it up because of formatting.## ChangelogBeta - 2018-05-02v1 - 2018-05-04
76C4A898F4BF0D9071C6B7E0A49D7BA8
B2A736B84A013B5FAB7F8C016C1D29D26F3A6D23
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Android4: 1
4 Apr 2018
Touhid Shaikh
Android4
815 MB
https://download.vulnhub.com/android4/Android4.ova
Name : Android4
OS : Android v4.4 Description : This is my Second booT2Root CTF VM…I hope you enjoy it. if you run into any issue you can find me on Twitter: @touhidshaikh22 Flag : /data/root/ (in this Directory) Level: Beginner. Contact: Touhid M.Shaikh aka Agent22 <- Feel Free to write mail Website: http://www.touhidshaikh.com Try harder!: If you are confused or frustrated don’t forget that enumeration is the key! Feedback: This is my Second boot2root - CTF VM. please give me feedback ( ) Tested: This VM was tested with: Virtual Box 5.X Walkthrough : https://www.youtube.com/channel/UC7lxfIwNnSIE7ei9O2K8ZKw (Walkthrough playlist) Networking: DHCP service: Enabled IP address: Automatically assign
12427B60675486FDE168DFA3D266C0F7
E9146B9434EF4ED81C41BD0B305151E39C2AC678
Virtual Machine (Virtualbox - OVA)
Android
Enabled
Automatically assign

billu: b0x 2
10 Jun 2018
Manish Kishan Tanwar
billu
2.8 GB
https://download.vulnhub.com/billu/billu-b0x2.7z
Machine Name: - Billi_b0x 2
Author Name: - Manish Kishan Tanwar (@indishell1046) ========= This Virtual machine is using ubuntu (32 bit) Other packages used: - PHP Apache MySQL Apache tomcat This virtual machine is having intermediate to medium difficulty level. One need to break into VM using web application and from there escalate privileges to gain root access. Gaining low or root privilege shell can be done in two ways (for both)
C5D27EBE699636CA115113BB974B1973
AEF0FE02A769F509E921AFE5D87720DAA00D88EA
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Nineveh: v0.3
20 Feb 2018
Yas3r
Nineveh
857 MB
https://download.vulnhub.com/hackthebox/NinevehV0.3.ova
It was a part of HackTheBox platform.
Static IP of: 192.168.0.150
41A16F158A1930BB1301771576CE5141
5BCDE16B7DF9C8A0391525D0D263D7143775FE8C
Virtual Machine (Virtualbox - OVA)
Linux
Disabled
192.168.0.150

W1R3S: 1.0.1
5 Feb 2018
SpecterWires
W1R3S
3.6 GB
https://download.vulnhub.com/w1r3s/w1r3s.v1.0.1.zip
You have been hired to do a penetration test on the W1R3S.inc individual server and report all findings. They have asked you to gain root access and find the flag (located in /root directory).
Difficulty to get a low privileged shell: Beginner/Intermediate Difficulty to get privilege escalation: Beginner/Intermediate About: This is a vulnerable Ubuntu box giving you somewhat of a real world scenario and reminds me of the OSCP labs. If you need any hints, pointers or have questions feel free to email me: specterinthewires at gmail dot com Virtual Machine: VMware Workstation## Changelogv1.0.0 - 05/02/2018v1.0.1 - 08/03/2018
E5C0405762CF90D8175F7287350D6B03
E6ABE85FA8212500A5DCE2BFC9D6611846F9ABF6
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

USV: 2017
17 Dec 2017
Suceava University
USV
900 MB
https://download.vulnhub.com/usv-2017/ctf-usv_2017_qualifications.ova
: Beginner/Intermediate
: This is the VM used in the online qualifications phase of the CTF-USF 2017 (Capture the Flag - Suceava University) contest which addresses to universities students. The VM was created by Oana Stoian (@gusu_oana) and Teodor Lupan (@theologu) from Safetech Innovations, the technical partner of the contest. : The CTF is a virtual machine and has been tested in Virtual Box. The network interface of the virtual machine will take it’s IP settings from DHCP. : There are 5 flags that should be discovered in form of: Country_name Flag: [md5 hash]. In CTF platform of the CTF-USV competition there was a hint available for each flag, but accessing it would imply a penalty. If you need any of those hints to solve the challenge, send me a message on Twitter @gusu_oana and I will be glad to help. The countries that should be tracked for flags are: Croatia, France, Italy, Laos, Phillippines
AB13E07721B094C61AFB81593E2193F7
7DE9EB172ACE1CE491106E6BBEC90BB72B2F2D5A
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Pinky's Palace: v2
18 Mar 2018
Pink_Panther
Pinky's Palace
1.1 GB
https://download.vulnhub.com/pinkyspalace/Pinkys-Palace2.zip
: A realistic Boot2Root. Gain access to the system and read the /root/root.txt
: Only works in VMware : Bridged/DHCP : Tweeeeeeter @Pink_P4nther : OVF : easy/intermediate : intermediate/hard : Wordpress will not render correctly. You will need to alter your host file with the IP shown on the console:
6FA469C3930D3731804912776019CDC2
30449669776FF319ABB3C0E37D7059F9B37EE3D2
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DerpNStink: 1
9 Feb 2018
Bryan Smith
DerpNStink
1.8 GB
https://download.vulnhub.com/derpnstink/VulnHub2018_DeRPnStiNK.ova
Beginner
Mr. Derp and Uncle Stinky are two system administrators who are starting their own company, DerpNStink. Instead of hiring qualified professionals to build up their IT landscape, they decided to hack together their own system which is almost ready to go live… This is a boot2root Ubuntu based virtual machine. It was tested on VMware Fusion and VMware Workstation12 using DHCP settings for its network interface. It was designed to model some of the earlier machines I encountered during my OSCP labs also with a few minor curve-balls but nothing too fancy. Stick to your classic hacking methodology and enumerate all the things! Your goal is to remotely attack the VM and find all 4 flags eventually leading you to full root access. Don’t forget to #tryharder Example: flag1(AB0BFD73DAAEC7912DCDCA1BA0BA3D05). Do not waste time decrypting the hash in the flag as it has no value in the challenge other than an identifier. Hit me up if you enjoy this VM! Twitter: @securekomodo Email:
949E2F8A7D63FABDC55C675C95EFE022
6D46A5C68FF93467921DA74B58B6FE8C914AE9FC
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Gemini Inc: 1
9 Jan 2018
9emin1
Gemini Inc
3.1 GB
https://download.vulnhub.com/geminiinc/Gemini-Pentest-v1.zip
Name: Gemini Inc v1
Date release: 2018-01-09 Author: 9emin1 Series: Gemini Inc I have decided to create vulnerable machines that replicate the vulnerabilities and difficulties I’ve personally encountered during my last year (2017) of penetration testing. Some of the vulnerabilities require the “Think out of the box (fun)” mentality and some are just plain annoyance difficulties that require some form of automation to ease the testing. GeminiInc v1 has been created that replicate an issue that I’ve encountered which was really interesting and fun to tackle, I hope it will be fun for you guys as well. Adding a little made-up background story to make it more interesting… Gemini Inc has contacted you to perform a penetration testing on one of their internal system. This system has a web application that is meant for employees to export their profile to a PDF. Identify any vulnerabilities possible with the goal of complete system compromise with root privilege. To demonstrate the level of access obtained, please provide the content of flag.txt located in the root directory as proof. Tweet me your writeup @ https://twitter.com/sec_9emin1 Filename: Gemini-Pentest-v1.zip File size: 3283684247 SHA 1: 47ca8fb27b9a4b59aa6c85b8b1fe4df564c19a1e Format: Virtual Machine (VMWare) Operating System: Debian DHCP Service : Enabled IP Address: Automatically Assigned More information can be obtained from my blog post on this vulnerable machine: https://scriptkidd1e.wordpress.com/ Intended solution will be provided some time after this has been published: https://scriptkidd1e.wordpress.com/geminiinc-v1-vm-walkthrough/ The VM has been tested on the following platform and is working: It should work with any virtual machine player as well. It will be able to obtain an I.P Address with DHCP so no additional configuration is required. Simply import the downloaded VM and you are good to go.
7D43FB4087F9D0311957E47722B4E029
47CA8FB27B9A4B59AA6C85B8B1FE4DF564C19A1E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Pinky's Palace: v1
6 Mar 2018
Pink_Panther
Pinky's Palace
646 MB
https://download.vulnhub.com/pinkyspalace/Pinkys-Palace.ova
Box Info: Tested on VirtualBox using DHCP Host-only & Bridged Adapter types.
File Type: OVA Pinky is creating his very own website! He has began setting up services and some simple web applications A realistic Boot2Root box. Gain access to the system and read the root.txt. Difficulty to get user: Easy/Intermediate Difficulty to get root: Easy/Intermediate If you need a hint or have a question contact me on twitter: @Pink_P4ntherThis works better with VirtualBox rather than VMware
E107B510F36A1B1ED7AA457D47BEE8D9
D8B0D5763AE75733CF4F26495A51C16145DFE781
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Damn Vulnerable ARM Router (DVAR): tinysploitARM
13 Jan 2018
Saumil Shah
Damn Vulnerable ARM Router (DVAR)
47MB
https://download.vulnhub.com/dvar/tinysploitARM.zip
DVAR is an emulated Linux based ARM router running a vulnerable web server that you can sharpen your ARM stack overflow skills with.
DVAR runs in the tinysploitARM VMWare VM under a fully emulated QEMU ARM router image. Simply extract the ZIP file and launch the VM via tinysploitARM.vmx. After starting up, the VM’s IP address and default URL shall be displayed on the console. Using your host computer’s browser, navigate to the URL and follow the instructions and clues. The virtual network adapter is set to NAT mode. Your goal is to write a working stack overflow exploit for the web server running on the DVAR tinysploitARM target. SHA256: 1f2bdd9ae4e44443dbb4bf9062300f1991c47f609426a1d679b8dcd17abb384c DVAR started as an optional preparatory exercise for the ARM IoT Exploit Lab. RECON Brussels 2018 (4 day) January 29-Feb 1 https://recon.cx/2018/brussels/training/trainingexploitlab.html Offensivecon Berlin 2018 (4 day) February 12-15 https://www.offensivecon.org/trainings/2018/the-arm-iot-exploit-laboratory-saumil-shah.html Cansecwest Vancouver 2018 (4 day) March 10-13 https://cansecwest.com/dojos/2018/exploitlab.html SyScan360 Singapore 2018 (4 day) March 18-21 https://www.coseinc.com/syscan360/index.php/syscan360/details/SYS1842#regBox If you are new to the world of ARM exploitation, I highly recommend Azeria’s excellent tutorials on ARM Assembly, ARM Shellcode and the basics of ARM exploitation. https://azeria-labs.com/ Twitter: @Fox0x01 And these are three general purpose concepts oriented tutorials that every systems enthusiast must know: Operating Systems - A Primer: http://www.slideshare.net/saumilshah/operating-systems-a-primer How Functions Work: http://www.slideshare.net/saumilshah/how-functions-work-7776073 Introduction to Debuggers: http://www.slideshare.net/saumilshah/introduction-to-debuggers http://blog.exploitlab.net/ Saumil Shah @therealsaumil
B688FD60876680CF489CFB5DE49A5BA2
5403106687717748AC44CB0E5DEC2C73A366E995
Virtual Machine (Virtualbox - OVA)
ARM
Enabled
Automatically assign

