Skip to main contentSkip to main content
Room Banner
Room Icon

Easy Peasy

Practice using tools such as Nmap and GoBuster to locate a hidden directory to get initial access to a vulnerable machine. Then escalate your privileges through a vulnerable cronjob.

easy

45 min

44,757

User profile photo.

To access material, start machines and answer questions login.

Score updated
Score updated

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machine
Status:Off
Lab machine
Status:Off

Deploy the machine attached to this task and use to enumerate it.

MACHINE_IP

Answer the questions below
How many ports are open?

What is the version of nginx?

What is running on the highest port?

Now you've enumerated the machine, answer questions and compromise it!

Answer the questions below
Using GoBuster, find flag 1.

Further enumerate the machine, what is flag 2?

Crack the hash with easypeasy.txt, What is the flag 3?

What is the hidden directory?

Using the wordlist that provided to you in this task crack the hash
what is the password?

What is the password to login to the machine via SSH?

What is the user flag?

What is the root flag?

We use cookies to ensure you get the best user experience. For more information see our cookie policy.