Level09 provides us with a C setuid wrapper for some vulnerable PHP code.

level10 provides us with the following source code:

The next level provides us with some perl code:

Level06 specifies that “The flag06 account credentials came from a legacy unix system.”

[Level05] instructs us to “Check the flag05 home directory. You are looking for weak directory permissions”

The details page for Level03 contains a hint directing us to the home directory of flag03. After navigating to the target home directory and listing out the files, I was presented with a shell script called writable.sh and a directory called writable.d.

Level04 was one of my favorite challenges out of the entire series. The post below documents my solution.

The next level, Level01, provides some C code for the user to evaluate. The code contains a vulnerability that allows arbitrary programs to be executed. This post will outline the steps I took to solve the challenge.

Level02 instructs us to review some vulnerable C code and locate the attack vector. This program addresses the vulnerability from the previous level but a new vector is available.

After completing some of my certifications, I decided to get back to some of the challenges and coding practice. My good friend Kristian suggested the war games over at Exploit Exercises. Starting with Nebula, I will outline some walkthroughs of my solutions to the levels (00-19). I will split each level into a separate post in order to not spoil any of the challenges for someone just looking for a hint on a single level.