ARM Lab: 1
17 Nov 2017
Azeria
ARM Lab
4.7 GB
https://download.vulnhub.com/azeria/Azeria-Lab-v1.7z
Let’s say you got curious about ARM assembly or exploitation and want to write your first assembly scripts or solve some ARM challenges. For that you either need an Arm device (e.g. Raspberry Pi), or you set up your lab environment in a VM for quick access.
This page contains 3 levels of lab setup laziness. If you have the time and nerves to set up the lab environment yourself, I’d recommend doing it. You might get stuck, but you might also learn a lot in the process. Knowing how to emulate things with QEMU also enables you to choose what ARM version you want to emulate in case you want to practice on a specific processor. . Welcome on laziness level 1. I see you don’t have time to struggle through various linux and QEMU errors, or maybe you’ve tried setting it up yourself but some random error occurred and after spending hours trying to fix it, you’ve had enough. Don’t worry, here’s a solution: (aka creator of GEF) released ready-to-play Qemu images for architectures like ARM, MIPS, PowerPC, SPARC, AARCH64, etc. to play with. All you need is . Then download the link to your image, and unzip the archive. Let me guess, you don’t want to bother with any of this and just want a ready-made Ubuntu VM with all QEMU stuff setup and ready-to-play. Very well. The first Azeria-Labs VM is ready. It’s a naked Ubuntu VM containing an emulated ARMv6l. This VM is also for those of you who tried emulating ARM with QEMU but got stuck for inexplicable linux reasons. I understand the struggle, trust me. Download here: : azerialabs I’ve included a Lab VM Starter Guide and set it as the background image of the VM. It explains how to start up QEMU, how to write your first assembly program, how to assemble and disassemble, and some debugging basics. Enjoy!
C0EA2F16179CF813D26628DC792C5DE6
1BB1ABF3C277E0FD06AF0AECFEDF7289730657F2
Virtual Machine (Virtualbox - OVA)
ARM
Enabled
Automatically assign

Bob: 1.0.1
9 Mar 2018
c0rruptedb1t
Bob
1.7 GB
https://download.vulnhub.com/bob/Bob_v1.0.1.ova
Difficulty: Beginner/Intermediate
Bob is my first CTF VM that I have ever made so be easy on me if it’s not perfect. The Milburg Highschool Server has just been attacked, the IT staff have taken down their windows server and are now setting up a linux server running Debian. Could there a few weak points in the new unfinished server? Your Goal is to get the flag in / Hints: Remember to look for hidden info/files## Changelogv1.0 ~ 2018-03-07v1.0.1 ~ 2018-03-09
0A4FA396B6852E7187F29BDBC4293155
2C37E8860F8E47D3341BAF0DCE46B4DFEBED68BD
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

JIS-CTF: VulnUpload
8 Mar 2018
Mohammad Khreesha
JIS-CTF
1.3GB
https://download.vulnhub.com/jisctf/JIS-CTF-VulnUpload-CTF01.ova
VM Name: JIS-CTF : VulnUpload
Difficulty: Beginner Description: There are five flags on this machine. Try to find them. It takes 1.5 hour on average to find all flags.This works better with VirtualBox rather than VMware
254C357D31D42B3C45DE4D9C13879557
20250FA44C65F9422605D66C3D7989AC96455808
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

BlackMarket: 1
28 Feb 2018
AcEb0mb3R
BlackMarket
965 MB
https://download.vulnhub.com/blackmarket/BlackMarket.zip
BlackMarket
BlackMarket VM presented at Brisbane SecTalks BNE0x1B (28th Session) which is focused on students and other InfoSec Professional. This VM has total 6 flag and one r00t flag. Each Flag leads to another Flag and flag format is flag{blahblah}. Shoutout to @RobertWinkel and @dooktwit for hosting at SecTalk Brisbane If you get stuck in rabbit hole and need hints hit me up on twitter. Have fun! Beginner/Intermediate Learn about how to enumerate your target and join dots in order to pwn this VM. VMware Player VirtualBox DHCP Enabled AcEb0mb3R Twitter: @Acebomber911
74A48C517B7BB8C7728CF3851E456475
665BFA5A4934C528AB98C5B4F7CB4030CCF2F7AE
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Bulldog: 1
28 Aug 2017
Nick Frichette
Bulldog
761 MB
https://download.vulnhub.com/bulldog/bulldog.ova
Bulldog Industries recently had its website defaced and owned by the malicious German Shepherd Hack Team. Could this mean there are more vulnerabilities to exploit? Why don’t you find out? 
This is a standard Boot-to-Root. Your only goal is to get into the root directory and see the congratulatory message, how you do it is up to you! Difficulty: Beginner/Intermediate, if you get stuck, try to figure out all the different ways you can interact with the system. That’s my only hint Made by Nick Frichette (frichetten.com) Twitter: @frichette_n I’d highly recommend running this on Virtualbox, I had some issues getting it to work in VMware. Additionally DHCP is enabled so you shouldn’t have any troubles getting it onto your network. It defaults to bridged mode, but feel free to change that if you like.
7073036C6A749714FDEFB47E0E2BF9AA
CC4C750C1BB547A35F21EF1D66EB51B0ED9B83AE
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Homeless: 1
6 Dec 2017
Creatigon
Homeless
508 MB
https://download.vulnhub.com/homeless/Homeless.zip
I’m really interesting about security, love to learn new technologies and play CTF sometime. I’ve been enjoying creating hacking challenges for the security community. This is my first Challenge of boot2root, I was created some web challenge and solved others.I hope you will get some knowledges about my challenge. Thanks u Laiwon . I love you.
Difficulty level to get limited shell: Intermediate or advanced Difficulty level for privilege escalation: Depend on You. You will be required to break into target server,exploit and root the machine, and retrieve the flag. The flag will contain more information about my private info… This challenge is not for beginners. There is a relevant file on this machine that plays an important role in the challenge, do not waste your time trying to de-obfuscate the file, If you got big stuck, Try with Password start with “sec*” with nice wordlist. Ok… Try Harder!.. ~Happy Hacking!..
0B4C730F5C7C607DDE8C7040AB9FAFF2
990BD58F2993AC57A3526DDA425EA554F4DD5C07
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

