Intermediate, Rootable, Timed

legacy / 0.0.0.0

7: Flags (3:app, 2:system, env, root)
1: Service
6,200 pts
Avg. headshot: 46,426 minutes

A system in honor of the famous NCSA web server and its awesome scripts
88%

Level 11 / Senior PenTester

hazy / 148th Place

6: Flags found
1: Service discovered
2,650 pts

No bio...

A system in honor of the NCSA web server, full of its original Common Gateway Interface utilities.

Needless to say these are old, just like one of the multiple ways you can gain access to this system. Escalation needs no actual programming experience, but you have to know how a unix system tries to find the commands you run.

Try not to get to hurt the target too much, you dont want to make its bleed its heart out.

83 Headshots (newer first)

s4wbvnny, c0nfirm, hackercon101, Caritattriste, Astralis, stellarix, 0xaNr, Ckabos, Khelthal, cavca2012, 0xL3dAv, Atlantica, doofyr, Ghidra, XMLRPC, ch3l1, uApocryphon, L4R05, michyamrane
Inj3c7i0n, 1337devil, niggurath, u6g3n7, pap4s, mokrates, MrGhost, canary, bytebender, 0x4d0k, ks4v3r, mordo3, SantyNog7, D4rkZone, S4lch1, StrongShiv8, xRuL0, Winsad, j0r38, eltico, antonioban, jaxafed, D5yR4Mx0, noother, b4zb0z, Xblb4, No0ne, shuciran, mikejam, Clientname, Twelve

3 Writeups by:

r0b0tG4nG (en) 2 - Nicehackercon101 (en) Not rated!c0nfirm (en) Not rated!

Activity Stream

Latest activity on the platform

hazy Discovered a flag on a target web service for 50 points, 7 months ago
hazy Discovered the ETSCTF username flag under the shadow file of legacy for 650 points, 7 months ago
hazy Got the /root flag folder of legacy for 750 points, 7 months ago
hazy Discovered a flag cgi on a target service for 250 points, 7 months ago
hazy Got the ETSCTF username flag from the /etc/passwd file of a server for 650 points, 7 months ago
hazy Discovered a flag on a cgi script of a target that shows how long the system is up for 250 points, 7 months ago
hazy Discovered a service on a target host for 50 points, 7 months ago