Skip to main content
Room Banner
Room Icon

kiba

Identify the critical security flaw in the data visualization dashboard, that allows execute remote code execution.

easy

45 min

21,409

User profile photo.

To access material, start machines and answer questions login.

Score updated
Score updated

Set up your virtual environment

To successfully complete this room, you'll need to set up your virtual environment. This involves starting both your AttackBox (if you're not using your VPN) and Target Machines, ensuring you're equipped with the necessary tools and access to tackle the challenges ahead.
Attacker machine
Status:Off
Lab machine
Status:Off
Are you able to complete the challenge?
The machine may take up to 7 minutes to boot and configure
Answer the questions below
What is the vulnerability that is specific to programming languages with prototype-based inheritance?

What is the version of visualization dashboard installed in the server?

What is the CVE number for this vulnerability? This will be in the format: CVE-0000-0000

Compromise the machine and locate user.txt

Capabilities is a concept that provides a security system that allows "divide" root privileges into different values

How would you recursively list all of these capabilities?

Escalate privileges and obtain root.txt