zico2: 1
19 Jun 2017
Rafael
zico2
828 MB
https://download.vulnhub.com/zico/zico2.ova
Zico’s Shop: A Boot2Root Machine intended to simulate a real world cenario
Disclaimer: By using this virtual machine, you agree that in no event will I be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of or in connection with the use of this software. TL;DR - You are about to load up a virtual machine with vulnerabilities. If something bad happens, it’s not my fault. Level: Intermediate Goal: Get root and read the flag file Description: Zico is trying to build his website but is having some trouble in choosing what CMS to use. After some tries on a few popular ones, he decided to build his own. Was that a good idea? Hint: Enumerate, enumerate, and enumerate! Thanks to: VulnHub Author: Rafael (@rafasantos5)Doesn’t work with VMware. Virtualbox only.
19A5D894D32270875BA6565583BB750B
75FA4171A28B4B6F7CEB2EBA1B47A46EA97418E5
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

Xtreme Vulnerable Web Application (XVWA): 1
23 Aug 2017
Sanoop Thomas & Samandeep Singh
Xtreme Vulnerable Web Application (XVWA)
528MB
https://download.vulnhub.com/xvwa/xvwa.iso
XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security. It’s not advisable to host this application online as it is designed to be “Xtremely Vulnerable”. We recommend hosting this application in local/controlled environment and sharpening your application security ninja skills with any tools of your own choice. It’s totally legal to break or hack into this. The idea is to evangelize web application security to the community in possibly the easiest and fundamental way. Learn and acquire these skills for good purpose. How you use these skills and knowledge base is not our responsibility.
XVWA is designed to understand following security issues.
0A15DF7E0054E5EDA720BBD62E09CFBA
4CAD85825491BBBDAEC80E26AC641608E9839316
Virtual Machine (VMware)
Unix
Enabled
Automatically assign

RickdiculouslyEasy: 1
21 Sep 2017
Luke
RickdiculouslyEasy
761 MB
https://download.vulnhub.com/rickdiculouslyeasy/RickdiculouslyEasy.zip
This is a fedora server vm, created with virtualbox.
It is a very simple Rick and Morty themed boot to root. There are 130 points worth of flags available (each flag has its points recorded with it), you should also get root. It’s designed to be a beginner ctf, if you’re new to pen testing, check it out!
18D572461E1A5B28E77EE9D0439116FA
CC6C387C91AB62FAE687DF96AE5C02FF9AAC3B6C
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

g0rmint: 1
3 Nov 2017
Noman Riffat
g0rmint
835 MB
https://download.vulnhub.com/g0rmint/g0rmint.zip
It is based on a real world scenario I faced while testing for a client’s site. Dedicated to Aunty g0rmint who is fed up of this government (g0rmint).
Does anyone need to know about that Aunty to root the CTF? No The CTF is tested on Vmware and working well as expected. Difficulty level to get limited shell: Intermediate or advanced Difficulty level for privilege escalation: No idea Give me feed back @nomanriffat
0BA9B712CCB45398B67996B750EC7097
8EAE24B977946FD70B0B0C2DEDE434B2235F480C
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

The Ether: EvilScience (v1.0.1)
30 Oct 2017
f1re_w1re
The Ether
2.6 GB
https://download.vulnhub.com/theether/theEther_1.0.1.zip
Lately, I’ve been enjoying creating hacking challenges for the security community. This new challenge encapsulates a company, entitled – The Ether, who has proclaimed an elixir that considerably alters human welfare. The CDC has become suspicious of this group due to the nature of the product they are developing.
The goal is to find out what The Ether is up to. You will be required to break into their server, root the machine, and retrieve the flag. The flag will contain more information about The Ether’s ominous operations regarding this medicine. This challenge is not for beginners. There is a relevant file on this machine that plays an important role in the challenge, do not waste your time trying to de-obfuscate the file, I say this to keep you on track. This challenge is designed test you on multiple areas and it’s not for the feint of heart! Whatever you do, do not give up! Exhaust all of your options! Looking forward to have OSCPs take this challenge. As always, good luck, have fun, God bless, and may the s0urce be with you.## Changelogv1.0.1 - 30/10/2017v1.0.0 - 26/10/2017
6C9C8AF9C57CD61E4DB9280D92557181
7947C93BD7AD47B6412F180393D9BD966F4E5DD7
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

Cyberry: 1
9 Dec 2017
Cyberry
Cyberry
1.9 GB
https://download.vulnhub.com/cyberry/cyberry.ova
The boot2root is a Debian virtual machine and has been fully tested using VMWare Workstation 12. The network interface of the virtual machine will take it’s IP settings from DHCP.
Beginner to Intermediate. Cyberry are eagerly anticipating the release of their new “Berrypedia” website, a life-long project which offers knowledge and insight into all things Berry! The challenge is to get root. Rooting this box will require a wide variety of skills and techniques, and you may find that there is more than one way to achieve this. Whilst the boot2root itself can technically be completed offline, you will almost certainly require some form of internet access (Search engine) at your disposal to move forward past some of the challenges. If you get completely stuck please tweet us @cyberrysec for a hint. We really look forward to reading the walkthroughs on vulnhub of how you achieved root 
BFD418D911893DD7872C4A53986301A4
6446D59801056C82F91147F1845BE6D1FAAD05F3
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Vulnerable Docker: 1
27 Sep 2017
NotSoSecure
Vulnerable Docker
717 MB
https://download.vulnhub.com/vulnerabledocker/vulnerable_docker_containement.ova
Ever fantasized about playing with docker misconfigurations, privilege escalation, etc. within a container?
Download this VM, pull out your pentest hats and get started We have 2 Modes: - HARD: This would require you to combine your docker skills as well as your pen-testing skills to achieve host compromise. - EASY: Relatively easier path, knowing docker would be enough to compromise the machine and gain root on the host machines. We have planted 3 flag files across the various machines / systems that are available to you. Your mission if you choose to accept would be as following:
329E2B9677751C6F0AA78D8ED840796C
3B9D5D610972C9FC564F928ACADA2A3C1EE01D39
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

Basic Pentesting: 1
8 Dec 2017
Josiah Pierce
Basic Pentesting
2.6 GB
https://download.vulnhub.com/basicpentesting/basic_pentesting_1.ova
This is a small boot2root VM I created for my university’s cyber security group. It contains multiple remote vulnerabilities and multiple privilege escalation vectors. I did all of my testing for this VM on VirtualBox, so that’s the recommended platform. I have been informed that it also works with VMware, but I haven’t tested this personally.
This VM is specifically intended for newcomers to penetration testing. If you’re a beginner, you should hopefully find the difficulty of the VM to be just right. Your goal is to remotely attack the VM and gain root privileges. Once you’ve finished, try to find other vectors you might have missed! If you enjoyed the VM or have questions, feel free to contact me at: If you finished the VM, please also consider posting a writeup! Writeups help you internalize what you worked on and help anyone else who might be struggling or wants to see someone else’s process. I look forward to reading them!
D1FB9419D73D26AB0C88D8DDB7C10A02
F207A5CED5369A4BA29971B932B8C683C4AA14C2
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Pentester Lab: S2-052
15 Sep 2017
Pentester Lab
Pentester Lab
95MB
https://download.vulnhub.com/pentesterlab/s2-052.iso
This exercise covers the exploitation of the Struts S2-052 vulnerability

