New exclusive Machines are available in Dedicated Labs.

Three (3) new exclusive Machines landed in Dedicated Labs, focusing on CVE exploitation, Linux Privilege Escalation, Password Cracking, and more!

Sekure

Learn how to extract an SSH key from a Git repository and reuse it for initial access. Gain experience in privilege escalation by exploiting a misconfigured sudo entry to run commands as root without a password.

Crushed

Exploit a CrushFTP instance using an unauthenticated file read vulnerability (CVE-2024-4040) to obtain credentials, then escalate to root by exploiting an unauthenticated remote code execution vulnerability (CVE-2023-43177).

Chaffinch

Exploit a Remote Code Execution vulnerability in GeoServer's handling of XPath expressions (CVE-2024-36401), followed by a Windows CSC Service privilege escalation vulnerability (CVE-2024-26229).