QA/QC Survey1

[kirk-bond]

• Name: survey1
• Designer: Kirk
• Category: Linux
• Description: Connect to the implant, survey your environment, and send me the flag.
• Required Resources: Survey tools (ifconfig, arp, iptables, nmap); Probe tools (nc, nmap, curl, wget, tcpdump, python)
• Flag: acsc18{webheader_owngoal}

When you are done with the QA/QC, please enter a comment stating so and how you would rate the difficulty. If you see any issues please note them in the comment as well.

• [x] Dockerized
• [x] Tested
• [x] Loaded to Game Engine
• [x] Loaded to Environment
• [x] Tested in Environment

Difficulty key

0 - No background 3 - JCAC (Basic) 6 - Scripting (Senior) 9 - Reverse Engineer (Master)

Instructions: For each new challenge complete the above information. Assign the "QA/QC" and "Load Game Engine", labels to all challenges. If required add "Dockerize" and "Challenge Server" for challenges that need to be dockerized or will have to be hosted on the challenge server

[ghost]

When I ran (sudo docker-compose up) I got an survey1_implant exited with code 0. I modified the docker-compose.yml and added (tty: true) to the implant. Spun up without issues.

I checked /usr/bin to see what I had access to and noticed nmap had setuid privileges. I then used (nmap -PE 10.0.0.0/24) to find devices on the network. I confirmed the flag working, used (echo -e "GET / HTTP/1.1\r\n\r\n" | nc 10.0.0.7 8000)

[ghost]

Difficulty: 5

[kirk-bond]

Tested on game engine