5857D27D60E95CFC2976C6293B7D8DAF
632454542DA283E4D8A688ED7D8DADDCA769FBFA
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

Depth: 1
27 Oct 2017
Dan Lawson
Depth
1.2 GB
https://download.vulnhub.com/depth/DepthB2R.ova
Many times while conducting a pentest, I need to script something up to make my life easier or to quickly test an attack idea or vector. Recently I came across an interesting command injection vector on a web application sitting on a client’s internet-facing estate. There was a page, running in Java, that allowed me to type arbitrary commands into a form, and have it execute them. While developer-provided webshells are always nice, there were a few caveats. The page was expecting directory listing style output, which was then parsed and reformatted. If the output didn’t match this parsing, no output to me. Additionally, there was no egress. ICMP, and all TCP/UDP ports including DNS were blocked outbound.
I was still able to leverage the command injection to compromise not just the server, but the entire infrastructure it was running on. After the dust settled, the critical report was made, and the vulnerability was closed, I thought the entire attack path was kind of fun, and decided to share how I went about it. Since I enjoy being a free man and only occasionally visit prisons, I’ve created a simple boot2root style VM that has a similar set of vulnerabilities to use in a walkthrough.
47975764E3A6AAD07749C35072C1B025
6516163F84ACDDD846981C94262EC3538A18970E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Game of Thrones CTF: 1
8 Sep 2017
OscarAkaElvis
Game of Thrones CTF
2.4GB
https://download.vulnhub.com/gameofthrones/Game-of-Thrones-CTF-1.0.ova
:
Get the 7 kingdom flags and the 4 extra content flags (3 secret flags + final battle flag). There are 11 in total. : : :
EE5D6C1F8DFBBF95D51B9BE354BC3504
4672EEFA5714D45889F2C982344B4D8F94C915E3
Virtual Machine (VMware)
Unix
Enabled
Automatically assign

Dina: 1.0.1
17 Oct 2017
Touhid Shaikh
Dina
1.1 GB
https://download.vulnhub.com/dina/Dina-1-0-1.ova
Welcome to Dina 1.0.1
This is my first Boot2Root - CTF VM. I hope you enjoy it. if you run into any issue you can find me on Twitter: @touhidshaikh22 : touhidshaikh22 at gmaill.com <- Feel Free to write mail : http://www.touhidshaikh.com : /root/flag.txt : Beginner (IF YOU STUCK ANYwhere PM me for HINT, But I don’t think need any help). : https://drive.google.com/file/d/0B1qWCgvhnTXgNUF6Rlp0c3Rlb0k/view : If you are confused or frustrated don’t forget that enumeration is the key! : This is my first boot2root - CTF Virtual Machine, please give me feedback on how to improve! : This VM was tested with: : DHCP service: Enabled :Doesn’t work with VMware. Virtualbox only.v1 - 10/07/2017v1.0.1 - 17/10/2017
17D1FD065BD8167E8F82ECD142714284
EEEDE57F0357BBEEFCBDD8506DF9388BCB55AA0E
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

Born2Root: 1
10 Jun 2017
Hadi Mene
Born2Root
803MB
https://download.vulnhub.com/born2root/born2root.ova
When you see the ascii text that mean Born2Root’s CTF challenge Is UP
I hope you will enjoy it !!Doesn’t work with VMware. Virtualbox only.
AF6C96E11FF099A87D421A22809FB1FD
16B330787070F98C85D7F7D94FDB9032B970D115
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

BTRSys: v2.1
31 Jul 2017
ismailonderkaya
BTRSys
795 MB
https://download.vulnhub.com/btrsys/BTRSys2.1.rar
Machine Name: BTRSys2
IP : DHCP Difficulty : Beginner / Intermediate Format : Virtual Machine (VMware) Description : This is a boot2root machine particularly educational for beginners. Follow us for next BTRSys systems. We hope you enjoy it! twitter: btrisk## Changelogv2.0 - 08/June/2017v2.1 - 31/July/2017
055AB697E7BA9299D29DFBCB494D4679
D0FCB5C8B50EE570AAE5841C3BA73D5FE1F37C48
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

DEFCON Toronto: Galahad
1 Jun 2017
Dolev
DEFCON Toronto
1.7 GB
https://download.vulnhub.com/dc416-2016-1/DC416-Galahad.zip
Dolev
One of the VMs used in the online CTF hosted back in September 2016 by Defcon Toronto, slightly modified to suit boot2root challenges. Difficulty: Easy Information: Overall 7 flags to collect, id 0 is the final step. Details: For any issues you can shoot an email to: dolev at dc416.com or DM me @dolevfarhi
6A779F52E887009A7CA6A1DD6163B84C
44568A2C5C81A6E8D9D359120A0F376A72C15983
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HackerHouse: BSides London 2017
7 Jun 2017
Hacker House
HackerHouse
478 MB
https://download.vulnhub.com/hackerhouse/bsidesldn2017.iso
Hacker House are community sponsors at this year’s BSides London 2017 and, to celebrate, we have an exploit challenge for you. A key date in the UK security scene, it offers an alternative technical conference for the hackers and tech geeks to share war stories and learn. We are providing a challenge lab designed especially for the conference that attendees can sink disassemblers into. If you aren’t at the event, you can also hack along at home, but remember that prizes for solutions can only be claimed at our stand during the event! The challenge is provided in ISO format which you can boot in VirtualBox or any similar virtualisation software, heck you can even run it on an ATM if you like, but this is unsupported. If you solve our little brain teasing conundrums and beat the system to get root, the first three successful solutions presented to us at our stand can claim one of our awesome hoodies, check them out in our shop! This challenge is open to individuals, but if you do decide to team up, then let us know as only one prize can be claimed per solution. We are also giving several t-shirts away during the raffle so make sure you get your tickets!
Our challenge will test your elite hacking skills and requires web application, reverse engineering, cryptography and exploit abilities. It shouldn’t take the competent skilled hacker too much time, but if you do struggle then watch our social media feeds during the event for some tips to this adventure. You should run the challenge in Host-Only networking mode and on successful boot you will be presented with a console, similar to the one shown at the end of this post. You should solve the challenge from a network perspective, only solutions using this route will be accepted for prizes (unless they are really cool!). The goal of the challenge is to hack the ISO, level up your skills and get root, come and show us how you did it if you want to claim your prize! If you are struggling with the configuration of our challenge, you can check out our training course free module, which details steps for configuring a similar lab. You can find details and upcoming dates of our training here. Happy hacking and remember sharing is caring so post (tweet us @myhackerhouse!) or email a solution and let us know about it after the event. We will share links to the best of them on this blog! May the force be with you, young padawan, and remember that hacking isn’t just a skill – it’s a survival trade.
A9DE76F91DFAE1347E1FD3A1C4BA6AF6
FBA1BCAEDC91A211C0AA80D3A289794A8FEADBB9
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

BTRSys: v1
8 Jun 2017
ismailonderkaya
BTRSys
776 MB
https://download.vulnhub.com/btrsys/BTRSys1.rar
Machine Name: BTRSys1
IP : DHCP Difficulty : Beginner / Intermediate Format : Virtual Machine (VMware) Description : This is a boot2root machine particularly educational for beginners. Follow us for next BTRSys systems. We hope you enjoy it!
7C63774B2B4AF9FF7CD9A4CF28EE6363
4599A5BD08C226D24DF86DE0851A38BE9E7B32DF
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

/dev/random: k2
26 Jul 2017
Sagi-
/dev/random
958MB
https://download.vulnhub.com/devrandom/K2.ova


