Flick 2

date

8 Februar 2016

Validierung

10 Compromissions 10%

Bewertung

1 Bewerten

Beschreibung

Your challenge, should you choose to accept, is to gain root access on the server! The employees over at Flick Inc. have been hard at work prepping the release of their server checker app. Amidst all the chaos, they finally have a version ready for testing before it goes live.

You have been given a pre-production build of the Android .apk that will soon appear on the Play Store, together with a VM sample of the server that they want to deploy to their cloud hosting provider.

The .apk may be installed on a phone (though I wont be offended if you don’t trust me ;]) or run in an android emulator such as the Android Studio (https://developer.android.com/sdk/index.html).

Zeit der Kompromittierung

4 Stunden

Betriebssystem

linux

diese virtuelle Umgebung starten

Ergebnisse des CTF alltheday für Flick 2

Nickname	Virtual Machine	Anzahl der Angreifer	Begonnen am	Maschine kompromittiert in
-	Flick 2	0	23. Januar 2019 zu 16:50	-
-	Flick 2	1	12. Oktober 2018 zu 13:26	-
dalifit	Flick 2	1	2. Oktober 2018 zu 17:29	1h52
-	Flick 2	0	17. Juli 2018 zu 18:03	-
-	Flick 2	0	27. Mai 2018 zu 13:18	-

177 Virtuals Environnements

Ergebnis	Name	Validierung	Schwierigkeitsgrad	Autor	Bewertung
	Challenge SecuriTech	1% 13
	Windows XP pro 01	5% 497		g0uZ
	Exploit KB Vulnerable Web App	12% 306
	Holynix v1	24% 292
	Kioptrix level 2	25% 972
	Kioptrix level 3	32% 575
	Kioptrix level 4	35% 462
	LAMP security CTF4	35% 2724
	LAMP security CTF5	25% 3890
	LAMP security CTF6	18% 606
	Metasploitable	12% 1730
	Metasploitable 2	40% 8621
	Moth	20% 107
	pWnOS	32% 402
	Ubuntu 8.04 weak	5% 206		g0uZ
	Ultimate LAMP	18% 148
	VulnVoIP	17% 858
	VulnVPN	12% 60
	LAMP security CTF8	14% 291
	LAMP security CTF7	39% 891
	Hackademic RTB1	19% 364
	No Exploiting Me	14% 54
	SamBox v1	7% 724		sambecks
	SamBox v2	13% 989		sambecks
	RA1NXing Bots	7% 16
	Murdering Dexter	16% 49
	LoBOTomy	4% 9
	Vulnix	2% 13
	Xerxes	3% 18
	Infernal Hades	6% 15
	SkyTower	24% 213
	Bluebox - Microsoft Pentest	4% 419
	Acid: Reloaded	18% 176
	Acid: Server	12% 219
	CsharpVulnJson	6% 14		notfound404
	CsharpVulnSoap	9% 8
	/dev/random : Pipe	5% 236
	/dev/random : Relativity	7% 97
	/dev/random : Sleepy	4% 44
	brainpan1	4% 82
	LordoftheRoot	25% 232
	Flick 1	8% 64
	Flick 2	10% 10
	FristiLeaks 1.3	28% 215
	The Purge	5% 14
	SickOs: 1.1	13% 91
	Xerxes: 2.0.1	13% 20
	brainpan2	9% 22
	brainpan3	6% 6
	SAP Pentest	7% 293		iggy