Help shows a number or niche techniques and pivoting options, it keeps on showing interesting attack vectors but doesn’t become annoying or unnecessary complicated at any point. It’s fun and enjoyable through the whole time. It also has a few ways to be solved which is always fun to try after the initial root. At some points there is an opportunity for some minor rabbit holes - which I of course found - but it was a good reminder to not be afraid to go a few steps back and double-check your notes.
MonteVerde is a pretty straightforward machine, it shows a niche technique of privilege escalation with Azure AD Connect but besides it, it’s pretty typical in terms of pivoting, enumeration, and gaining the foothold. Still, there aren’t many boxes that touch Azure so it was really interesting to explore it.
Servmon is a relatively simple machine. There are two public exploits that can be used to finish it and a Metasploit script for even less hustle. The level of complexity highly depends on your approach. Overall a good machine to try out.
Updown is a really challenging machine very focused on niche web exploitation, solid code review and careful parameter manipulation to actually exploit the attack vectors.
Sauna is an interesting machine. It goes through a relatively straight-forwards attack path but I fell into a number of false assumptions and rabbit-holes which costed me a lot of time. It’s serves as a great reminder to perform a full enumeration before jumping into any conclusions, to leave no stone upturned and to pay attention to small details.
Escape is a great machine covering basic network enumeration, intermediate knowledge about MSSQL attack vectors and escalation with ADCS. It doesn’t show any niche techniques or obscure vulnerabilities but provides some great fundamental challenges with a seamless and intuitive attack path.
Busqueda introduces a solid code review exercise, working with repositories and custom scripts. It’s heavy on careful code enumeration and gradual pivoting granting further access. Very fun and insightful!
Craft is a challenging box focused on API abuse, code review, and exploitation of insecure application logic. It required careful analysis of a vulnerable API, understanding how user input flows through the system, and leveraging injection techniques to achieve code execution. It was a tough one for sure, but very much worth it.
Authority is an interesting take on Windows and Active Directory attacks, it demonstrates a mix of known techniques and a niche pathways that I was not familiar with. It took a seemengly trivial AD privilege escalation and introduced a number of fun challenges that made the box interesting at each part of completion.