5B59F1C23193A7DFE7434811355A5391
B4B61E2FE3C81FB81897426DAE6BBD89CBC81247
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

LazySysAdmin: 1
20 Sep 2017
Togie Mcdogie
LazySysAdmin
479 MB
https://download.vulnhub.com/lazysysadmin/Lazysysadmin.zip
Name: LazySysAdmin 1.0
Author: Togie Mcdogie Twitter: @TogieMcdogie [Description] Difficulty: Beginner - Intermediate Boot2root created out of frustration from failing my first OSCP exam attempt. Aimed at: Special thanks to @RobertWinkel @dooktwit for hosting LazySysAdmin at Sectalks Brisbane BNE0x18 [Lore] LazySysadmin - The story of a lonely and lazy sysadmin who cries himself to sleep [Tested with] [Preffered setup] Host only networking [Hints] [Other] [Checksum]
96FADD9A1B81594A07898937BC708DC8
033449E6B3A2ED9BCDD4D1A6102E348E524CA227
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

C0m80: 1
23 Sep 2017
3mrgnc3
C0m80
2.6 GB
https://download.vulnhub.com/c0m80/C0m80_3mrgnc3_v1.0.ova
https://3mrgnc3.ninja/2017/09/c0m80/
[This is my third public Boot2Root, This one is intended to be quite difficult compared to the last two. But again, that being said, it will depend on you how hard it is The theme with this one is all about ‘enumeration, enumeration, enumeration’, lateral thinking, and how to “combine” vulnerabilities in order to exploit a system. Once you have an IP insert it into your attack system /etc/hosts like this: This VM will probably be different to other challenges you may have come across. With C0m80 You will be required to log in locally in the VirtualBox console window at some point. This, I know, may ‘rile’ some of the purists out there that say you should be able to compromise a boot2root fully remotely over a network. I agree to that in principle, and in this case I had intended to allow vnc or xrdp access. Alas, due to compatibility problems I had to make a compromise in this area in order to get the challenge published sooner rather than later. It should be obvious at what point you need to log in. So when that time comes just pretend you are using remote desktop. ;D Sorry, I hope you can forgive me. Difficult] but depends on you really There is only one goal here. Become God on the system and read the root flag. I Hope You Enjoy It. https://3mrgnc3.ninja/files/C0m80_3mrgnc3_v1.0.ova Please leave feedback and comments below. Including any info on walkthroughs anyone wishes to publish, or bugs people find in the VM Image. Alternatively email me at 3mrgnc3 at techie dot com
8BC388317D66F07475775C46B01E2AE2
C690141E5ED78C1C27D7C6E6F923BE8B4E1B0F30
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

H.A.S.T.E: 1
13 Sep 2017
f1re_w1re
H.A.S.T.E
1.7GB
https://download.vulnhub.com/haste/HASTEVM.zip
This vulnerable-by-design box depicts a hacking company known as H.A.S.T.E, or Hackers Attack Specific Targets Expeditiously, capable of bringing down any domains on their hit list.
I would like to classify this challenge with medium difficulty, requiring some trial and error before a successful takeover can be attained.
D8F377BE528AAA0F1EC6F9FEA3659588
CDBAD978D4D27762C47B055A1717500FD547CDFF
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

covfefe: 1
19 Sep 2017
Tim Kent
covfefe
471 MB
https://download.vulnhub.com/covfefe/covfefe.ova
Covfefe is my Debian 9 based B2R VM, originally created as a CTF for SecTalks_BNE. It has three flags.
It is intended for beginners and requires enumeration then [spoiler]!
74315076AD526AB3117A59961B599683
1A28C6ADC7181F82B3AE1E0A473476600DAC2702
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

Super Mario Host: 1.0.1
19 Apr 2017
mr_h4sh
Super Mario Host
3.4 GB
https://download.vulnhub.com/supermariohost/Super-Mario-Host-v1.0.1.ova
Intermediate.
Welcome to Super Mario Host! This VM is meant to be a simulation of a real world case scenario. The goal is to find the 2 flags within the VM. Root is not enough (sorry!) The VM can be exploited in various ways, but remember that Enumeration is the key. The level of the challenge is Intermediate. Thanks to vdbaan, kltdwd, mrb3n and GKNSB for testing.
5F34371E396F8D8EA3EC1B695B8D9075
C810E114BA3F10D962B5724BEBF95AB3C9982A12
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Ew_Skuzzy: 1
17 Mar 2017
vortexau
Ew_Skuzzy
943 MB
https://download.vulnhub.com/ewskuzzy/Ew_Skuzzy.ova.tgz
Welcome to ‘Ew Skuzzy!’ - my first CTF VM.
Level: Intermediate.This works better with VirtualBox rather than VMware
C7E13C22F03CA00547A3FF8955A5235A
605497ECA42D73DF475D15808BCA7ACDC18670AC
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Thr0nes CTF: 1
16 Mar 2017
pax0r
Thr0nes CTF
1.9 GB
https://download.vulnhub.com/thr0nes/thr0nesCTF-02.img
“Liberamos nuestro CTF creado por y para la old school.”
We released our CTF created by and for the old school. "Nivel : medio-bajo Tipo de CTF : lineal, una prueba te va llevando a la siguiente. Idioma : Español Plataforma : Raspberry pi 3 Tools para grabar la imagen : o " Level: medium-low Type of CTF: linear, one test takes you to the next. Spanish Language Platform: Raspberry pi 3 Tools to burn the image: or “Descarga la imagen lista para grabar en una sd y montarla en tu raspberry pi, conectala a la corriente y a jugar!” Download the image ready to burn to a SD and mount it on your raspberry pi, plug it into the stream and play! "link de descarga : " Download link : “Espero que os guste. LoRKa” I hope you like it. LoRKa
7A4FE06B3214A68C90702C0CDD28C4C0
8C8ECD44CB51E21DF077FFF37F639523A3E68871
Disk Image (.IMG)
ARM
Enabled
Automatically assign

MMMLAGOS: 1.1
30 May 2017
silexsecure
MMMLAGOS
1.6 GB
https://download.vulnhub.com/mmmctf/MMMCTF-v1.1.ova
MMMLAGOS is a vulnerable ponzing scheme with lot of vulnerabilities , the flags are high tech stenography Flag to be puzzled by player to solve critical challenge
twitter : @silexsecureThis works better with VirtualBox than VMware.## Changelog03/06/2017 - v1.130/05/2017 - v1.0
F2120DFDF623A520D11F130DE056D23A
FC27E6874A8F4FF8E2A241519E303C361152E03E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Analougepond: 1
16 Apr 2017
knightmare
Analougepond
1.8 GB
https://download.vulnhub.com/analougepond/analoguepond-0.2b.ova
Welcome to another boot2root / CTF this one is called Analougepond. The VM is set to grab a DHCP lease on boot. I’ve tried to mix things up a little on this one, and have used the feedback from #vulnhub to make this VM a little more challenging (I hope).
Since you’re not a Teuchter, I’ll offer some hints to you: Remember TCP is not the only protocol on the Internet My challenges are never finished with root. I make you work for the flags. The intended route is NOT to use forensics or 0-days, I will not complain either way. To consider this VM complete, you need to have obtained: Best of luck! If you get stuck, eat some EXTRABACON NB: Please allow 5-10 minutes or so from powering on the VM for background tasks to run before proceeding to attack. Changelog SHA1SUM: D75AA2405E2DFB30C1470358EFD0767A10CF1EB1 analoguepond-0.2b.ova Many thanks to mrB3n, Rand0mByteZ and kevinnz for testing this CTF. A special thank you to g0tmi1k for hosting all these challenges and offering advice. A tip of the hat to mrb3n for his recent assistence.This works better with VirtualBox than VMware.
8A73E0BD1100B4C0E1C3C9560BA51722
D75AA2405E2DFB30C1470358EFD0767A10CF1EB1
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Lab26: 1.1
27 Jun 2017
Marius
Lab26
1.6 GB
https://download.vulnhub.com/lab26/Lab26v1.1.zip
For a while now I’ve been maintaining a VM I with several vulnerable web apps already deployed:
The VM has Burp Suite free, chromium with a few extensions (including a proxy switcher) and sqlmap. The browser home page contains links to some exercises and walkthroughs. User credentials:## Changelogv1.0 - 23/04/2017v1.1 - 27/06/2017
374F0B8D2B9B9E63D20BD3A58C98396C
58A965BABEAC983DAE7AC4F32D361B74C29A4FA0
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Proteus: 1
7 Jun 2017
Ivanvza
Proteus
779 MB
https://download.vulnhub.com/proteus/Proteus.ova
“A bacterium found in the intestines of animals and in the soil.”
An IT Company implemented a new malware analysis tool for their employees to scan potentially malicious files. This PoC could be a make or break for the company. It is your task to find the bacterium. Goal: Get root, and get flag… This VM was written in a manner that does not require . NB: VMWare might complain about the .ovf specification. If this does come accross your path, click the retry button and all should be well.
961E676AC235B1F254462784C26A4B93
DED378C2584B980D70A53C4EFA3CAE27C25E8B76
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

