Skip to main content


Showing posts from September, 2017

Vulnhub IMF 1 – Boot2Root

Author: 5k33tz The VM for the CTF challenge is located at,162/ Description: IMF is a intelligence agency that you must hack to get all flags and ultimately root. The flags start off easy and get harder as you progress. Each flag contains a hint to the next flag. I hope you enjoy this VM and learn something. Difficulty: Beginner/Moderate I started off with an nmap scan for to get a lay of open ports: nmap -p 1-65535 -T4 -A -v Nothing too interesting, except port 80/tcp open. On the “Contact Us” page we’re able to see a couple employee emails: Roger S. Michaels – Director rmichaels@imf.local Alexander B. Keith – Deputy Director akeith@imf.local Elizabeth R. Stone – Chief of Staff estone@imf.local We find the first flag in the source of the contact.php page: <!– flag1{YWxsdGhlZmlsZXM=} –> Decoding the string, we get the contents of flag1: echo YWxsdGhlZmlsZXM= | base64 --decode Flag1: al