Skip to main content
June-2024 Updates - New Exclusive Content
Diablo avatar
Written by Diablo
Updated over 6 months ago

We’ve introduced three new exclusive machines, three training machines, and four exclusive Sherlocks to Dedicated Labs.


NEW EXCLUSIVE MACHINES

Playground

Difficulty

Hard - Penetration Testing Level 2

Areas of Interest

Active Directory

Technologies

Windows Active Directory

Skills

ASREPRoasting, Kerberoasting, DACL Attacks, BloodHound

Art

Difficulty

Easy - Penetration Tester Level 1

Areas of Interest

Web Applications, Injection, Threat Intelligence, Vulnerability Assessment, Software & OS Exploitation

Technologies

XAMPP, HttpFileServer

Skills

CVE Exploitation

Bridging

Difficulty

Hard - Penetration Tester Level 3

Areas of Interest

Web Applications, Common Applications, Niche Technologies, Machine Learning

Technologies

Gogs, AI/ML

Skills

AI/ML Exploitation


NEW TRAINING MACHINES

The retired community machines from 20th May to 20th June are detailed below.

Crafty

  • An easy-difficulty Windows Machine featuring the exploitation of a Minecraft server.

POV

  • A medium Windows Machine that starts with a webpage featuring a business site

Analysis

  • A hard-difficulty Windows Machine, featuring various vulnerabilities, focused on web applications, Active Directory (AD) privileges, and process manipulation.

Bizness

  • An easy Linux Machine showcasing an Apache OFBiz pre-authentication, remote code execution (RCE) foothold, classified as CVE-2023-49070.


Exclusive Sherlocks

OpShieldWall-5

Difficulty

Medium

Category

Operator

Technology

WebApp

As a member of the Velorian government's offensive team, you are tasked with taking down and seizing the RedBadger Ransomware site. Please begin by identifying a vulnerability on their site, exploiting it, and posting a takedown notice from the Velorian government and our partners. We will not tolerate ransomware operators targeting our country's infrastructure. Additionally, please forward any intelligence gathered from the site to our reversing team.

OpShieldWall-6

Difficulty

Hard

Category

Malware Analysis

Technology

Ransomware

Our offensive team successfully retrieved the ransomware source from the RedBadger site, which likely impacted our environments. You are assigned to collaborate with our reverse engineering and malware analysis teams to analyze these malicious payloads. Your objectives are to reverse the encryption of some critical files and provide crucial Indicators of Compromise (IOCs).

OpShieldWall-7

Difficulty

Insane

Category

DFIR

Technology

WebApp, Election System

The Velorian elections polling finished. Before we announce the winner we need to perform an analysis of our electoral systems as we suspect rigging has occurred. Please proceed with the analysis of the Velorian Election System (VES) and confirm if it has been compromised and if our elections have been manipulated by the Ravenskian government as suspected. The fate of Veloria is in your hands.

Pulse

Difficulty

Easy

Category

SOC

Technology

Windows,ELK, IVANTI

Pulse is an easy-difficulty Sherlock where you will be provided with

the opportunity to investigate the compromise of a corporate environment

utilising HELK. The incident begins with the compromise of Forela's edge device leading to a full domain compromise.

Pulse has been created in collaboration with Hack The Box's partner,

Aspire Technology Solutions Ltd and recreates a closed-source incident witnessed by Aspire's MSSP service.


Looking for more content, features, or a place to leave feedback?

Book your spot for a 15-minute call where we can discuss how to level up your training!

Did this answer your question?