billu: b0x
21 Apr 2017
Manish Kishan Tanwar
billu
518 MB
https://download.vulnhub.com/billu/Billu_b0x.zip
This Virtual machine is using ubuntu (32 bit)
Other packages used: - This virtual machine is having medium difficulty level with tricks. One need to break into VM using web application and from there escalate privileges to gain root access For any query ping me at https://twitter.com/IndiShell1046 Enjoy the machine
EBCB435522917A67B54274900B37C6AF
6658256BA68A200BFA3862340EE7DD31DC19BD4E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

d0not5top: 1.2
24 Apr 2017
3mrgnc3
d0not5top
693 MB
https://download.vulnhub.com/d0not5top/D0Not5top_3mrgnc3_v1.2.ova
D0Not5top Boot2Root
This is my second public Boot2Root, It’s intended to be a little more difficult that the last one I made. That being said, it will depend on you how hard it is It’s filled with a few little things to make the player smile. Again there are a few “Red Herrings”, and enumeration is key. DIFFICULTY ??? CAPTURE THE FLAGS There are 7 flags to collect, designed to get progressively more difficult to obtain DETAILS SUPPORT Any support issues can be directed to ## Changelogv1.0 - 2017-04-08 (Initial release)v1.1 - 2017-04-08 (Typo fix)v1.2 - 2017-04-22 (Removed shortcut)
DF6F3C4A9B333568F14AA2401788C023
416712847D56FD245DCC3E585E1F96E0FBD8CD15
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Moria: 1.1
29 Apr 2017
abatchy
Moria
1.6 GB
https://download.vulnhub.com/moria/Moria1.1.rar

## Changelog29/04/2017 - v1.120/04/2017 - v1.0
2789BCA41A7B8F5CC48E92C635EB83CB
2789BCA41A7B8F5CC48E92C635EB83CB
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DonkeyDocker: 1
22 Apr 2017
Dennis Herrmann
DonkeyDocker
1.2 GB
https://download.vulnhub.com/donkeydocker/DonkeyDocker_v1.0.zip
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512 Welcome to This is my first boot2root - CTF VM. I hope you enjoy it. if you run into any issue you can find me on Twitter: @dhn_ or feel free to write me a mail to: Level: I think the level of this boot2root challange is hard or intermediate. Try harder!: If you are confused or frustrated don’t forget that enumeration is the key! Thanks: Special thanks to @1nternaut for the awesome CTF VM name! Feedback: This is my first boot2root - CTF VM, please give me feedback on how to improve! Tested: This VM was tested with: Networking: DHCP service: Enabled IP address: Automatically assign Looking forward to the write-ups!
17DBF8C6A05B7AD21DC539F3FB26B6F9
35188CBCD76F6ECD2572D10FB0324284BEAA7D27
Virtual Machine (VMware)
Linux
Enabled
Automatically assign

hackfest2016: Orcus
15 Mar 2017
Viper
hackfest2016
2.5 GB
https://download.vulnhub.com/hackfest2016/Orcus.ova
Welcome to Orcus
This is a vulnerable machine i created for the Hackfest 2016 CTF http://hackfest.ca/ Difficulty : Hard Tips: If youre stuck enumerate more! Seriously take each service running on the system and enumerate them more! Goals: This machine is intended to take a lot of enumeration and understanding of Linux system. There are 4 flags on this machine 1. Get a shell 2. Get root access 3. There is a post exploitation flag on the box 4. There is something on this box that is different from the others from this series (Quaoar and Sedna) find why its different. Feedback: This is my third vulnerable machine, please give me feedback on how to improve ! @ViperBlackSkull on Twitter Special Thanks to madmantm for testing this machine SHA-256 : 79B1D93C60E664D70D8EB3C0CDF1AD98BF2B95036C84F87EEF065FA71C1AE51E
81D4A6B94B1DE51B09EFB3B621790B26
3D4F9BF41A7C3A23914C20FD18BD3A8CC9B2A0A8
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Wallaby's: Nightmare (v1.0.2)
22 Dec 2016
Waldo
Wallaby's
1.3 GB
https://download.vulnhub.com/wallabys/wallabysnightmare102.rar
This is my first boot2root machine. It’s begginer-intermediate level.
It’s been tested in VBox and VMware and seems to work without issues in both. A tip, anything can be a vector, really think things through here based on how the machine works. Make a wrong move though and some stuff gets moved around and makes the machine more difficult! This is part one in a two part series. I was inspired by several vms I found on vulnhub and added a bit of a twist to the machine. Good luck and I hope you guys enjoy! This is my first CTF/Vulnerable VM ever. I created it both for educational purposes and so people can have a little fun testing their skills in a legal, pentest lab environment. Some notes before you download! This is a Boot2Root machine. The goal is for you to attempt to attempt to gain root privileges in the VM. Do not try to get the root flag through a recovery iso etc, this is essentially cheating! The idea is to get through by pretending this machine is being attacked over a network with no physical access. I themed this machine to make it feel a bit more realistic. You are breaking into a fictional characters server (named Wallaby) and trying to gain root without him noticing, or else the difficulty level will increase if you make the wrong move! Good luck and I hope you guys enjoy!## Changelogv1.0 - 2016-12-22 - First Release.v1.0.1 - 2016-12-29 - VM was made harder with various fixes.v1.0.2 - 2016-12-30 - Removed a left over temp file that could be used as a shortcut.
1D65299A8E0E95BFFCAAADC87011408A
B1A8CA03D67B97C603C12C95D65A360CD345D29E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

DC416: 2016
5 Dec 2016
VulnHub CTF Team
DC416
873 MB
https://download.vulnhub.com/dc416-2016/dc416-baffle.ova
These four virtual machines were created by members of the
for first offline CTF. They have been tested with VirtualBox, and will obtain an IP address via DHCP upon bootup. Difficulty ranges from beginner to intermediate. Each machine has a landing page on port 80 which describes the number of flags it has, along with any additional rules or hints. Enjoy!Dick Dastardly requires a DHCP in a class C range.
8CB9608EDB8E0145B37520DDBD7D03A1
2C970DC7CECC9F19357A32B9647E3F532C14FC78
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

hackfest2016: Sedna
14 Mar 2017
Viper
hackfest2016
1.3 GB
https://download.vulnhub.com/hackfest2016/Sedna.ova
Welcome to Sedna
This is a vulnerable machine i created for the Hackfest 2016 CTF http://hackfest.ca/ Difficulty : Medium Tips: There are multiple way to root this box, if it should work but doesn’t try to gather more info about why its not working. Goals: This machine is intended to be doable by someone who have some experience in doing machine on vulnhub There are 4 flags on this machine One for a shell One for root access Two for doing post exploitation on Sedna Feedback: This is my second vulnerable machine, please give me feedback on how to improve ! @ViperBlackSkull on Twitter Special Thanks to madmantm for testing this virtual machine SHA-256 : 178306779A86965E0361AA20BA458C71F2C7AEB490F5FD8FAAFAEDAE18E0B0BA
563E4A1C2D85614E3409434A1246EFD4
D4FD0FCA5B0DB0BF0C249B5793D69291A6EF09BB
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

