Intermediate, Rootable, Timed

legacy / 0.0.0.0

7: Flags (3:app, 2:system, env, root)
1: Service
6,200 pts
Avg. headshot: 44,823 minutes

A system in honor of the famous NCSA web server and its awesome scripts
88%

Level 9 / Junior PenTester

R4V3N / 197th Place

6: Flags found
1: Service discovered
6,100 pts

Euh !

A system in honor of the NCSA web server, full of its original Common Gateway Interface utilities.

Needless to say these are old, just like one of the multiple ways you can gain access to this system. Escalation needs no actual programming experience, but you have to know how a unix system tries to find the commands you run.

Try not to get to hurt the target too much, you dont want to make its bleed its heart out.

86 Headshots (newer first)

lieah, jacbra, Praise, s4wbvnny, c0nfirm, hackercon101, Caritattriste, Astralis, stellarix, 0xaNr, Ckabos, Khelthal, cavca2012, 0xL3dAv, Atlantica, doofyr, Ghidra, XMLRPC, ch3l1
uApocryphon, L4R05, michyamrane, Inj3c7i0n, 1337devil, niggurath, u6g3n7, pap4s, mokrates, MrGhost, canary, bytebender, 0x4d0k, ks4v3r, mordo3, SantyNog7, D4rkZone, S4lch1, StrongShiv8, xRuL0, Winsad, j0r38, eltico, antonioban, jaxafed, D5yR4Mx0, noother, b4zb0z, Xblb4, No0ne, shuciran

3 Writeups by:

r0b0tG4nG (en) 2 - Nicehackercon101 (en) 5 - Excellentc0nfirm (en) Not rated!

Activity Stream

Latest activity on the platform

R4V3N Discovered the ETSCTF username flag under the shadow file of legacy for 1300 points, 38 months ago
R4V3N Gained access to data stored in environmental variables of legacy for 900 points, 38 months ago
R4V3N Got the /root flag folder of legacy for 1500 points, 38 months ago
R4V3N Got the ETSCTF username flag from the /etc/passwd file of a server for 1300 points, 38 months ago
R4V3N Discovered a flag cgi on a target service for 500 points, 38 months ago
R4V3N Discovered a flag on a cgi script of a target that shows how long the system is up for 500 points, 38 months ago
R4V3N Discovered a service on a target host for 100 points, 38 months ago