Categories
CTF's My CTF's

Presidential CTF

Presidential is my third Capture the Flag exercise. It is rated as Medium to Hard – I wouldn’t say the exploitation techniques are necessarily difficult on this server, but this box will definitely test your enumeration skills. If you need a hint, feel free to contact me – but enumerate harder first.

Enumerate Enumerate Enumerate

This is the best advice I can give you.

Download Now

Synopsis:

The Presidential Elections within the USA are just around the corner (November 2020). One of the political parties is concerned that the other political party is going to perform electoral fraud by hacking into the registration system, and falsifying the votes.

The state of Ontario has therefore asked you (an independent penetration tester) to test the security of their server in order to alleviate any electoral fraud concerns (I’m aware Ontario isn’t a real US state – this is meant to be fictional). Your goal is to see if you can gain root access to the server – the state is still developing their registration website but has asked you to test their server security before the website and registration system are launched.

This CTF was created and has been tested with VirtualBox. It should also be compatible with VMWare and is DHCP enabled.

You can download the CTF here. I look forward to your feedback.

SHA-256: 1d402ad612251e4b07bf990d7f55f1d3c5158bf9c0aad4e3663526f4d06a3e97
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEbBiicuM2ITDGGcOJPvHWS2kZ5UMFAl7334kACgkQPvHWS2kZ
5UMx4hAAn8P9vng05Q7O4VUpmpnTHZIn8e1lpjNUAy7Gt5coPbmvlEqIHp+kqLtO
IH9omyBndDN6D8xa1FkfLYjUF5J9xKAXgU7JfY+dbDtWBmRD+62X1C0BO3m1M+FX
y/C76sVfzI9k7nFas+nv/GI4J4jYbDSSBrA8dO7IXH7OUzxF24TsU610IkNxjO6e
Oucora8F/ayZ3ZCAvN+ogHggFYoj0cQs5SZuY5W5A6SK8qw7t4qN8j88Qjffh+I0
Kp0bF9GwfhDxIPZ64vYVo1BqpDKMFA2S7MFuuZFxsYOSOfnLv09jdxn8N/nKaNHE
azRn4tBsj6ougwgqaenH3tA8wQqcnZDqoLDtBVujXSANVL7lrP2tbwrbCNZz/j7m
mPLmoyPjWbeluGXsFgx/Y/xppOrBJ4TjhXcq8Uoy+Ej7UZmTgb3xxJwdIR9tTbcj
3epu3xsG5xOA+ZZ2Qh3SzNDKtcifCnTXo4ZcyUKRN70SSTvib5uY01IoQj/0E3tM
L4cjO+Rd1ottCdOPNXQvh7pH91hfKOXx8NBmMeSd5SAYNkpBGf76/5Ja8pQB1g+Z
h9hRaoeqedcI5K97Mp1N4SqKBy3Y5pEYx9HLW1kJZpfwW1cljrUTl7NGdLo8NEqG
U+x8r+DqQrapCf/TV/05rHIUuHuCHCrXDbE6KL5dZZCc5PQKIG4=
=9xw4
-----END PGP SIGNATURE-----

4 replies on “Presidential CTF”

hi,
unable to find anything useful after doing enumeration via gobuster (dir, vhost modes), nmap only2 ports, SSH only PUB key ? any clue? on how to proceed ?

Hi.

As this is a relatively new machine, I don’t want to give hints in the comments of this post yet – if you need a hint, can you kindly fill out my contact form and I can provide you some guidance?

Many thanks

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.