USV: 2016 (v1.0.1)
9 Dec 2016
Suceava University
USV
1.4 GB
https://download.vulnhub.com/usv-2016/USV-CTF101.ova
: Beginner/Intermediate
Instructions: The CTF is a virtual machine and has been tested in Virtual Box. It has all required drivers if you want it to run on VMware or KVM (virtio). The network interface of the virtual machine will take it`s IP settings from DHCP. : There are 7 flags that should be discovered in form of: Country_name Flag: [md5 hash]. In CTF platform of the CTF-USV competition there was a hint available for each flag, but accessing it would imply a penalty. If you need any of those hints to solve the challenge, send me a message on Twitter @gusu_oana and I will be glad to help. : CTF-USV 2016 was the first International Students Contest in Information Security organized in Romania by Suceava University. Security challenges creation, evaluation of results and building of CTF environment was provided by Safetech Tech Team: Oana Stoian (@gusu_oana), Teodor Lupan (@theologu) and Ionut Georgescu (@ionutge1) SHA1: f401e4e9084f937a674356dd4fa2144e10b8471a If you are having issues with networking in VMware, switch to virtualbox. As long as it says “Success” on the login screen, networking should be okay. Any other errors can be ignored## Change logv1.0 - 09/12/2016v1.0.1 - 02/01/2017
7D8A2AD241805461B183D5A72999733F
2B32F073CE274984C48CADD983CDD66DCAF4BF1E
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

pluck: 1
11 Mar 2017
Ryan Oberto
pluck
609 MB
https://download.vulnhub.com/pluck/pluck.ova.zip
“Enjoy” — @ryanoberto

91EFB062561BB43145FE8975C5BBDA96
4A24F4B98BA50A9B5D6F564DD303CFDEC15F2A8B
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

hackfest2016: Quaoar
13 Mar 2017
Viper
hackfest2016
1.3 GB
https://download.vulnhub.com/hackfest2016/Quaoar.ova
Welcome to Quaoar
This is a vulnerable machine i created for the Hackfest 2016 CTF http://hackfest.ca/ Difficulty : Very Easy Tips: Here are the tools you can research to help you to own this machine. nmap dirb / dirbuster / BurpSmartBuster nikto wpscan hydra Your Brain Coffee Google Goals: This machine is intended to be doable by someone who is interested in learning computer security There are 3 flags on this machine 1. Get a shell 2. Get root access 3. There is a post exploitation flag on the box Feedback: This is my first vulnerable machine, please give me feedback on how to improve ! @ViperBlackSkull on Twitter Special Thanks to madmantm for testing SHA-256 DA39EC5E9A82B33BA2C0CD2B1F5E8831E75759C51B3A136D3CB5D8126E2A4753This works better with VirtualBox rather than VMware
341E9951301200115C6D01D4BDB2F34D
CEF54D35738CC4D041709EC664D5B8EB0BF9CE79
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

HackDay: Albania
18 Nov 2016
R-73eN
HackDay
1.6 GB
https://download.vulnhub.com/hackday/HackDay-Albania.ova
This was used in HackDay Albania’s 2016 CTF.
The level is beginner to intermediate . It uses DHCP.Note: VMware users may have issues with the network interface doing down by default. We recommend (for once!) using Virtualbox.
183C4563B98E10CB6C82931682F7E90D
E4875224BD7CB4A4F1F9F79E9D63F1F43DB7654C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Pentester Lab: Padding Oracle
9 Dec 2016
Pentester Lab
Pentester Lab
25 MB
https://download.vulnhub.com/pentesterlab/padding_oracle.iso
This course details the exploitation of a weakness in the authentication of a PHP website. The website uses Cipher Block Chaining (CBC) to encrypt information provided by users and use this information to ensure authentication. The application also leaks if the padding is valid when decrypting the information. We will see how this behaviour can impact the authentication and how it can be exploited.
Source:
E1CC3F89F8204749F25F3ABEAB6665AB
C72AF418218F82C07F607E5522C4EF747BCF9AF9
Disk Image (.ISO)
Linux
Enabled
Automatically assign

Breach: 3.0.1
10 Mar 2017
mrb3n
Breach
2.2 GB
https://download.vulnhub.com/breach/Breach-3.0.1.zip
Third in a multi-part series, Breach 3.0 is a slightly longer boot2root/CTF challenge which attempts to showcase a few real-world scenarios/vulnerabilities, with plenty of twists and trolls along the way.
Difficulty: Intermediate, requires some creative thinking and persistence more so than advanced exploitation. The VM is configured to grab a lease via DHCP. A few things: 1) This is the culmination of the series, keep your notes close from the previous 2 challenges, they may come in handy. 2) Remember that recon is an iterative process. Make sure you leave no stone unturned. 3) The VM uses KVM and QEMU for virtualization. It is not necessary to root every host to progress. 4) There are 3 flags throughout, once you reach a flag you have achieved that intended level of access and can move on. These 3 flags are your objectives and it will be clear once you have found each and when it is time to move on. Shout-out to knightmare for many rounds of testing and assistance with the final configuration as well as g0blin, Rand0mByteZ, mr_h4sh and vdbaan for testing and providing valuable feedback. As always, thanks to g0tmi1k for hosting and maintaining Vulnhub. If you run into any issues you can find me on Twitter: https://twitter.com/mrb3n813 or on IRC in #vulnhub. Looking forward to the write-ups! Enjoy and happy hunting! SHA1: EBB2123E65106F161479F3067C68CFA143CA98D3For the time being, there will not be HTTP download links - only a torrent.v3.0 - 23/02/2017v3.0.1 - 10/03/2017
31D031E4699E1A04082655A7EFD18AC7
E98C51BF9C54FFDA2120ABDC9CD4927CDC7A4436
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

64Base: 1.0.1
7 Dec 2016
3mrgnc3
64Base
1.5 GB
https://download.vulnhub.com/64base/64Base_3mrgnc3.ova
This is my very first public Boot2Root, It’s intended to be more of a fun game than a serious hacking challenge. Hopefully anyone interested enough to give it a try will enjoy the story with this one.
It is based on the StarWars storyline and is designed to . Just be warned, it’s littered with more than a few “Red Herrings” ;D [BEGINNER - INTERMEDIATE] There are 6 flags to collect. Each in the format of flag1{ZXhhbXBsZSBmbGFnCg==} Beat the Empire and steal the plans for the Death Star before its too late. I Hope You Enjoy It.## Changelogv1.0 - 05/12/2016v1.0.1 - 07/12/2016
3BA24F70485D82FBBDCAFCF54EB310EA
2F8981FC3EB8C02D390FBDE5FF1E45087053DFFB
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

SkyDog: 2016 - Catch Me If You Can
9 Nov 2016
James Bower
SkyDog
1.5 GB
https://download.vulnhub.com/skydog/SkyDogConCTF2016VBoxV10.ova
: Beginner/Intermediate
: The CTF is a virtual machine and works best in Virtual Box. Download the OVA file open up Virtual Box and then select File –> Import Appliance. Choose the OVA file from where you downloaded it. After importing the OVA file above make sure that USB 2.0 is disabled before booting up the VM. The networking is setup for a Host-Only Adapter by default but you can change this before booting up depending on your networking setup. The Virtual Machine Server is configured for DHCP. If you have any questions please send me a message on Twitter @jamesbower and I’ll be happy to help. The eight flags are in the form of flag{MD5 Hash} such as flag{1a79a4d60de6718e8e5b326e338ae533 Flag #1 Don’t go Home Frank! There’s a Hex on Your House. Flag #2 Obscurity or Security? Flag #3 Be Careful Agent, Frank Has Been Known to Intercept Traffic Our Traffic. Flag #4 A Good Agent is Hard to Find. Flag #5 The Devil is in the Details - Or is it Dialogue? Either Way, if it’s Simple, Guessable, or Personal it Goes Against Best Practices Flag #6 Where in the World is Frank? Flag #7 Frank Was Caught on Camera Cashing Checks and Yelling - I’m The Fastest Man Alive! Flag #8 Franks Lost His Mind or Maybe it’s His Memory. He’s Locked Himself Inside the Building. Find the Code to Unlock the Door Before He Gets Himself Killed!
3DBD900E8A3C9D236EBF6459ECCB8220
BDE9EE18CC7F4CB6323098BB896FE45AE7CCC901
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Defence Space CTF: 2017
12 Mar 2017
silexsecure
Defence Space CTF
1.4 GB
https://download.vulnhub.com/defencectf2017/DEFENCESPACECTF-2017.ova
Defenc Space CTF is our first Iso design to honor our fallen hero in the military who have fought to defend the integrity of our country Nigeria. The story line on the CTF are based on true life happening in Northern Nigeria, however we have adopted code name “Operation Lafia dole” , the cyber component of the operation to make the challenge more exciting to our players to puzzle the challenge.
Exercise start from simple information gathering which is applicable to both military and cyber based operation to complex infiltration and encryption been used by intelligence agency around the world to pass out secret. The player module uses tools in kali Linux to achieve it result. Other related information is on Open Source Data “goggle it”. It has 7 flags to be captured but so addictive said C.E.O of Silex Secure. Author’s Walkthrough: This works better with VirtualBox rather than VMware
4433D8F548821FF3776A703724065439
AC26DBD76DE8E85C8AE74832DCF42D2990A28DB5
Virtual Machine (Virtualbox - OVA)
Linux
Disabled
0.0.0.0

