Hi, from the other side of the wire!
On this post, I want to highlight a new VM that I made to accentuate web application vulnerabilities. This vulnerable-by-design box depicts a hacking company known as H.A.S.T.E, or Hackers Attack Specific Targets Expeditiously, capable of bringing down any domains on their hit list.
I would like to classify this challenge with medium difficulty, requiring some trial and error before a successful takeover can be attained. You don’t have to root this machine to complete the challenge! All you have to do is get some sort of shell on it.
The H.A.S.T.E VM can be downloaded with the link below:
You will need VMWare Player to virtualize the VMX.
If you enjoy web application flaws, you should have fun with this challenge. Let me know how it goes and feedback is always welcomed! Looking forward to solutions.
EDIT: I’ve been very pleased with the amount of people attempting to solve this challenge. By far I’ve had 3 successfull researchers. The first was MrMxyzptlk, then Dweezy, and finally Amonsec with the fantatic walkthrough. I will be developing other VM’s that are a bit more complex to challege the security community. Thank you all for playing!