Blackguard Nuclear Labs is an up and coming private nuclear power plant. An unnamed government suspects that they may be manufacturing weapons grade Uranium and selling it to other countries.
As a freelance hacker, you have been tasked to gain access to their systems, compromise the internal network and collect evidence of illegal activity. If you find proof that they are selling weapons grade Uranium, you're tasked to destroy the centrifuges and disable the nuclear facility.
All Nuclear Power challenges (Nuclear-Access, Nuclear-Recon, Nuclear-0day, Nuclear-Proof and Nuclear-Hero) use this same vm image. As you compromise the BNL systems, you will collect the 5 flags available.
Download the virtual machine from this link: Download. Boot the VM which will get an IP via dhcp. Use any tools at your disposal to complete your mission.
-Good luck. We're all counting on you.
You are being hired to help identify a double agent working for an un-named government.
Recently, a SOC analyst identified a double agent logging into a remote tasking server to get a list of tasks from their handler using a proprietary client. They now know that there is a second double agent and they need your help to identify them.
You are being hired to hack the remote tasking system that double agents are using and identify the second double agent.
Below is the pcap of the one known double agent checking their tasks.
The double agent tasking system is at:
nc tasks.legalbutfrownedupon.com 1401
(Scanning the remote server is not needed. Reverse the communication to find how to login)
Flight of the Phoenix
Flight of the Phoenix
Intel sources just identified that terrorists have placed malware on several commercial passenger jetliners using mechanics with physical access to the planes. One of those planes was just nearly in a mid-air collision due to ATC receiving an inaccurate altitude and heading signal from the plane. All but one of the infected flights are already in the air. We can't simply have them land as any unusual activity could lead to the malware taking the planes down. We do not know what their intentions are at this point.
You are being hired to save these planes by completing the following tasks:
1. Get a seat on the last infected plane that has not yet taken off (flight 4225)
2. Once airborne, gain shell access to the in-flight entertainment system
3. Hack your way from the media system to be able to access the flight control system
4a. Find the malware running on the flight control system
4b. Reverse engineer the malware to see what changes it made to the flight controller
4c. Kill the malware from running on the flight controller
4d. Find an avionics device on the flight controller and abuse it to revert any changes to the flight control computer made by the malware
4e. Use that avionics device to confirm the flight controller is sending accurate data
Once you save flight 4225, we will have the information needed to remotely patch other flights already in the air and avoid a disaster.
All Flight of the Phoenix challenges (Tickets, Movie-Time, Flight-Deck and Stalling-Out) use this same VM image. A flag will be available after completing each of the above 4 tasks.
*Boot the VM with VMWare which will get an IP of 192.168.79.128.
*Put your attack VM on the same virtual network adapter and set your IP to be on the same /24 with a lower IP. (192.168.79.120 for example)
*Flags are encoded and need to be decoded before submission
*It is recommended you snapshot the VM as soon as you begin in case you need to revert during the challenge.