Breach: 1
30 Jun 2016
mrb3n
Breach
1.9 GB
https://download.vulnhub.com/breach/Breach-1.0.zip
First in a multi-part series, Breach 1.0 is meant to be beginner to intermediate boot2root/CTF challenge. Solving will take a combination of solid information gathering and persistence. Leave no stone unturned.
The VM is configured with a static IP address (192.168.110.140) so you will need to configure your host-only adaptor to this subnet. Many thanks to knightmare and rastamouse for testing and providing feedback. Shout-out to g0tmi1k for maintaining #vulnhub and hosting my first challenge. If you run into any issues, you can find me on Twitter: https://twitter.com/mrb3n813 or on IRC in #vulnhub. Looking forward to the write-ups, especially any unintended paths to local/root. Note, you may need to use 7zip to extract the ZIP.
F15490856100B3164D4E6807CFF744C5
812D56D6071A1859F03446FEE34532AC6A785414
Virtual Machine (Virtualbox - OVA)
Linux
Disabled
192.168.110.140

Teuchter: 0.3
3 Nov 2016
knightmare
Teuchter
905 MB
https://download.vulnhub.com/teuchter/Teuchter_0.3.ova
Welcome to another boot2root / CTF this one is called Teuchter. The VM is set to grab a DHCP lease on boot. As with my previous VMs, there is a theme, and you will need to snag the flag in order to complete the challenge. Less hochmagandy and more studying is needed for this one!
A word of warning: The VM has a small HDD so please set the disk to non persistent so you can always revert. You may need to set the MAC to 00:0C:29:65:D0:A0 too. Hints for you: SHA1SUM: b5a89761b0a0ee9f0c5e1089b2fde9649ba76b3f Teuchter_0.3.ova## Change Logv0.2 - 2016-11-02v0.3 - 2016-11-03 (Fix for VirtualBox users)
DB91E8EC8F71C190429E1930B5B7FAEA
B5A89761B0A0EE9F0C5E1089B2FDE9649BA76B3F
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Violator: 1
4 Jul 2016
knightmare
Violator
1.1 GB
https://download.vulnhub.com/violator/violator.ova
Welcome to another boot2root / CTF this one is called Violator. The VM is set to grab a DHCP lease on boot. As with my previous VMs, there is a theme, and you will need to snag the flag in order to complete the challenge.
A word of warning: The VM has a small HDD so you can brute force, but please set the disk to non persistent so you can always revert. Some hints for you: SHA1SUM: 47F68241E95E189126E94A38CB4AD461DD58EE88 violator.ova Many thanks to BenR and GKNSB for testing this CTF. Special thanks and shout-outs go to BenR, Rasta_Mouse and g0tmi1k for helping me to learn a lot creating these challenges.
3C5FC44961C814D2A300779089C2EFF7
47F68241E95E189126E94A38CB4AD461DD58EE88
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

IMF: 1
30 Oct 2016
Geckom
IMF
1.6 GB
https://download.vulnhub.com/imf/IMF.ova
Welcome to “IMF”, my first Boot2Root virtual machine. IMF is a intelligence agency that you must hack to get all flags and ultimately root. The flags start off easy and get harder as you progress. Each flag contains a hint to the next flag. I hope you enjoy this VM and learn something.
Difficulty: Beginner/Moderate Can contact me at: geckom at redteamr dot com or on Twitter: @g3ck0m
9B9201C7E33C850C641055DA2CE0D26E
E1016E6FB29A5F5A6E83050760F0C8495CE1F716
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

Tommy Boy: 1
27 Jul 2016
Brian Johnson
Tommy Boy
1.4 GB
https://download.vulnhub.com/tommyboy/TommyBoy1dot0.ova
=================
HOLY SCHNIKES! Tommy Boy needs your help! The Callahan Auto company has finally entered the world of modern technology and stood up a Web server for their customers to use for ordering brake pads. Unfortunately, the site just went down and the only person with admin credentials is Tom Callahan Sr. - who just passed away! And to make matters worse, the only other guy with knowledge of the server just quit! You’ll need to help Tom Jr., Richard and Michelle get the Web page restored again. Otherwise Callahan Auto will most certainly go out of business ================= The primary objective is to restore a backup copy of the homepage to Callahan Auto’s server. However, to consider the box fully pwned, you’ll need to collect 5 flags strewn about the system, and use the data inside them to unlock one final message. ================= =================
E7CBE794995EA7C0344A354F339495D1
E26272DB76CA014BA8FD523D8AFC06E2C18F847C
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign

The Necromancer: 1
6 Jul 2016
Xerubus
The Necromancer
330 MB
https://download.vulnhub.com/necromancer/necromancer.ova
Title: The Necromancer
File: necromancer.ova md5sum: 6c4cbb7776acac8c3fba27a0c4c8c98f sha1sum: 712d4cfc19199dea92792e64a43ae7ac59b1dd05 Size: 345MB Hypervisor: Created with VirtualBox 5.0.20. Tested with virtualbox and vmware player. Author: @xerubus Test Bunnies: @dooktwit and @RobertWinkel Difficulty: Beginner The Necromancer boot2root box was created for a recent SecTalks Brisbane CTF competition. There are 11 flags to collect on your way to solving the challenging, and the difficulty level is considered as beginner. The end goal is simple… destroy The Necromancer!
6C4CBB7776ACAC8C3FBA27A0C4C8C98F
712D4CFC19199DEA92792E64A43AE7AC59B1DD05
Virtual Machine (Virtualbox - OVA)
BSD
Enabled
Automatically assign

Billy Madison: 1.1
14 Sep 2016
Brian Johnson
Billy Madison
1.6 GB
https://download.vulnhub.com/billymadison/BillyMadison1dot1.zip
: do not use host-only mode, as issues have been discovered. Set the Billy Madison VM to “auto-detect” to get a regular DHCP address off your network.
: Help Billy Madison stop Eric from taking over Madison Hotels! Sneaky Eric Gordon has installed malware on Billy’s computer right before the two of them are set to face off in an academic decathlon. Unless Billy can regain control of his machine and decrypt his 12th grade final project, he will not graduate from high school. Plus, it means Eric wins, and he takes over as head of Madison Hotels! : The primary objective of the VM is to figure out how Eric took over the machine and then undo his changes so you can recover Billy’s 12th grade final project. You will need to root the box to complete this objective. : : :## Changelog2016-09-09 - v1.0 (Initial release)2016-09-14 - v1.1 (Fix for VirtualBox users - Thanks @CRWhiteHat)
3E284F68E734A717BB87964734863962
4C907598C0C522C6D2AA20653699198F15C46009
Virtual Machine (Virtualbox - OVA)
Linux
Enabled
Automatically assign
【VulnHub】【2023年07月18日】最新全部靶场详情（中）

你可能感兴趣的:(Vulnhub,渗透测试,靶场)
